Sujet Précédent Sujet Suivant

Suis-je infecte

Fermé
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008 - 21 juil. 2008 à 13:25
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008 - 27 juil. 2008 à 12:50
Bonjour,

Tout d'abord pardon pour les accents je suis sur un clavier qwerty!
Voila je voudrais savoir si mon pc est infecte car spyware doctor me dit que j'ai un trojan downloader(je tiens a preciser que j'ai charge ce logiciel sur leur site et qu'il est "normal" je l'utilise juste pour detecter les spywares; je possede spybot aussi).

J'ai installe l'antivirus avira qui est sur votre site car il avait de bonne reference(je possedais avast familial mise a jour),puis j'ai lance un scan general avec recherche de rootkits voici le resultat resumait car le fichier etait trop long:

Avira AntiVir Personal
Report file date: lundi 21 juillet 2008 01:35

Scanning for 1480850 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: //vous saurez pas!//
Computer name: // vous saurez pas!//

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15
ANTIVIR2.VDF : 7.0.5.119 1264128 Bytes 15/07/2008 22:04:37
ANTIVIR3.VDF : 7.0.5.141 391168 Bytes 20/07/2008 22:04:42
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 09:46:50
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 20/07/2008 22:04:58
AESCN.DLL : 8.1.0.23 119156 Bytes 20/07/2008 22:04:56
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 09:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 20/07/2008 22:04:55
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 20/07/2008 22:04:53
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 20/07/2008 22:04:50
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 09:46:50
AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 09:46:50
AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 09:46:50
AECORE.DLL : 8.1.1.6 172405 Bytes 20/07/2008 22:04:43
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 09:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 15:35:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922


End of the scan: lundi 21 juillet 2008 11:03
Used time: 9:28:29 Hour(s) // ne tenez pas compte du temps je l'avais lance la nuit
mais il fallait que j'appuye sur un bouton//

The scan has been done completely.

7744 Scanning directories
340263 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
45 Files cannot be scanned
340218 Files not concerned
7733 Archives were scanned
45 Warnings
287 Notes
472482 Objects were scanned with rootkit scan
1 Hidden objects were found


Starting search for hidden objects.
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
[INFO] The registry entry is invisible.


Starting the file scan:

Begin scan in 'C:' <VAIO>

C:\WINDOWS\Temp\
JET4DC8.tmp
[WARNING] The file could not be opened!
Perflib_Perfdata_144.dat
[WARNING] The file could not be opened!
Perflib_Perfdata_2b8.dat
[WARNING] The file could not be opened!
ZLT03617.TMP
[WARNING] The file could not be opened!
ZLT0361a.TMP
[WARNING] The file could not be opened!

C:\WINDOWS\system32\drivers\
fidbox.dat
[WARNING] The file could not be opened!
fidbox.idx
[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\systemprofile\
NTUSER.DAT
[WARNING] The file could not be opened!
NTUSER.DAT.LOG
[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\
AppEvent.Evt
default
[WARNING] The file could not be opened! //10ème//
default.LOG
[WARNING] The file could not be opened!
OSession.evt
SAM
[WARNING] The file could not be opened!
SAM.LOG
[WARNING] The file could not be opened!
SecEvent.Evt
SECURITY
[WARNING] The file could not be opened!
SECURITY.LOG
[WARNING] The file could not be opened!
software
[WARNING] The file could not be opened!
software.LOG
[WARNING] The file could not be opened!
software.sav
SysEvent.Evt
system
[WARNING] The file could not be opened!
system.LOG
[WARNING] The file could not be opened!

C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\
catdb
[WARNING] The file could not be opened! //20ème//

C:\WINDOWS\system32\CatRoot2\
edb.log
[WARNING] The file could not be opened!
tmp.edb
[WARNING] The file could not be opened!

C:\System Volume Information\

[WARNING] System error [5]: Accès refusé.

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\
master.mdf
[WARNING] The file could not be opened!
mastlog.ldf
[WARNING] The file could not be opened!
model.mdf
[WARNING] The file could not be opened!
modellog.ldf
[WARNING] The file could not be opened!
msdbdata.mdf
msdblog.ldf
tempdb.mdf
[WARNING] The file could not be opened!
templog.ldf
[WARNING] The file could not be opened!

C:\Documents and Settings\sholva\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
[WARNING] The file could not be opened! //30ème//
UsrClass.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\sholva\
LuResult.txt
NTUSER.DAT
[WARNING] The file could not be opened!
ntuser.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
[WARNING] The file could not be opened!
UsrClass.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\
NTUSER.DAT
[WARNING] The file could not be opened!
ntuser.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
[WARNING] The file could not be opened!
UsrClass.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\LocalService\
NTUSER.DAT
[WARNING] The file could not be opened! //40ème//
ntuser.dat.LOG
[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\
VzCdb_Mgr.ldf
[WARNING] The file could not be opened!
VzCdb_Mgr.mdf
[WARNING] The file could not be opened!

C:\
hiberfil.sys
[WARNING] The file could not be opened!
pagefile.sys
[WARNING] The file could not be opened!


Merci d'avance pour votre reponse!

PS: Faudra revoir votre code antispam car il ne s'affiche pas on est oblige de s'inscrire!

7 réponses

Réponse 1 / 7
Utilisateur anonyme
21 juil. 2008 à 13:26
Salut fais ceci:

1) Redémarre en "Mode sans Échec":

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

2°) Analyser avec AntiVir:

Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "Report" puis normalement un bloc-note s'ouvrira tu l'enregistre sur ton bureau avec le titre "Rapport AntiVir"puis tu redémarre en mode normal puis tu me postes le rapport. PS: En redémarrant le scan se lancera tous seul laisse le.
0
darksholva
21 juil. 2008 à 15:01
Merci pour tes instructions je vais les faire (j'utilise un autre pc pour le net).

PS: Je comprend l'anglais je suis en UK!
0
Réponse 2 / 7
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008
21 juil. 2008 à 22:07
Bonsoir,

j'ai fais ce que tu m'as dit mais je n'ai pas de virus et le rapport est beaucoup plus court que celui que j'ai mis en haut de page alors vaut mieux se referer a celui la.Et je ne suis pas sur d'etre affecte car seul spyware doctor dit que j'ai un trojan downloader.
0
Réponse 3 / 7
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008
23 juil. 2008 à 01:53
Bonsoir,

Desole pour les multis posts,apparement je ne dois pas etre infecte (seul doctor spyware me dit que j'ai un trojan-downloader); le scan de antivir en mode sans echec (scan complet) ne m'a rien sorti a part un warning normal (pagefile.sys).
De plus j'ai installe malwarebytes antimalware mis a jour et le scan ne m'a pas sorti de virus.

J'aimerai savoir par consequent si j'ai bien un virus (car ma methode est peut etre pas la bonne) ou si spyware doctor se trompe,et ce que veut dire le rapport de antivir que j'ai mis en premier post.

Merci d'avance pour votre aide
0
Réponse 4 / 7
Utilisateur anonyme
23 juil. 2008 à 05:09
As tu fais le scan AntiVir ?
0
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008
26 juil. 2008 à 01:29
Oui et il ne m'a pas sorti de virus mais juste qu'il n'arrivait pas a ouvrir pagefiles.sys.

Sinon voici un rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:25:10, on 26/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
c:\windows\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{93D9A72D-C7EB-413F-B258-C21F4729C7EC}: NameServer = 192.168.14.149,192.168.6.135
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Utilisateur anonyme
26 juil. 2008 à 14:17
Ok merci maintenant fais un scan en ligne avec "Internet Explorer" stp:

BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm

[ / ! \ ] Juste avant de commencer le scan, clique sur le deuxieme "Cliquez ici" puis clique sur le "+" devant
Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel. Pour avoir clique sur "Problème détectés" puis "Exporter le rapport d'analyse" puis tu le postes sur le bureau.
0
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008
26 juil. 2008 à 22:45
Bonsoir,

maintenant j'ai des virus vola le rapport d'antivir

Avira AntiVir Personal
Report file date: samedi 26 juillet 2008 03:00

Scanning for 1510258 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ////

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15
ANTIVIR2.VDF : 7.0.5.174 2027008 Bytes 25/07/2008 17:26:12
ANTIVIR3.VDF : 7.0.5.175 2048 Bytes 25/07/2008 17:26:13
Engineversion : 8.1.1.12
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 09:46:50
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 20/07/2008 22:04:58
AESCN.DLL : 8.1.0.23 119156 Bytes 20/07/2008 22:04:56
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 09:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 20/07/2008 22:04:55
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 20/07/2008 22:04:53
AEHEUR.DLL : 8.1.0.44 1343863 Bytes 24/07/2008 22:06:18
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 09:46:50
AEGEN.DLL : 8.1.0.31 311669 Bytes 24/07/2008 22:05:51
AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 09:46:50
AECORE.DLL : 8.1.1.7 172406 Bytes 24/07/2008 22:05:46
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 09:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98561 Bytes 25/07/2008 17:26:14
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 26 juillet 2008 03:00

Starting search for hidden objects.
'49338' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'bittorrent.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'pctsSvc.exe' - '1' Module(s) have been scanned
Scan process 'TosBtProc.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'TosOBEX.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHid.exe' - '1' Module(s) have been scanned
Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'VzFw.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'VzCdbSvc.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'VAIOUpdt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'VCSW.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'pctsTray.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'VESMgr.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'pdservice.exe' - '1' Module(s) have been scanned
Scan process 'Switcher.exe' - '1' Module(s) have been scanned
Scan process 'ISBMgr.exe' - '1' Module(s) have been scanned
Scan process 'SPMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'VCUServe.exe' - '1' Module(s) have been scanned
Scan process 'ico.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'pctsAuxs.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nisvcloc.exe' - '1' Module(s) have been scanned
Scan process 'nidmsrv.exe' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'lktsrv.exe' - '1' Module(s) have been scanned
Scan process 'lkads.exe' - '1' Module(s) have been scanned
Scan process 'lkcitdl.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
75 processes with 75 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '61' files ).


Starting the file scan:

Begin scan in 'C:\' <VAIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\download\SynaptiCAD.AllProducts.v12.16b-Lz0.zip
[0] Archive type: ZIP
--> SynaptiCAD.AllProducts.v12.16b-Lz0/final2.dat
[DETECTION] Contains recognition pattern of the DR/Small.cvt dropper
--> SynaptiCAD.AllProducts.v12.16b-Lz0/final2.dat
[1] Archive type: RAR SFX (self extracting)
--> hosts\hosts.exe
[DETECTION] Is the TR/Spy.24576.O Trojan
--> hosts\hostsmon.exe
[DETECTION] Is the TR/VB.ChHost Trojan
--> manager.exe
[DETECTION] Is the TR/Spy.28672.H Trojan
--> downloader\downloader.exe
[DETECTION] Is the TR/Spy.40960.E Trojan
--> irc\irc.exe
[DETECTION] Is the TR/Spy.24576.P Trojan
[NOTE] The file was moved to '48f8cc8d.qua'!
Begin scan in 'D:\' <VAIO>


End of the scan: samedi 26 juillet 2008 10:17
Used time: 7:17:27 Hour(s)

The scan has been done completely.

22709 Scanning directories
930453 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
930445 Files not concerned
10135 Archives were scanned
2 Warnings
1 Notes
49338 Objects were scanned with rootkit scan
0 Hidden objects were found
0
Réponse 6 / 7
Utilisateur anonyme
26 juil. 2008 à 23:50
Ok merci maintenant fais un scan en ligne avec "Internet Explorer" stp:

BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefende­r.htm

[ / ! \ ] Juste avant de commencer le scan, clique sur le deuxieme "Cliquez ici" puis clique sur le "+" devant
Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel. Pour avoir clique sur "Problème détectés" puis "Exporter le rapport d'analyse" puis tu le postes sur le bureau.
0
Réponse 7 / 7
darksholva Messages postés 10 Date d'inscription lundi 21 juillet 2008 Statut Membre Dernière intervention 6 août 2008
27 juil. 2008 à 12:50
Je n'arrive pas a installer internet explorer 7 (même en desactivant mon antivirus et les spywares) qui est requis pour lancer ton scan en ligne.Si tu peux m'aider ou si tu as un aute logiciel a proporser ce ne sera pas de refus.
0

Discussions similaires

Virus détecté
Koony -
MisteryBean -

6 réponses
infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Infection d'une URL.blacklist
marina41 -
Malekal_morte- -

6 réponses
mustapha
mustapha -
Ainillia -

1 réponse
y a t'il des virus qu'avast ne detecte pas
davivid -
Utilisateur anonyme -

24 réponses