Problème de navigation IE/Firefox Fermé

Question

Bonjour,

    J'ai eu un souci de virus en début de semaine. Après recherche, c'était un virus vundo. J'ai à priori réussi à me débarasser du virus : il n'y a plus l'air d'avoir de pub intempestive lorsque je navigue. Mais il me reste toujorus un problème : sour IE6 (ou firefox que je viens d'installer pour essayer), la recherche sur le site google ne répond pas (j'accès bien à la page www.google.fr et à navigeur sur les pages du site (hors recherche) et je ne peux afficher la page www.yahoo.fr (pas de réponse)). J'ai mis à jour spybot et avg ( ca tranait sur mon PC) et lancer des scans sur les deux qui m'ont trouvé des  trucs à eliminer mais meme après ça, toujorus le même problème de navigation. AVG me trouve néanmoins des nouveaux trucs à chaque fois que je relance le scan ... c'est bizarre. Je vous mets le log hijackthis en attendant vos idées.

Merci d'avance pour votre aide,

Jean-Marc

Logfile of HijackThis v1.99.1
Scan saved at 20:23, on 2008-05-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4apimgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\lotus
otes\NLNOTES.EXE
C:\Program Files\lotus
otes
taskldr.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Jean-Marc\Mes documents\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://aolcompagnon.aol.fr/compagnon_v2/rechercheExt/?q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BMa3577365] Rundll32.exe "C:\WINDOWS\system32\gpdnqgew.dll",s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe

Utilisateur anonyme · Answer

salut

fais ca avec antivir:

reglages pour antivir :

une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level


aussi clic sur guard puis coche scan archive puis tu decoche les 3 case en dessous puis ok

puis fais un scan et supprime tous se qu'il trouve (delete)
puis tu me poste le log d'antivir

Utilisateur anonyme · Answer

ok

Utilisateur anonyme · Answer

le dernier scan

Hans · Answer

Voila le rapport tout frais : Avira AntiVir Personal Report file date: 2008-05-18 20:33 Scanning for 1276115 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: PFITZAUF Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58 ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 06:15:56 ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 2008-05-17 06:15:57 Engineversion : 8.1.0.46 AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21 AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-16 04:49:25 AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-16 04:49:24 AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-16 04:49:23 AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-16 04:49:21 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-16 04:49:19 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-16 04:49:18 AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-16 04:49:15 AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-16 04:49:15 AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-16 04:49:13 AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-16 04:49:10 AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Start of the scan: 2008-05-18 20:33 Starting search for hidden objects. '67846' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'ntaskldr.exe' - '1' Module(s) have been scanned Scan process 'nlnotes.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'mHotkey.exe' - '1' Module(s) have been scanned Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'mdm.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 42 processes with 42 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'E:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '19' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'D:\' Begin scan in 'E:\' End of the scan: 2008-05-18 21:35 Used time: 1:01:43 min The scan has been done completely. 13034 Scanning directories 335091 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 335091 Files not concerned 9586 Archives were scanned 2 Warnings 0 Notes 67846 Objects were scanned with rootkit scan 0 Hidden objects were found A noter pendant le scan, antivir a detecté 2 problèmes (hors scan) ou je lui ai demandé de supprimer les fichiers concernés : 2008-05-18,21:21 [WARNING] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen! C:\Documents and Settings\Jean-Marc\Local Settings\Temporary Internet Files\Content.IE5\1T3AQL1H race[1].htm [INFO] The file will be deleted. 2008-05-18,21:21 [WARNING] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen! C:\Documents and Settings\Jean-Marc\Local Settings\Temporary Internet Files\Content.IE5\1T3AQL1H race[1].htm [INFO] The file will be deleted.

Hans · Answer

La, je dois me coucher, j'ai les yeux qui tombent. On reprendra demain soir.

Merci de votre aide en tout cas,
Bonne soireé,

Jean-Marc

Hans · Answer

de retour pour mon problème. Voici le log d'antivir de tout à l'heure : Avira AntiVir Personal Report file date: 2008-05-20 06:41 Scanning for 1279773 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: PFITZAUF Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58 ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 06:15:56 ANTIVIR3.VDF : 7.0.4.62 56320 Bytes 2008-05-19 16:28:10 Engineversion : 8.1.0.46 AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21 AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-16 04:49:25 AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-16 04:49:24 AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-16 04:49:23 AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-16 04:49:21 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-16 04:49:19 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-16 04:49:18 AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-16 04:49:15 AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-16 04:49:15 AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-16 04:49:13 AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-16 04:49:10 AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Start of the scan: 2008-05-20 06:41 Starting search for hidden objects. '70569' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'ntaskldr.exe' - '1' Module(s) have been scanned Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'OUTLOOK.EXE' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'nlnotes.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'mHotkey.exe' - '1' Module(s) have been scanned Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'mdm.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 42 processes with 42 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'E:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '19' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{23B0622F-F53D-4F8C-AEB1-783AAE4EF240}\RP594\A0057816.dll [DETECTION] Is the Trojan horse TR/Monder.134144 [NOTE] The file was deleted! C:\System Volume Information\_restore{23B0622F-F53D-4F8C-AEB1-783AAE4EF240}\RP604\A0059086.dll [DETECTION] Is the Trojan horse TR/Vundo.BC [NOTE] The file was deleted! C:\System Volume Information\_restore{23B0622F-F53D-4F8C-AEB1-783AAE4EF240}\RP604\A0059087.dll [DETECTION] Is the Trojan horse TR/Vundo.BC [NOTE] The file was deleted! C:\System Volume Information\_restore{23B0622F-F53D-4F8C-AEB1-783AAE4EF240}\RP604\A0059088.dll [DETECTION] Is the Trojan horse TR/Vundo.BC [NOTE] The file was deleted! C:\WINDOWS\system32\qafxgidp.dll [DETECTION] Is the Trojan horse TR/Monder.134144 [NOTE] The file was deleted! Begin scan in 'D:\' Begin scan in 'E:\' End of the scan: 2008-05-20 07:55 Used time: 1:13:49 min The scan has been done completely. 13038 Scanning directories 337993 Files were scanned 5 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 5 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 337988 Files not concerned 9607 Archives were scanned 2 Warnings 5 Notes 70569 Objects were scanned with rootkit scan 0 Hidden objects were found

Pfitzauf · Answer

Salut, Je suis en fait le Hans qui a posté ici. Je me suis inscris mais avec un autre login car Hans était déjà occupé. On dirait qu'il y a eu un problème temporaire d'accès au forum. Est-ce que quelqu'un peux m'aider ? J'ai refait depuis un scan antivir (en mose normal pas en MSE) : Avira AntiVir Personal Report file date: 2008-05-20 19:03 Scanning for 1279773 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: PFITZAUF Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58 ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 06:15:56 ANTIVIR3.VDF : 7.0.4.62 56320 Bytes 2008-05-19 16:28:10 Engineversion : 8.1.0.46 AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21 AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-16 04:49:25 AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-16 04:49:24 AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-16 04:49:23 AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-16 04:49:21 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-16 04:49:19 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-16 04:49:18 AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-16 04:49:15 AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-16 04:49:15 AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-16 04:49:13 AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-16 04:49:10 AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Start of the scan: 2008-05-20 19:03 Starting search for hidden objects. '71190' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'ntaskldr.exe' - '1' Module(s) have been scanned Scan process 'nlnotes.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'mHotkey.exe' - '1' Module(s) have been scanned Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'mdm.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 39 processes with 39 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'E:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '19' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{23B0622F-F53D-4F8C-AEB1-783AAE4EF240}\RP604\A0059100.dll [DETECTION] Is the Trojan horse TR/Monder.134144 [NOTE] The file was deleted! Begin scan in 'D:\' Begin scan in 'E:\' End of the scan: 2008-05-20 20:15 Used time: 1:11:33 min The scan has been done completely. 13038 Scanning directories 338488 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 338487 Files not concerned 9607 Archives were scanned 2 Warnings 1 Notes 71190 Objects were scanned with rootkit scan 0 Hidden objects were found Merci d'avance les amis

Problème de navigation IE/Firefox

7 réponses

Discussions similaires