Gros soucis sécurité
Fermé
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
-
1 oct. 2008 à 20:15
raptor789 Messages postés 757 Date d'inscription vendredi 13 juin 2008 Statut Membre Dernière intervention 25 novembre 2008 - 1 oct. 2008 à 21:32
raptor789 Messages postés 757 Date d'inscription vendredi 13 juin 2008 Statut Membre Dernière intervention 25 novembre 2008 - 1 oct. 2008 à 21:32
A voir également:
- Gros soucis sécurité
- Mode securite - Guide
- Url masquée pour votre securite - Guide
- Désactiver sécurité windows - Guide
- La clé de sécurité réseau est incorrecte ✓ - Forum WiFi
- Email masqué pour votre sécurité - Forum Vos droits sur internet
6 réponses
bonjour je lu ton message commanse par demare en mode sens echec avec prise an charge reseau
puis ouvre puit fe un netoyage de disque
allor ouvre internet exploreur tu tappe l'adresse suivante bitdefender.fr
en suite fe une analise en temps reel c marque scan online
et appres je te dire la suite
c tres long a faire
puis ouvre puit fe un netoyage de disque
allor ouvre internet exploreur tu tappe l'adresse suivante bitdefender.fr
en suite fe une analise en temps reel c marque scan online
et appres je te dire la suite
c tres long a faire
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
25
1 oct. 2008 à 20:17
1 oct. 2008 à 20:17
voici mon rapport hijackthis, aidez moi s'il vous plaît !!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:26, on 01/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\online armor\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\a squared free\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\online armor\Online Armor\oaui.exe
C:\Firefox3\firefox.exe
F:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\online armor\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1757981266-179605362-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Au quotidien')
O4 - S-1-5-21-1757981266-179605362-1801674531-1005 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Au quotidien')
O4 - S-1-5-21-1757981266-179605362-1801674531-1005 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Au quotidien')
O4 - S-1-5-18 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\a squared free\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\online armor\Online Armor\oasrv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:26, on 01/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\online armor\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\a squared free\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\online armor\Online Armor\oaui.exe
C:\Firefox3\firefox.exe
F:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\online armor\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1757981266-179605362-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Au quotidien')
O4 - S-1-5-21-1757981266-179605362-1801674531-1005 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Au quotidien')
O4 - S-1-5-21-1757981266-179605362-1801674531-1005 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Au quotidien')
O4 - S-1-5-18 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\spybot\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\a squared free\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\online armor\Online Armor\oasrv.exe
chefpunky
Messages postés
673
Date d'inscription
mercredi 21 mai 2008
Statut
Membre
Dernière intervention
1 décembre 2011
31
1 oct. 2008 à 20:21
1 oct. 2008 à 20:21
Salut,
Essaie de passer t scan en mode sans echec:
COMMENT UTILISER DE LE MODE SANS ECHEC-A IMPRIMER:
-redemarre ton pc
-dès que le chargement du bios"c' est dire toute les ecritures blanches dans le fond noir" appuis simultanement sur la touche F8.
-a l' aide des fleches selectionne "mode sans echec"
-Ensuite passe t scan en enregistrant les log pour pouvoir les envoyé sur se forum.
Essaie de passer t scan en mode sans echec:
COMMENT UTILISER DE LE MODE SANS ECHEC-A IMPRIMER:
-redemarre ton pc
-dès que le chargement du bios"c' est dire toute les ecritures blanches dans le fond noir" appuis simultanement sur la touche F8.
-a l' aide des fleches selectionne "mode sans echec"
-Ensuite passe t scan en enregistrant les log pour pouvoir les envoyé sur se forum.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
25
1 oct. 2008 à 20:30
1 oct. 2008 à 20:30
bonsoir à tous,
je vais déjà essayer de lancer les programmes en mmode sans echec puis je ferais un scan bitdefender cette nuit. je vous posterais le rapport demain matin je pense.
je vais déjà essayer de lancer les programmes en mmode sans echec puis je ferais un scan bitdefender cette nuit. je vous posterais le rapport demain matin je pense.
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
25
1 oct. 2008 à 21:32
1 oct. 2008 à 21:32
antivir marche maintenant, c'était juste un problème de configuration avec mon pare-feu online armor, maintenant ça marche et j'ai fais un scan.
antivir m'a détecté un "warning", je ne sais pas si c'est un virus ou si c'est juste un truc qu'il n'arrive pas à lire mais voici le rapport :
Avira AntiVir Personal
Report file date: Wednesday, October 01, 2008 20:44
Scanning for 1649801 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NEWTON
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 9/26/2008 17:21:14
ANTIVIR3.VDF : 7.0.6.225 64512 Bytes 9/29/2008 17:21:14
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 9/24/2008 13:36:29
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 9/24/2008 13:36:28
AEPACK.DLL : 8.1.2.3 364918 Bytes 9/24/2008 13:36:27
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 9/24/2008 13:36:25
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 9/24/2008 13:36:23
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 9/2/2008 17:04:36
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 9/3/2008 17:02:38
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 9/2/2008 17:04:35
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: Wednesday, October 01, 2008 20:44
Starting search for hidden objects.
'26212' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'inetinfo.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
28 processes with 28 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '55' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Au quotidien\Local Settings\Temp\G4w4d2Sx.exe.part
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '495ac649.qua'!
C:\WINDOWS\system32\kernel32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntdll.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntkrnlpa.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntoskrnl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\user32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\win32k.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\ndisrd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OADriver.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OAmon.sys
[WARNING] The file could not be opened!
End of the scan: Wednesday, October 01, 2008 21:25
Used time: 40:51 Minute(s)
The scan has been done completely.
2755 Scanning directories
252997 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
10 Files cannot be scanned
252985 Files not concerned
3204 Archives were scanned
10 Warnings
1 Notes
26212 Objects were scanned with rootkit scan
0 Hidden objects were found
et pour malwarebytes ça ne marche toujours pas...je vais faire un scan avec bitdenfender en ligne et je vous recontacterai demain...
antivir m'a détecté un "warning", je ne sais pas si c'est un virus ou si c'est juste un truc qu'il n'arrive pas à lire mais voici le rapport :
Avira AntiVir Personal
Report file date: Wednesday, October 01, 2008 20:44
Scanning for 1649801 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NEWTON
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 9/26/2008 17:21:14
ANTIVIR3.VDF : 7.0.6.225 64512 Bytes 9/29/2008 17:21:14
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 9/24/2008 13:36:29
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 9/24/2008 13:36:28
AEPACK.DLL : 8.1.2.3 364918 Bytes 9/24/2008 13:36:27
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 9/24/2008 13:36:25
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 9/24/2008 13:36:23
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 9/2/2008 17:04:36
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 9/3/2008 17:02:38
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 9/2/2008 17:04:35
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: Wednesday, October 01, 2008 20:44
Starting search for hidden objects.
'26212' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'inetinfo.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
28 processes with 28 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '55' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Au quotidien\Local Settings\Temp\G4w4d2Sx.exe.part
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '495ac649.qua'!
C:\WINDOWS\system32\kernel32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntdll.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntkrnlpa.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ntoskrnl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\user32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\win32k.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\ndisrd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OADriver.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OAmon.sys
[WARNING] The file could not be opened!
End of the scan: Wednesday, October 01, 2008 21:25
Used time: 40:51 Minute(s)
The scan has been done completely.
2755 Scanning directories
252997 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
10 Files cannot be scanned
252985 Files not concerned
3204 Archives were scanned
10 Warnings
1 Notes
26212 Objects were scanned with rootkit scan
0 Hidden objects were found
et pour malwarebytes ça ne marche toujours pas...je vais faire un scan avec bitdenfender en ligne et je vous recontacterai demain...
