Sujet Précédent Sujet Suivant

SVP analyse rapport Hijackthis

lutcha Messages postés 105 Statut Membre -  
lutcha Messages postés 105 Statut Membre -
Bonsoir à tous !
Pouvez-vous m'aider à "déchiffrer" ce rapport d'analyse Hijackthis ?
merci d'avance pour vos réponses et pour votre aide !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:40:13, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?7333b182ad2444bbad3f69b2345debae
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?7333b182ad2444bbad3f69b2345debae
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photoservice.photos.orange.fr/migrationorange/index.cfm
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
A voir également:

123 réponses

Précédent
Réponse 61 / 123
lutcha Messages postés 105 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26:59, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\winmine.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?7333b182ad2444bbad3f69b2345debae
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?7333b182ad2444bbad3f69b2345debae
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 62 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
cc_20080407_1512 supprime le

ton rapport hijackthis est propre

Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.

? Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.

http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

? Double clique sur ToolsCleaner2.exe >
? Clique sur .Recherche
? puis sur Suppression quand la liste est trouvée.
? Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

Tuto : https://www.commentcamarche.net/list 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
0
Réponse 63 / 123
lutcha Messages postés 105 Statut Membre
 
je le supprime, mais c'est quoi ce document.
Bon, sinon j'ai plus rien alors, plus de trojan...?
Tu veux pas savoir ce que antivir avait trouvé ?
0
Réponse 64 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
c est un fichier registre créé par clean certainement doc inutile t inquite pas

si tu as le rapport antivir je veux bien merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 123
lutcha Messages postés 105 Statut Membre
 
je vais désinstaller tous les logiciels de desinfection, mais j'ai encore une question : tout à l'heure je t'ai demandé si je pouvais supprimer player orange (regarde dans le rapport hijack, ligne 04(la18ème) tu me dis ça ok
0
Réponse 66 / 123
lutcha Messages postés 105 Statut Membre
 
dernier rapport antivir, c'était tout à l'heure :

08.04.2008 21:48:23 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
08.04.2008 21:48:23 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
08.04.2008 21:48:23 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47fbcc07\
08.04.2008 21:48:24 - Start the Update GUI... Displaymode: 1

08.04.2008 21:48:23 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
08.04.2008 21:48:23 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
08.04.2008 21:48:23 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47fbcc07\
08.04.2008 21:48:24 - Start the Update GUI... Displaymode: 1

08.04.2008 21:48:26 - Keyfile: OK [FULL Mode]

08.04.2008 21:48:26 - Avira AntiVir PersonalEdition Classic

08.04.2008 21:48:26 - Master IDX file has changed
08.04.2008 21:48:31 - Keyfile: OK [FULL Mode]

08.04.2008 21:48:32 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
08.04.2008 21:48:32 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/vdf.info.gz
08.04.2008 21:48:34 - Keyfile: OK [FULL Mode]

08.04.2008 21:48:34 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/specvir-nt.info.gz
08.04.2008 21:48:35 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/engine.info.gz
08.04.2008 21:48:35 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/engine-nt-en.info.gz
08.04.2008 21:48:36 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
08.04.2008 21:48:36 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
08.04.2008 21:48:38 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
08.04.2008 21:48:38 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
08.04.2008 21:48:38 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
08.04.2008 21:48:39 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.3.130 < 7.0.3.135
08.04.2008 21:48:39 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
08.04.2008 21:48:39 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
08.04.2008 21:48:39 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
08.04.2008 21:48:39 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
08.04.2008 21:48:39 - Minifilter is installed

08.04.2008 21:48:39 - Minifilter is possible

08.04.2008 21:48:39 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

08.04.2008 21:48:39 - Initialize avnotify.exe

08.04.2008 21:48:39 - Starting avnotify.exe successful

08.04.2008 21:48:39 - Preparing to download files
08.04.2008 21:48:39 - 1 files need to be downloaded / copied from http://dl5.avgate.net/upd/
08.04.2008 21:48:39 - #1: Downloading and extracting http://dl5.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47fbcc07\vdf\antivir3.vdf
08.04.2008 21:48:48 - Status of service AntiVirService is running

08.04.2008 21:48:48 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf.

08.04.2008 21:48:48 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf.

08.04.2008 21:48:48 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf.

08.04.2008 21:48:48 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf.

08.04.2008 21:48:48 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll.

08.04.2008 21:48:48 - Starting to install
08.04.2008 21:48:48 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47fbcc07\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
08.04.2008 21:48:48 - A total of 1 files were updated
08.04.2008 21:48:48 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

08.04.2008 21:48:48 - Status of service AntiVirService is running

08.04.2008 21:48:51 - Reinitialization of AntiVirService carried out successfully.

08.04.2008 21:48:51 - Dialup: 0

08.04.2008 21:48:51 - Downloaded bytes: 57374

08.04.2008 21:48:51 - Downloaded file(s): 1

08.04.2008 21:48:51 - Downloaded file(s): antivir3.vdf

08.04.2008 21:48:51 - Engine version local : 7.6.0.81

08.04.2008 21:48:51 - Engine version internet: 7.6.0.81

08.04.2008 21:48:51 - 0. VDF version local : 6.40.0.0

08.04.2008 21:48:51 - 0. VDF version internet: 6.40.0.0

08.04.2008 21:48:51 - 1. VDF version local : 7.0.3.2

08.04.2008 21:48:51 - 1. VDF version internet: 7.0.3.2

08.04.2008 21:48:51 - 2. VDF version local : 7.0.3.127

08.04.2008 21:48:51 - 2. VDF version internet: 7.0.3.127

08.04.2008 21:48:51 - 3. VDF version local : 7.0.3.130

08.04.2008 21:48:51 - 3. VDF version internet: 7.0.3.135

08.04.2008 21:48:51 - Required time: 00:27

08.04.2008 21:48:51 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

08.04.2008 21:48:52 - Update finished successfully
0
Réponse 67 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
oui tu peux le désinstaller sans crainte

et désinstal les logiciel de désinsfection
0
Réponse 68 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
le rapport de antivir c est le rapport de mise a jours lol
0
Réponse 69 / 123
lutcha Messages postés 105 Statut Membre
 
et ça c'est le premier qu'il a fait, quand je l'ai téléchargé, c'est-à-dire il y a 3jours, comme tu peux voir :

05.04.2008 18:21:34 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:21:34 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
05.04.2008 18:21:34 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\
05.04.2008 18:21:35 - Start the Update GUI... Displaymode: 0

05.04.2008 18:21:34 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:21:34 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
05.04.2008 18:21:34 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\
05.04.2008 18:21:35 - Start the Update GUI... Displaymode: 0

05.04.2008 18:21:37 - Keyfile: OK [FULL Mode]

05.04.2008 18:21:37 - Avira AntiVir PersonalEdition Classic

05.04.2008 18:21:41 - Master IDX file has changed
05.04.2008 18:21:46 - Keyfile: OK [FULL Mode]

05.04.2008 18:21:47 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/classic-nt-en.info.gz
05.04.2008 18:21:55 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:21:55 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/vdf.info.gz
05.04.2008 18:21:57 - Keyfile: OK [FULL Mode]

05.04.2008 18:21:57 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/specvir-nt.info.gz
05.04.2008 18:21:57 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/engine.info.gz
05.04.2008 18:21:58 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/engine-nt-en.info.gz
05.04.2008 18:21:59 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
05.04.2008 18:21:59 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll 1.2.10.20 < 1.2.10.21
05.04.2008 18:21:59 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
05.04.2008 18:21:59 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe 7.2.0.12 < 7.2.0.14
05.04.2008 18:21:59 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe 7.2.0.13 < 7.2.0.16
05.04.2008 18:21:59 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 7.0.0.81 < 7.0.0.82
05.04.2008 18:21:59 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccguard.dll 7.0.1.34 < 7.0.1.35
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe 7.0.0.34 < 7.0.0.36
05.04.2008 18:22:00 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
05.04.2008 18:22:00 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
05.04.2008 18:22:00 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf 7.0.0.0 < 7.0.3.2
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.0.1 < 7.0.3.85
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.0.2 < 7.0.3.121
05.04.2008 18:22:00 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
05.04.2008 18:22:00 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll 7.6.0.15 < 7.6.0.81
05.04.2008 18:22:00 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
05.04.2008 18:22:00 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avpack32.dll 7.3.0.15 < 7.6.0.3
05.04.2008 18:22:00 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
05.04.2008 18:22:00 - C:\WINDOWS\SYSTEM32\drivers\avipbb.sys 1.0.2.11 < 1.0.2.13
05.04.2008 18:22:00 - Minifilter is installed

05.04.2008 18:22:00 - Minifilter is possible

05.04.2008 18:22:00 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

05.04.2008 18:22:00 - Initialize avnotify.exe

05.04.2008 18:22:00 - Starting avnotify.exe successful

05.04.2008 18:22:00 - Preparing to download files
05.04.2008 18:22:00 - 13 files need to be downloaded / copied from http://dl7.avgate.net/upd/
05.04.2008 18:22:00 - #1: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/updlib.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/updlib.dll
05.04.2008 18:22:02 - #2: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/avcenter.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/avcenter.exe
05.04.2008 18:22:03 - #3: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/avgnt.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/avgnt.exe
05.04.2008 18:22:03 - #4: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/avguard.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/avguard.exe
05.04.2008 18:22:04 - #5: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/ccguard.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/ccguard.dll
05.04.2008 18:22:05 - #6: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/preupd.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/preupd.exe
05.04.2008 18:22:06 - #7: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/addr_file.html.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/addr_file.html
05.04.2008 18:22:07 - #8: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir1.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir1.vdf
05.04.2008 18:22:20 - #9: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir2.vdf
05.04.2008 18:22:21 - #10: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir3.vdf
05.04.2008 18:22:22 - #11: Downloading and extracting http://dl7.avgate.net/upd/engine/avewin32.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\avewin32.dll
05.04.2008 18:22:26 - #12: Downloading and extracting http://dl7.avgate.net/upd/engine/nt/avpack32.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\nt\avpack32.dll
05.04.2008 18:22:27 - #13: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/basic-nt/avipbb.sys.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/avipbb.sys
05.04.2008 18:22:33 - Service AVEService is not installed

05.04.2008 18:22:33 - Service AntiVirMailService is not installed

05.04.2008 18:22:33 - Initialize fwinst.exe

05.04.2008 18:22:33 - Initialize fwinst.exe

05.04.2008 18:22:33 - Service AntiVirFirewallService is not installed

05.04.2008 18:22:33 - Service antivirwebservice is not installed

05.04.2008 18:22:33 - Status of service AntiVirService is running

05.04.2008 18:22:33 - Initialize avgnt.exe

05.04.2008 18:22:33 - Status of service AntiVirScheduler is running

05.04.2008 18:22:33 - Minifilter is installed

05.04.2008 18:22:33 - Minifilter is possible

05.04.2008 18:22:33 - Initialize avscan.exe

05.04.2008 18:22:33 - Initialize avconfig.cpl

05.04.2008 18:22:33 - Initialize avcenter.exe

05.04.2008 18:22:33 - shell extension is installed

05.04.2008 18:22:33 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

05.04.2008 18:22:33 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

05.04.2008 18:22:33 - Service AVEService is not installed

05.04.2008 18:22:33 - Service AntiVirMailService is not installed

05.04.2008 18:22:33 - Initialize fwinst.exe

05.04.2008 18:22:33 - Initialize fwinst.exe

05.04.2008 18:22:33 - Service AntiVirFirewallService is not installed

05.04.2008 18:22:33 - shell extension is installed

05.04.2008 18:22:33 - Initialize regsvr32.exe

05.04.2008 18:22:34 - shell extension removed successfully

05.04.2008 18:22:34 - avgnt.exe closed.

05.04.2008 18:22:34 - Status of service AntiVirScheduler is running

05.04.2008 18:22:34 - Service AntiVirScheduler successfully stopped

05.04.2008 18:22:34 - Status of service AntiVirService is running

05.04.2008 18:22:36 - Service AntiVirService successfully stopped

05.04.2008 18:22:36 - Starting to install
05.04.2008 18:22:36 - Processing module SELFUPDATE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:36 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\SelfUpdateTemp\update.exe --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}".Self Update helper
05.04.2008 18:22:37 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:37 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
05.04.2008 18:22:37 - Temp Directory: C:\WINDOWS\TEMP\Update_Temp\
05.04.2008 18:22:37 - Avira AntiVir PersonalEdition Classic

05.04.2008 18:22:37 - Self update: Copying file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt/updlib.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
05.04.2008 18:22:37 - Executing original update application
05.04.2008 18:22:37 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe --config-file="C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\update.conf" --install-path="C:\Program Files\Avira\AntiVir PersonalEdition Classic" --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}" --NoSelfUpdate "--TmpDir=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e" "--LogFile=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-04-05-18-21-34.log" "--TmpFilesList=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\ToRemove.txt".Executing original update application
05.04.2008 18:22:38 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:38 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
05.04.2008 18:22:38 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\
05.04.2008 18:22:38 - Start the Update GUI... Displaymode: 0

05.04.2008 18:22:38 - Avira AntiVir PersonalEdition Classic

05.04.2008 18:22:38 - Master IDX file has changed
05.04.2008 18:22:38 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:38 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:38 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:38 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:38 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:38 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
05.04.2008 18:22:39 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/vdf.info.gz
05.04.2008 18:22:39 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/specvir-nt.info.gz
05.04.2008 18:22:39 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/engine.info.gz
05.04.2008 18:22:39 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/engine-nt-en.info.gz
05.04.2008 18:22:39 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
05.04.2008 18:22:39 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
05.04.2008 18:22:39 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
05.04.2008 18:22:39 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
05.04.2008 18:22:39 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
05.04.2008 18:22:39 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
05.04.2008 18:22:39 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
05.04.2008 18:22:39 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
05.04.2008 18:22:39 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
05.04.2008 18:22:39 - Minifilter is installed

05.04.2008 18:22:39 - Minifilter is possible

05.04.2008 18:22:39 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

05.04.2008 18:22:39 - Preparing to download files
05.04.2008 18:22:39 - 12 files need to be downloaded / copied from http://dl5.avgate.net/upd/
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\avcenter.exe.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\avgnt.exe.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\avguard.exe.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\ccguard.dll.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\preupd.exe.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\addr_file.html.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:39 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir1.vdf.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir2.vdf.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\antivir3.vdf.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\avewin32.dll.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\nt\avpack32.dll.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\basic-nt\avipbb.sys.gz already exists in temporary folder and it will not be downloaded again
05.04.2008 18:22:40 - Starting to install
05.04.2008 18:22:41 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:41 - File C:\Documents and Settings\All Users\Application Data\addr_file.html will not be backed up because it doesn't exist
05.04.2008 18:22:41 - Processing module COMMAPPDATA Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\
05.04.2008 18:22:41 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:41 - Processing module ENGINE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:42 - Processing module ENGINE_NT_EN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
05.04.2008 18:22:42 - Processing module DRV Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47f7a70e\winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\
05.04.2008 18:22:42 - A total of 12 files were updated
05.04.2008 18:22:42 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

05.04.2008 18:22:42 - Service AVEService is not installed

05.04.2008 18:22:42 - Service AntiVirMailService is not installed

05.04.2008 18:22:42 - Initialize fwinst.exe

05.04.2008 18:22:42 - Initialize fwinst.exe

05.04.2008 18:22:42 - Service AntiVirFirewallService is not installed

05.04.2008 18:22:42 - Service antivirwebservice is not installed

05.04.2008 18:22:42 - Status of service AntiVirService is stopped

05.04.2008 18:22:42 - Initialize avgnt.exe

05.04.2008 18:22:42 - Status of service AntiVirScheduler is stopped

05.04.2008 18:22:42 - Minifilter is installed

05.04.2008 18:22:42 - Minifilter is possible

05.04.2008 18:22:42 - Initialize avscan.exe

05.04.2008 18:22:42 - Initialize avconfig.cpl

05.04.2008 18:22:42 - Initialize avcenter.exe

05.04.2008 18:22:42 - shell extension is installed

05.04.2008 18:22:42 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

05.04.2008 18:22:42 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

05.04.2008 18:22:47 - Service AntiVirService successfully started

05.04.2008 18:22:48 - Starting avgnt.exe successful

05.04.2008 18:22:49 - Service AntiVirScheduler successfully started

05.04.2008 18:22:49 - shell extension is installed

05.04.2008 18:22:49 - Initialize regsvr32.exe

05.04.2008 18:22:50 - installation of shell extension successful

05.04.2008 18:22:50 - Cannot start the service antivirwebservice

05.04.2008 18:22:50 - Dialup: 0

05.04.2008 18:22:50 - Downloaded bytes: 8283369

05.04.2008 18:22:50 - Downloaded file(s): 13

05.04.2008 18:22:50 - Downloaded file(s): updlib.dll; avcenter.exe; avgnt.exe; avguard.exe; ccguard.dll; preupd.exe; addr_file.html; antivir1.vdf; antivir2.vdf; antivir3.vdf; avewin32.dll; avpack32.dll; avipbb.sys

05.04.2008 18:22:50 - Engine version local : 7.6.0.15

05.04.2008 18:22:50 - Engine version internet: 7.6.0.81

05.04.2008 18:22:50 - 0. VDF version local : 6.40.0.0

05.04.2008 18:22:50 - 0. VDF version internet: 6.40.0.0

05.04.2008 18:22:50 - 1. VDF version local : 7.0.0.0

05.04.2008 18:22:50 - 1. VDF version internet: 7.0.3.2

05.04.2008 18:22:50 - 2. VDF version local : 7.0.0.1

05.04.2008 18:22:50 - 2. VDF version internet: 7.0.3.85

05.04.2008 18:22:50 - 3. VDF version local : 7.0.0.2

05.04.2008 18:22:50 - 3. VDF version internet: 7.0.3.121

05.04.2008 18:22:50 - Required time: 00:12

05.04.2008 18:22:50 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

05.04.2008 18:22:51 - Update finished successfully
0
Réponse 70 / 123
lutcha Messages postés 105 Statut Membre
 
oups ;)
ben justement avant de trouver un truc qui ressemblait à un rapport pour te l'envoyer, j'allais te dire que antivir ne m'avait jamais fait de compte rendu comme l'ont fait les logiciels sur lesquels on a "travaillé" ces2jours, donc dis-moi comment je peux t'envoyer un rapport d'antivir, sachant qu'il est en anglais...
bon sinon t'es sur qu'il y a plus de trojan ni rien tout est ok ??
0
Réponse 71 / 123
lutcha Messages postés 105 Statut Membre
 
c'est qui ça espion 3004 ?
0
Réponse 72 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
c est le pseudo de la personne qui a fait le tuto

ton rapport antivir c est celui de la mise a jour de celui ci
0
Réponse 73 / 123
lutcha Messages postés 105 Statut Membre
 
oui, c'est le rapport de mise à jour mais je savis pas si c'était ça ou non qu'il te fallait... c'est ça ou pas ? sinon dis moi comment éditer le rapport d'antivir dont tu as besoin, parce que je ne sais pas du tout... il me dit que last complete system scan is not performed.
et dis-moi si tu sais, ce qu'il a supprimé exactement ?
0
Réponse 74 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
pour antivir lance le scan complet

et poste le rapport de cette analyse
0
Réponse 75 / 123
lutcha Messages postés 105 Statut Membre
 
ok, je fais ça le scan antivir après toolscleaner alors...
sinon explique-moi Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\). ce rapport se présente automatiquement ou je le trouve comment ?
0
Réponse 76 / 123
lutcha Messages postés 105 Statut Membre
 
c ça qu'il te faut ?

-->- Recherche:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\louise\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\louise\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\louise\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\louise\Bureau\SmitfraudFix\SmitFraudfix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\louise\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\louise\Bureau\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\louise\Bureau\SmitFraudfix: supprimé !
0
Réponse 77 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
Oui parfait c étai ça

la désinstallation c est bien passé

te reste plus que le scan antivir et de me poster le rapport
0
Réponse 78 / 123
lutcha Messages postés 105 Statut Membre
 
le lien que tu m'as donné (page d'espion 3004) n'existe plus...
je suis "bloquée" à Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
t'es toulours là ?
0
Réponse 79 / 123
cedric241 Messages postés 3380 Statut Membre 119
 
laisse tomber ça

le rapport tu me la envoyé et c est parfait

tout les logiciel de fix que je t ai fait installer sont désinstaller

tu pourras désinstaller malware byte aussi si tu veux pas le garder
va dans panneau de configuration
ajout et supression de programmes
0
Réponse 80 / 123
lutcha Messages postés 105 Statut Membre
 
toolscleaner comment je fais pour le désinstaller ? je le trouve ni dans panneau de config ni dans ccleaner..
sinon dis-moi ce qui a pu etre supprimé avec smitfraud si tu sais ?
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse