Les pub cid et les IEXPLORE.EXE

Résolu/Fermé

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010 - 14 mai 2008 à 18:20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 4 juil. 2008 à 12:28

Bonjour,
slt a tout le monde

g un problème avec les pub cid et aussi je n'arrive pas asupprimer deux IEXPLORE.EXE de mon processus.

aprés avoir lu bcp de chose qui non pas marché pour ma par je me suis résolu a installé hijackthis puisque la plupart de ceux qui donne de l'aide juge par ce problème, est-ce que quelqu'un pourrait m'aider.

voici mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:38, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
c:\documents and settings\jérémy\local settings\application data\ucgzgjgyl.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Jérémy\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users\Application Data\great coal love default\16 trans.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [drvtime] C:\DOCUME~1\JRMY~1\APPLIC~1\ADMINR~1\pop barb bind.exe
O4 - HKCU\..\Run: [ucgzgjgyl] c:\documents and settings\jérémy\local settings\application data\ucgzgjgyl.exe ucgzgjgyl
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

A voir également:

Les pub cid et les IEXPLORE.EXE
Bloqueur de pub youtube - Accueil - Streaming
Youtube sans pub - Accueil - Streaming
Netflix avec pub avis - Accueil - Streaming
YT Siphon : une extension pour contourner la pub sur YouTube - Accueil - Streaming
Stop pub gratuit - Télécharger - Divers Utilitaires

56 réponses

Réponse 21 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
16 mai 2008 à 18:36

Bonsoir,

Jfk > spysherif ?

Clad post un nouveau rapport hijack this stp

@+

Réponse 22 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
16 mai 2008 à 21:40

slt je ne comprend rien a ce que vous dites lol, mais je vous suit alors voici le rapport demander

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:12, on 16/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jérémy\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Réponse 23 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
16 mai 2008 à 21:51

salut,

passe ceci pour voire :

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

@+

Réponse 24 / 56

jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
16 mai 2008 à 21:53

Re, désolé apres vérification :fausse alerte pour spysheriff ;)

@++

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
16 mai 2008 à 22:03

le rapport msn fix

MSNFix 1.716

C:\Documents and Settings\J‚r‚my\Bureau\MSNFix\MSNFix
Fix exécuté le 16/05/2008 - 21:54:15,03 By J‚r‚my
mode normal

************************ Recherche les fichiers présents

... C:\Install_Messenger.exe

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\Install_Messenger.exe

************************ Nettoyage du registre

Les fichiers encore présents seront supprimés au prochain redémarrage

Aucun Fichier trouvé

************************ Fichiers suspects

Aucun Fichier trouvé

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16052008_21590490.zip

************************ HKLM\...\Winlogon\Userinit

Userinit = C:\WINDOWS\system32\userinit.exe,

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Réponse 26 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
16 mai 2008 à 22:30

ok ;-)

maintenant :

regarde ceci concernant avast :

antivir vs avast :

-> http://forum.malekal.com/ftopic3528.php

alors je te conseille de le desinstaller et d´installer antivir a la place

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->https://www.malekal.com/avira-free-security-antivirus-gratuit/

https://www.avira.com/en/prime

http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5
<- tutoriel configuration du scanner...

une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level

Je te dis tous ca car j´aimerais que tu performes un scan entier de ta machine a l´aide d´antivir avec les reglages stipulés ci dessus et que tu post le rapport généré ici stp

si jamais pour une raison ou une autre tu ne voulais pas remplacer avast par antivir ( ce qui serait bete ) performes un scan en ligne ici :

Scan en ligne bitdefender :

https://www.bitdefender.com/toolbox/

Clicker sur " I agree " et suivre les indications

A faire imperativement sous internet explorer, en acceptant l´activ x

tutoriel en image en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

ou

Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.

@+

Réponse 27 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
17 mai 2008 à 10:32

salut,

g fait se ke tu as dis, g télécharger avira mais je n'arrive pas a obtenir un rapport.

g lancer start udapte après avoir fait un clic droit su le sigle d'avira et cela m'a ouvert une fenétre mais je n'ai obtenu aucun rapport.

ps: faut'il ke je désinstalle avast?

Réponse 28 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
17 mai 2008 à 11:08

Salut clad51,

tu as effectué un scan complet avec les reglages que j´avais stipulés ?

si c´est le cas, tu click sur l´onglet rapport d´antivir et tu devrait pouvoir etre en mesure de localiser le rapport...

oui desinstale avast, maintenant tu as antivir > deux antivirus = conflits...

@+

Réponse 29 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
17 mai 2008 à 11:51

oui c t bien avec tous ce ke tu m'avais demander et voila le rapport

17.05.2008 09:31:20 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
17.05.2008 09:31:20 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
17.05.2008 09:31:20 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\
17.05.2008 09:31:20 - Using System's global Proxy settings
17.05.2008 09:31:20 - Start the Update GUI... Displaymode: 0
17.05.2008 09:31:20 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
17.05.2008 09:31:20 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
17.05.2008 09:31:20 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
17.05.2008 09:31:20 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
17.05.2008 09:31:20 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\
17.05.2008 09:31:20 - Using System's global Proxy settings
17.05.2008 09:31:20 - Start the Update GUI... Displaymode: 0
17.05.2008 09:31:20 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
17.05.2008 09:31:20 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
17.05.2008 09:31:20 - Avira AntiVir Personal – Free Antivirus
17.05.2008 09:31:42 - Invalid system proxy
17.05.2008 09:31:42 - Switching to next update server
17.05.2008 09:32:30 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
17.05.2008 09:32:30 - Master IDX file has changed
17.05.2008 09:32:34 - Keyfile: OK [FULL Mode]
17.05.2008 09:32:35 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/classic-nt-en.info.gz
17.05.2008 09:32:37 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
17.05.2008 09:32:37 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/vdf.info.gz
17.05.2008 09:32:37 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/specvir-nt.info.gz
17.05.2008 09:32:38 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/ave2.info.gz
17.05.2008 09:32:38 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
17.05.2008 09:32:41 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
17.05.2008 09:32:41 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 78
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 8.0.1.15 < 8.0.1.18
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe 8.0.0.11 < 8.0.0.16
17.05.2008 09:32:41 - build.dat 607ab1a40952da01289d6b84016d8128 != 7dc891d8430a7b4d921e5879a9182cea
17.05.2008 09:32:41 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
17.05.2008 09:32:41 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.3.62 < 7.0.4.53
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.3.68 < 7.0.4.54
17.05.2008 09:32:41 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
17.05.2008 09:32:41 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 13
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.0.25 < 8.1.0.29
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll 8.1.0.5 < 8.1.0.6
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.15 < 8.1.0.21
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll 8.1.0.11 < 8.1.0.14
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.15 < 8.1.0.29
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.15 < 8.1.0.18
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll 8.1.1.0 < 8.1.1.5
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.0.19 < 8.1.0.20
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll 8.1.0.12 < 8.1.0.18
17.05.2008 09:32:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.0.19 < 8.1.0.33
17.05.2008 09:32:41 - aeset.dat afd755a15cdaa365acc31219c6f22d53 != 07471f7c879687e545828abbaae70a1b
17.05.2008 09:32:41 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
17.05.2008 09:32:41 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
17.05.2008 09:32:41 - Minifilter is installed
17.05.2008 09:32:41 - Minifilter is possible
17.05.2008 09:32:41 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
17.05.2008 09:32:42 - File basic-nt/avguard.exe which was recognized as modified, must not be updated
17.05.2008 09:32:42 - File basic-nt/setup.exe which was recognized as modified, must not be updated
17.05.2008 09:32:42 - File classic-nt/build.dat which was recognized as modified, must not be updated
17.05.2008 09:32:42 - The Module MAIN which was recognized as modified, must not be updated
17.05.2008 09:32:42 - Initialize avnotify.exe
17.05.2008 09:32:42 - Starting avnotify.exe successful
17.05.2008 09:32:42 - Preparing to download files
17.05.2008 09:32:42 - 13 files need to be downloaded / copied from http://dl5.avgate.net/upd/
17.05.2008 09:32:42 - #1: Downloading and extracting http://dl5.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\vdf\antivir2.vdf
17.05.2008 09:33:11 - #2: Downloading and extracting http://dl5.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\vdf\antivir3.vdf
17.05.2008 09:33:11 - #3: Downloading and extracting http://dl5.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aecore.dll
17.05.2008 09:33:12 - #4: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeemu.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeemu.dll
17.05.2008 09:33:15 - #5: Downloading and extracting http://dl5.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aegen.dll
17.05.2008 09:33:18 - #6: Downloading and extracting http://dl5.avgate.net/upd/ave2/aehelp.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aehelp.dll
17.05.2008 09:33:19 - #7: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeheur.dll
17.05.2008 09:33:28 - #8: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeoffice.dll
17.05.2008 09:33:30 - #9: Downloading and extracting http://dl5.avgate.net/upd/ave2/aepack.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aepack.dll
17.05.2008 09:33:33 - #10: Downloading and extracting http://dl5.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aerdl.dll
17.05.2008 09:33:37 - #11: Downloading and extracting http://dl5.avgate.net/upd/ave2/aescn.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aescn.dll
17.05.2008 09:33:39 - #12: Downloading and extracting http://dl5.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aescript.dll
17.05.2008 09:33:41 - #13: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeset.dat.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeset.dat
17.05.2008 09:33:49 - Status of service AntiVirService is running
17.05.2008 09:33:49 - Initialize avscan.exe
17.05.2008 09:33:49 - Initialize avcenter.exe
17.05.2008 09:33:49 - Initialize avgnt.exe
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeset.dat.
17.05.2008 09:33:49 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aevdf.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll.
17.05.2008 09:33:49 - avscan.exe closed.
17.05.2008 09:33:50 - avgnt.exe closed.
17.05.2008 09:33:50 - Starting to install
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir2.vdf
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir3.vdf
17.05.2008 09:33:50 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
17.05.2008 09:33:50 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\vdf\antivir2.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf
17.05.2008 09:33:50 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\vdf\antivir3.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aecore.dll
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeemu.dll
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aegen.dll
17.05.2008 09:33:50 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aehelp.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeheur.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeoffice.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aepack.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aerdl.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescn.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescript.dll
17.05.2008 09:33:51 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeset.dat
17.05.2008 09:33:51 - Processing module AVE2 Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
17.05.2008 09:33:52 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aecore.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
17.05.2008 09:33:53 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeemu.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll
17.05.2008 09:33:54 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aegen.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
17.05.2008 09:33:55 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aehelp.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll
17.05.2008 09:33:56 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeheur.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
17.05.2008 09:33:57 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeoffice.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
17.05.2008 09:33:58 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aepack.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll
17.05.2008 09:33:59 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aerdl.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll
17.05.2008 09:34:00 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aescn.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll
17.05.2008 09:34:01 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aescript.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
17.05.2008 09:34:01 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_482e89c7\ave2\aeset.dat to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat
17.05.2008 09:34:01 - A total of 13 files were updated
17.05.2008 09:34:01 - Initialize AVWSC.EXE
17.05.2008 09:34:01 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
17.05.2008 09:34:01 - Status of service AntiVirService is running
17.05.2008 09:34:04 - Reinitialization of AntiVirService carried out successfully.
17.05.2008 09:34:04 - Starting avgnt.exe successful
17.05.2008 09:34:04 - Dialup: 0
17.05.2008 09:34:04 - Downloaded bytes: 3740317
17.05.2008 09:34:04 - Downloaded file(s): 13
17.05.2008 09:34:04 - Downloaded file(s): antivir2.vdf; antivir3.vdf; aecore.dll; aeemu.dll; aegen.dll; aehelp.dll; aeheur.dll; aeoffice.dll; aepack.dll; aerdl.dll; aescn.dll; aescript.dll; aeset.dat
17.05.2008 09:34:04 - Required time: 02:44
17.05.2008 09:34:04 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate
17.05.2008 09:34:05 - Update finished successfully

Réponse 30 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
17 mai 2008 à 14:16

re,

oui certe cet un rapport mais ce n´est pas le rapport de scan...

dans l´onglet rapports d´antivir tu dois avoir une ligne qui dit scan c´est ce rapport que j´aimerais bien voir.

@+

Réponse 31 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
18 mai 2008 à 11:38

slt girly voici le rapport que tu me demander, cette fois ci je croi que c le bon

Avira AntiVir Personal
Report file date: dimanche 18 mai 2008 10:35

Scanning for 1276115 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ANGELLUSTY

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 07:33:11
ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 17/05/2008 07:33:11
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 17/05/2008 07:33:41
AESCN.DLL : 8.1.0.18 119156 Bytes 17/05/2008 07:33:39
AERDL.DLL : 8.1.0.20 418165 Bytes 17/05/2008 07:33:37
AEPACK.DLL : 8.1.1.5 364918 Bytes 17/05/2008 07:33:33
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 17/05/2008 07:33:30
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 17/05/2008 07:33:28
AEHELP.DLL : 8.1.0.14 115063 Bytes 17/05/2008 07:33:19
AEGEN.DLL : 8.1.0.21 303477 Bytes 17/05/2008 07:33:18
AEEMU.DLL : 8.1.0.6 430451 Bytes 17/05/2008 07:33:15
AECORE.DLL : 8.1.0.29 168311 Bytes 17/05/2008 07:33:12
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: dimanche 18 mai 2008 10:35

Starting search for hidden objects.
'74793' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'SiSWLSvc.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '23' files ).

Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Jérémy\Application Data\admin rule\dixyervq.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Application Data\admin rule\lkkmnxpz.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Application Data\admin rule\saahnzhi.exe
[DETECTION] Is the Trojan horse TR/Agent.ZM
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Application Data\admin rule\tvykyutp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Application Data\admin rule\xamxrhkn.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Application Data\admin rule\xsrhlurw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Bureau\clean.zip
[0] Archive type: ZIP
--> clean/clean.cmd
[DETECTION] Contains suspicious code HEUR/HTML.Malware
[NOTE] The file was deleted!
C:\Documents and Settings\Jérémy\Bureau\clean\clean\clean.cmd
[DETECTION] Contains suspicious code HEUR/HTML.Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '4894f06a.qua'!
C:\Program Files\Eset\infected\WLACPZDA.NQF
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Program Files\Eset\infected\WLACPZDA.NQF
[DETECTION] Contains detection pattern of the worm WORM/P2P.Kapucen.Gen
[NOTE] The file was deleted!
C:\Program Files\Lopxp\Sauvegardes\great coal love default\Sixth Sect.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\Program Files\Navilog1\Backupnavi\pgzsibexv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP291\A0008715.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP291\A0008716.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP291\A0008717.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0008734.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016818.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.556032
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016819.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016820.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016821.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016822.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016823.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP466\A0016824.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.LL.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP468\A0017870.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP475\A0019197.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP475\A0019211.exe
[0] Archive type: RSRC
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.WinFixer.Q
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP475\A0019277.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019368.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019369.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019370.exe
[DETECTION] Is the Trojan horse TR/Agent.ZM
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019371.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019372.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019373.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019374.cmd
[DETECTION] Contains suspicious code HEUR/HTML.Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '485ff629.qua'!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019375.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP481\A0019376.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\win27958.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.AZE
[NOTE] The file was deleted!
C:\WINDOWS\system32\win33833.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.AZE
[NOTE] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!

End of the scan: dimanche 18 mai 2008 11:34
Used time: 58:56 min

The scan has been done completely.

8795 Scanning directories
406947 Files were scanned
34 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
35 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
406913 Files not concerned
8330 Archives were scanned
6 Warnings
37 Notes
74793 Objects were scanned with rootkit scan
0 Hidden objects were found

ps: si tu pouver me dire comment supprimer avast sa serai cool

Réponse 32 / 56

jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
18 mai 2008 à 12:08

salut vous deux ;

pour supprimer avast

g!rly : j'ai comme le sentiment que smitfraudfix serait le bienvenu .

@+

Réponse 33 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
18 mai 2008 à 13:00

slt jfkpresident et merci pour la désinstallation d'avast

Réponse 34 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 mai 2008 à 13:06

Salut a vous deux,

pourquoi faire smitfraud ? jfk ?

clad51, cool pour le rapport d´antivir; post un nouveau rapport hijack this stp et precise tes soucis...

@+

Réponse 35 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
18 mai 2008 à 13:11

voici le rapport hijackthis demander

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:08:28, on 18/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jérémy\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Réponse 36 / 56

jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
18 mai 2008 à 13:17

re,

a cause de cette ligne : O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

je l'a croyais légitime mais apres quelques recherches (merci coolman) elle serait bien infecté par : rogue Spysheriff .

voila ; @+

Réponse 37 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 mai 2008 à 13:19

clad51,

a l´aide de hijack this coche et fix les lignes suivantes :

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

puis

meme si tu surf avec firefox :

internet explorer 6.0 = failles de securitées importantes

alors fais les mises a jour windows : tu veux la version 7.0

https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70

et

regarde ce tutorial pour mettre ta console java a jour :

https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

on installera un par feu quand tu m´auras dis plus precisement le message d´erreure que tu as avec messenger plus...

pour l´installation de nouveau materiel tu as installé quelque chose ressament ?

Réponse 38 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 mai 2008 à 13:40

jfk,

je pensse que malwearebytes l´aurais vu si c´etait le cas, tu crois pas ?

{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

;)

Réponse 39 / 56

clad51 Messages postés 84 Date d'inscription mercredi 14 mai 2008 Statut Membre Dernière intervention 3 janvier 2010
18 mai 2008 à 14:05

re

donc g fait la mise a jour d'internet explorer mais celle de java, j'ai pa réussi

pour l'assistant sa fait assez longtemps que la fenetre s'affiche mais je ne c pas quel matériel a été installé et pour messenger plus le message d'erreur et celui-ci:

L'ordinal 14 est introuvable dans la bibliothèque de liaisons dynamique iertutil.dll

Réponse 40 / 56

g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 mai 2008 à 14:10

re,

tu as bien regardé le tuto pour java ?

sinon pour l´erreure iertutil.dll regarde ceci et telecharge le fichier :

https://www.fichier-dll.fr/iertutil.dll,1311

pour le materiel, je ne voie pas vraiment la cause ?!

@+

Discussions similaires

Cherche chanteur et titre chanson pub kinder noel 2023

Ouvrir un fichier .pub sans Publisher

Recherche nom acteur Pub

retrouver un spot publicitaire radio ?