Sujet Précédent Sujet Suivant

Besoin d'aide pour virus rapport antivir

iomiom -
Utilisateur anonyme - 6 sept. 2008 à 00:45

Bonjour,
Je vous poste mon rapport antivir, il me reste des virus, j'ai besoin d'aide s'il vous plait

Afficher la suite

A voir également:

Besoin d'aide pour virus rapport antivir
Virus mcafee - Accueil - Piratage
Plan rapport de stage - Guide
Virus informatique - Guide
Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
Message virus iphone ✓ - Forum Virus

3 réponses

Réponse 1 / 3

Utilisateur anonyme

Bonjour

Tu l'as oublié ;-)

iomiom

Bonjour,
oups, désolé

j'ai apparement un virus nommé smart antivirus 2009 et des fichiers en quarantaine dans un fichier norton alors que je n'ai plus nortron antivirus sur mon PC

Avira AntiVir Personal
Report file date: vendredi 5 septembre 2008 18:35

Scanning for 1599979 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: JOHANN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 31/08/2008 16:29:34
ANTIVIR3.VDF : 7.0.6.124 202240 Bytes 05/09/2008 16:29:35
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 05/09/2008 16:29:42
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 05/09/2008 16:29:40
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 05/09/2008 16:29:39
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 05/09/2008 16:29:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 05/09/2008 16:29:37
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 05/09/2008 16:29:36
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 05/09/2008 16:29:35
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 5 septembre 2008 18:35

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'ashWebSv.exe' - '1' Module(s) have been scanned
Scan process 'ashMaiSv.exe' - '1' Module(s) have been scanned
Scan process 'Smart Antivirus-2009.exe' - '1' Module(s) have been scanned
Scan process 'PhotoManager.exe' - '1' Module(s) have been scanned
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'PBDataSecure.exe' - '1' Module(s) have been scanned
Scan process 'SpriteService.exe' - '1' Module(s) have been scanned
Scan process 'AnyDVD.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'SpyHunter3.exe' - '1' Module(s) have been scanned
Scan process 'VzFw.exe' - '1' Module(s) have been scanned
Scan process 'VzCdbSvc.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'VCSW.exe' - '1' Module(s) have been scanned
Scan process 'VESMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
60 processes with 60 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
C:\WINDOWS\system32\opnllIaw.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The file was deleted!

The registry was scanned ( '57' files ).

Starting the file scan:

Begin scan in 'C:\' <R2 D2>
C:\ARKB.tmp
[DETECTION] Is the TR/Monderb.lkg Trojan
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The file was deleted!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02C106A3.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02C106A3.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09170C75.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09170C75.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1762078D.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1762078D.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40AE748D.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40AE748D.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was moved to '49026064.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FEA4C9F.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FEA4C9F.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\Documents and Settings\JOJO\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-18444fab.zip
[0] Archive type: ZIP
--> vmain.class
[DETECTION] Contains recognition pattern of the EXP/Java.Gimsh.A.40 exploit
[NOTE] The file was deleted!
C:\Documents and Settings\JOJO\Local Settings\Temp\temp.dll
[DETECTION] Is the TR/Agent.247296 Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\JOJO\Local Settings\Temp\_addon.exe
[DETECTION] Is the TR/Agent.323396 Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\JOJO\Local Settings\Temporary Internet Files\Content.IE5\Z6FDHLNR\cntr[1].gif
[DETECTION] Is the TR/Spy.Agent.sog Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP260\A0105697.INF
[DETECTION] Contains recognition pattern of the VBS/IETitle.A VBS script virus
[NOTE] The file was deleted!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111665.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111665.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111666.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111666.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was moved to '48f27090.qua'!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111667.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111667.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was moved to '48f27093.qua'!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111668.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111668.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111669.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP265\A0111669.exe
[DETECTION] Contains recognition pattern of the WORM/RJUMP.D worm
[NOTE] The file was deleted!
C:\WINDOWS\dgksvbpn.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\byXnKDSi.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was moved to '49197381.qua'!
C:\WINDOWS\system32\cbXQhifd.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\efcAtqOe.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\efcCSjiJ.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\urqPGaay.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\wvUkHwVl.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\xxyYsqqP.dll
[DETECTION] Is the TR/Monderb.lkg Trojan
[NOTE] The file was deleted!
Begin scan in 'D:\' <C6 PO>
D:\Mes documents\Mes images\about.Brontok.A.html
[DETECTION] Is the TR/Rontobrok.A Trojan
[NOTE] The file was deleted!
D:\System Volume Information\_restore{EB28BED7-E992-43BC-A71F-3A6065392E9A}\RP260\A0105698.INF
[DETECTION] Contains recognition pattern of the VBS/IETitle.A VBS script virus
[NOTE] The file was deleted!

End of the scan: vendredi 5 septembre 2008 20:12
Used time: 1:37:09 Hour(s)

The scan has been done completely.

9838 Scanning directories
379616 Files were scanned
26 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
22 files were deleted
0 files were repaired
4 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
379587 Files not concerned
9420 Archives were scanned
6 Warnings
26 Notes

iomiom

Réponse 2 / 3

Utilisateur anonyme

C'est quoi tout ça ?! (ô_O) ........

Réponse 3 / 3

iomiom

et voici un rapport smitfradix

SmitFraudFix v2.346

Rapport fait à 21:56:45,75, 05/09/2008
Executé à partir de C:\Documents and Settings\JOJO\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe
C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\JOJO\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JOJO

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JOJO\Application Data

C:\Documents and Settings\JOJO\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Antivirus-2009.lnk PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\JOJO\MENUDM~1\PROGRA~1\Smart Antivirus 2009 PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JOJO\Favoris

C:\DOCUME~1\JOJO\Favoris\Online Security Test.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

C:\DOCUME~1\JOJO\Bureau\Smart Antivirus-2009.lnk PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Smart Antivirus 2009\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

[!] Suspicious: dgksvbpn.dll
SSODL: dgksvbpn - {CCF8FEC5-79D7-4156-88C0-858819DF5B78}

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="duxucw.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6504B7C2-5055-422C-90A9-81693EE1EE73}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6504B7C2-5055-422C-90A9-81693EE1EE73}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6504B7C2-5055-422C-90A9-81693EE1EE73}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport

Softonic,est-ce un virus ?

écrire un rapport de travail

virus Artemis!

Désinstaller Softonic

Besoin d'aide pour virus rapport antivir

3 réponses

Votre réponse

Discussions similaires

Newsletters