Rapport HijackThis - Page 2
Résolu
Précédent
- 1
- 2
donc,
dans un pc , il faut que ces trois types de protections soient présentes
merci énormement, mais est-ce qu'il est facile d'apprendre comment lire ces rapports,????
merci
dans un pc , il faut que ces trois types de protections soient présentes
merci énormement, mais est-ce qu'il est facile d'apprendre comment lire ces rapports,????
merci
Compliqué non.
Tu regardes ce qui est infecté ou pas.
Il y a trois types d'action avec les antivirus quand ils détectent une infection :
- le fichier est supprimé
- le fichier est ignoré
- le fichier ne peut être supprimé, il est mis en quarantaine ( il faut alors vider la quarantaine ).
lance un scan complet avec Antivir ( quand tu l'auras installé ) et poste le .
on l'interprétera ensemble.
A+
Tu regardes ce qui est infecté ou pas.
Il y a trois types d'action avec les antivirus quand ils détectent une infection :
- le fichier est supprimé
- le fichier est ignoré
- le fichier ne peut être supprimé, il est mis en quarantaine ( il faut alors vider la quarantaine ).
lance un scan complet avec Antivir ( quand tu l'auras installé ) et poste le .
on l'interprétera ensemble.
A+
bonjour
voilà le rapport de antivir
Avira AntiVir Personal
Report file date: 20 août, 2008 10:22
Scanning for 1563949 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: xp
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 07:52:58
ANTIVIR3.VDF : 7.0.6.41 179200 Bytes 20/08/2008 07:53:04
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:52
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 20/08/2008 07:53:48
AESCN.DLL : 8.1.0.23 119156 Bytes 20/08/2008 07:53:44
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:52
AEPACK.DLL : 8.1.2.1 364917 Bytes 20/08/2008 07:53:42
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 20/08/2008 07:53:36
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 20/08/2008 07:53:34
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:52
AEGEN.DLL : 8.1.0.36 315764 Bytes 20/08/2008 07:53:16
AEEMU.DLL : 8.1.0.7 430452 Bytes 20/08/2008 07:53:12
AECORE.DLL : 8.1.1.8 172406 Bytes 20/08/2008 07:53:08
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 20/08/2008 07:53:04
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, A:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 20 août, 2008 10:22
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'FreeRAM.exe' - '1' Module(s) have been scanned
Scan process 'MSNMSGR.EXE' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'TSNP325.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'FixCamera.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'WSCNTFY.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'A:\'
[INFO] In the drive 'A:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
Begin scan in 'A:\'
Search path A:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
End of the scan: 20 août, 2008 10:56
Used time: 34:59 Minute(s)
The scan has been done completely.
4168 Scanning directories
185948 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
185946 Files not concerned
1410 Archives were scanned
2 Warnings
0 Notes
... on pourra peut-etre en discuter ????
merci
voilà le rapport de antivir
Avira AntiVir Personal
Report file date: 20 août, 2008 10:22
Scanning for 1563949 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: xp
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 07:52:58
ANTIVIR3.VDF : 7.0.6.41 179200 Bytes 20/08/2008 07:53:04
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:52
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 20/08/2008 07:53:48
AESCN.DLL : 8.1.0.23 119156 Bytes 20/08/2008 07:53:44
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:52
AEPACK.DLL : 8.1.2.1 364917 Bytes 20/08/2008 07:53:42
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 20/08/2008 07:53:36
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 20/08/2008 07:53:34
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:52
AEGEN.DLL : 8.1.0.36 315764 Bytes 20/08/2008 07:53:16
AEEMU.DLL : 8.1.0.7 430452 Bytes 20/08/2008 07:53:12
AECORE.DLL : 8.1.1.8 172406 Bytes 20/08/2008 07:53:08
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 20/08/2008 07:53:04
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, A:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 20 août, 2008 10:22
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'FreeRAM.exe' - '1' Module(s) have been scanned
Scan process 'MSNMSGR.EXE' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'TSNP325.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'FixCamera.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'WSCNTFY.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'A:\'
[INFO] In the drive 'A:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
Begin scan in 'A:\'
Search path A:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
End of the scan: 20 août, 2008 10:56
Used time: 34:59 Minute(s)
The scan has been done completely.
4168 Scanning directories
185948 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
185946 Files not concerned
1410 Archives were scanned
2 Warnings
0 Notes
... on pourra peut-etre en discuter ????
merci
La fin du rapport :
4168 Scanning directories
185948 Files were scanned
0 viruses and/or unwanted programs were found --> nombre de virus = 0
0 Files were classified as suspicious:
0 files were deleted |
0 files were repaired | les options lorsqu'il y a un fichier de détecté ( delete, repair, move to quaranatine
0 files were moved to quarantine --> le nombre de fichiers mis en quarantaine ( il faut la vider
0 files were renamed
2 Files cannot be scanned ( regarde plus haut dans le rapport : C:\PAGEFILE.SYS et C:\hiberfil.sys )
185946 Files not concerned
1410 Archives were scanned
2 Warnings --> Le nombre d'ALERTES ( message te prévenant d'un intrusion )
0 Notes
Il n'y a pas de virus de détectés.
As-tu tout installé ?
Il reste alors à te donner les dernières consignes.
A+
4168 Scanning directories
185948 Files were scanned
0 viruses and/or unwanted programs were found --> nombre de virus = 0
0 Files were classified as suspicious:
0 files were deleted |
0 files were repaired | les options lorsqu'il y a un fichier de détecté ( delete, repair, move to quaranatine
0 files were moved to quarantine --> le nombre de fichiers mis en quarantaine ( il faut la vider
0 files were renamed
2 Files cannot be scanned ( regarde plus haut dans le rapport : C:\PAGEFILE.SYS et C:\hiberfil.sys )
185946 Files not concerned
1410 Archives were scanned
2 Warnings --> Le nombre d'ALERTES ( message te prévenant d'un intrusion )
0 Notes
Il n'y a pas de virus de détectés.
As-tu tout installé ?
Il reste alors à te donner les dernières consignes.
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
1) On va enlever les logiciels qui ont été utilisés..
Télécharge ToolsCleaner .sur le bureau
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
Double-clique sur ToolsCleaner2.exe --> Recherche --> Suppression.
Il est possible que ton bureau disparaisse.
Fais un copier/coller du rapport qui se trouve dans C:\TCleaner.txt.
Si l’écran ne réapparait pas, tape sur les touches Ctrl + Alt + Supp. Ceci ouvre le gestionnaire de taches.
Dans l’onglet Processus, clique sur le menu Fichier, puis Executer et tape Explorer. Valide.
2) Tu vas utiliser CCleaner.
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
utilise les fonctions nettoyeur et registre.
3) Les points de restauration :
- Panneau de configuration --> Système --> Restauration du système
cocher " Désactiver la restauration .... "
Ceci va supprimer les points de restauration existants et infectés
- Tu vas recréer un point de restauration propre.
Pour recréer un point de restauration :
Démarrer --> Programmes --> Accessoires --> Outils système --> Restauration système
Choisis "Créer un point de restauration". Suis les invites.
Après tout ca, ton PC devrait être propre et protégé.
Si tu as le moindre problème, poste un message.
pourrais-tu mettre le sujet comme résolu ?
@+
Télécharge ToolsCleaner .sur le bureau
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
Double-clique sur ToolsCleaner2.exe --> Recherche --> Suppression.
Il est possible que ton bureau disparaisse.
Fais un copier/coller du rapport qui se trouve dans C:\TCleaner.txt.
Si l’écran ne réapparait pas, tape sur les touches Ctrl + Alt + Supp. Ceci ouvre le gestionnaire de taches.
Dans l’onglet Processus, clique sur le menu Fichier, puis Executer et tape Explorer. Valide.
2) Tu vas utiliser CCleaner.
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
utilise les fonctions nettoyeur et registre.
3) Les points de restauration :
- Panneau de configuration --> Système --> Restauration du système
cocher " Désactiver la restauration .... "
Ceci va supprimer les points de restauration existants et infectés
- Tu vas recréer un point de restauration propre.
Pour recréer un point de restauration :
Démarrer --> Programmes --> Accessoires --> Outils système --> Restauration système
Choisis "Créer un point de restauration". Suis les invites.
Après tout ca, ton PC devrait être propre et protégé.
Si tu as le moindre problème, poste un message.
pourrais-tu mettre le sujet comme résolu ?
@+
bonjour,
j'ai cru que le problème a fini , mais maintenat le PC ne se ferme plus,
arreter le système ---> arreter ---> enregistrement de vos paramétres --> fermeture de WIndows, et ça bloque ici,
il reste comme ça,
que dois-je faire ????
j'ai cru que le problème a fini , mais maintenat le PC ne se ferme plus,
arreter le système ---> arreter ---> enregistrement de vos paramétres --> fermeture de WIndows, et ça bloque ici,
il reste comme ça,
que dois-je faire ????
C'est la 1ere fois ? depuis quand cela arrive-t-il ?
Quand ton Pc est bloqué, reste appuyer sur le bouton de démarrage jusqu'à extinction du PC.
Rallume ton PC et choisis le mode sans échec à l'invite suivante.
Choisis ton compte puis redémarre normalement ton PC à partir du mode sans échec :
arrêter --> Redémarrer
Tu devrais revenir sous windows.
Tu vas faire deux choses :
Demarrer --> Accessoires --> Outils système
- scandisk pour réparer les erreurs du DD
- défragmentation
A+
Quand ton Pc est bloqué, reste appuyer sur le bouton de démarrage jusqu'à extinction du PC.
Rallume ton PC et choisis le mode sans échec à l'invite suivante.
Choisis ton compte puis redémarre normalement ton PC à partir du mode sans échec :
arrêter --> Redémarrer
Tu devrais revenir sous windows.
Tu vas faire deux choses :
Demarrer --> Accessoires --> Outils système
- scandisk pour réparer les erreurs du DD
- défragmentation
A+
Précédent
- 1
- 2
