virus je ne m'en sors pas

Question

Bonjour,
j'ai beau change d'anti virus, elnlever avast et mis antivir, faire des scans et autres, mais il persiste, aidez moi, mon pc est long, il rame et en plus j'ai du mal a ouvrir mes pages internet explorer,je dois reactualiser a plusieurs reprises afin d'y acceder.

voici mon log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:24, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Karen DEPLANQUE\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.histoiredeperles.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWSeminder\fsc-reminder.exe 2453682 14
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar	oolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

jlpjlp · Answer

slt
internet explorer non a jour, java non a jour et adobe non a jour...


scan avec malwarebyte et colle le rapport:

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


puis colle un rapport avec antivir que tu as

mayelisse · Answer

voila le rapport
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1134
Windows 5.1.2600 Service Pack 2

14/10/2008 22:41:03
mbam-log-2008-10-14 (22-41-03).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 130933
Temps écoulé: 1 hour(s), 3 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

mayelisse · Answer

et avec antivir

Avira AntiVir Personal
Report file date: mardi 14 octobre 2008 20:21

Scanning for 1684294 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-EA6886167E1

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 08/10/2008 18:19:16
ANTIVIR3.VDF : 7.0.7.40 214016 Bytes 14/10/2008 18:19:21
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 14/10/2008 18:20:02
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 14/10/2008 18:19:59
AEPACK.DLL : 8.1.2.3 364918 Bytes 14/10/2008 18:19:51
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 14/10/2008 18:19:45
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 14/10/2008 18:19:44
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 14/10/2008 18:19:32
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 14/10/2008 18:19:28
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 14/10/2008 18:19:23
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 14 octobre 2008 20:21

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '1' Module(s) have been scanned
Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'realplay.exe' - '1' Module(s) have been scanned
Scan process 'opware32.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '67' files ).

Starting the file scan:

Begin scan in 'C:\' <435935>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\psp702fv.exe
[0] Archive type: CAB SFX (self extracting)
--> \instmsia.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: mardi 14 octobre 2008 21:16
Used time: 55:02 Minute(s)

The scan has been done completely.

6119 Scanning directories
393679 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
393676 Files not concerned
7511 Archives were scanned
8 Warnings
0 Notes

14.10.2008 20:17:30 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:17:30 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
14.10.2008 20:17:30 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\
14.10.2008 20:17:30 - Using System's global Proxy settings
14.10.2008 20:17:31 - Launching GUI... display mode: 0
14.10.2008 20:17:31 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
14.10.2008 20:17:31 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
14.10.2008 20:17:30 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:17:30 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
14.10.2008 20:17:30 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\
14.10.2008 20:17:30 - Using System's global Proxy settings
14.10.2008 20:17:31 - Launching GUI... display mode: 0
14.10.2008 20:17:31 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
14.10.2008 20:17:31 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
14.10.2008 20:17:32 - Avira AntiVir Personal - Free Antivirus
14.10.2008 20:17:34 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
14.10.2008 20:17:34 - Master IDX file has changed
14.10.2008 20:17:34 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/classic-nt-en.info.gz
14.10.2008 20:17:35 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
14.10.2008 20:17:35 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/vdf.info.gz
14.10.2008 20:17:36 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/specvir-nt.info.gz
14.10.2008 20:17:36 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/ave2.info.gz
14.10.2008 20:17:37 - Downloading the product.info file from http://dl5.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
14.10.2008 20:17:38 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
14.10.2008 20:17:39 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
14.10.2008 20:17:40 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
14.10.2008 20:17:40 - Module: COMMAPP Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
14.10.2008 20:17:40 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
14.10.2008 20:17:40 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
14.10.2008 20:17:41 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.0.7.12
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.0.7.40
14.10.2008 20:17:41 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
14.10.2008 20:17:41 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.1.8 < 8.1.1.11
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.35 < 8.1.0.36
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.47 < 8.1.0.59
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.21 < 8.1.0.25
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll 8.1.2.1 < 8.1.2.3
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.0.20 < 8.1.1.2
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.0.63 < 8.1.0.76
14.10.2008 20:17:41 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.1.1.19 < 8.1.1.35
14.10.2008 20:17:41 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
14.10.2008 20:17:41 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
14.10.2008 20:17:41 - Minifilter is installed
14.10.2008 20:17:41 - Minifilter is possible
14.10.2008 20:17:41 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
14.10.2008 20:17:41 - Initialize avnotify.exe
14.10.2008 20:17:41 - Starting avnotify.exe successful
14.10.2008 20:17:41 - Preparing to download files
14.10.2008 20:17:41 - 13 files need to be downloaded / copied from http://dl5.avgate.net/upd/
14.10.2008 20:17:41 - #1: Downloading and extracting http://dl5.avgate.net/upd/winwks/en/classic-nt/filelist.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\winwks\en\classic-nt/filelist.ini
14.10.2008 20:17:42 - #2: Downloading and extracting http://dl5.avgate.net/upd/winwks/en/classic-nt/product.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\winwks\en\classic-nt/product.ini
14.10.2008 20:17:42 - #3: Downloading and extracting http://dl5.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\vdf\antivir2.vdf
14.10.2008 20:19:16 - #4: Downloading and extracting http://dl5.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\vdf\antivir3.vdf
14.10.2008 20:19:21 - #5: Downloading and extracting http://dl5.avgate.net/upd/engine/nt/avrep.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\engine\nt\avrep.dll
14.10.2008 20:19:23 - #6: Downloading and extracting http://dl5.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aecore.dll
14.10.2008 20:19:28 - #7: Downloading and extracting http://dl5.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aegen.dll
14.10.2008 20:19:32 - #8: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeheur.dll
14.10.2008 20:19:44 - #9: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeoffice.dll
14.10.2008 20:19:45 - #10: Downloading and extracting http://dl5.avgate.net/upd/ave2/aepack.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aepack.dll
14.10.2008 20:19:51 - #11: Downloading and extracting http://dl5.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aerdl.dll
14.10.2008 20:19:59 - #12: Downloading and extracting http://dl5.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aescript.dll
14.10.2008 20:20:02 - #13: Downloading and extracting http://dl5.avgate.net/upd/ave2/aeset.dat.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeset.dat
14.10.2008 20:20:15 - Keyfile: OK [FULL Mode]
14.10.2008 20:20:15 - Status of service AntiVirService is running
14.10.2008 20:20:15 - Initialize avscan.exe
14.10.2008 20:20:15 - Initialize avcenter.exe
14.10.2008 20:20:15 - Initialize avgnt.exe
14.10.2008 20:20:15 - avscan.exe closed.
14.10.2008 20:20:16 - avgnt.exe closed.
14.10.2008 20:20:16 - Starting to install
14.10.2008 20:20:16 - File C:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini will not be backed up because it doesn't exist
14.10.2008 20:20:16 - File C:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini will not be backed up because it doesn't exist
14.10.2008 20:20:16 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:20:16 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\winwks\en\classic-nt/filelist.ini to C:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini
14.10.2008 20:20:16 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\winwks\en\classic-nt/product.ini to C:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini
14.10.2008 20:20:16 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir2.vdf
14.10.2008 20:20:16 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir3.vdf
14.10.2008 20:20:16 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:20:17 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\vdf\antivir2.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf
14.10.2008 20:20:17 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\vdf\antivir3.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\avrep.dll
14.10.2008 20:20:17 - Processing module AVREP_NT Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:20:17 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\engine\nt\avrep.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aecore.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aegen.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeheur.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeoffice.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aepack.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aerdl.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescript.dll
14.10.2008 20:20:17 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeset.dat
14.10.2008 20:20:17 - Processing module AVE2 Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
14.10.2008 20:20:18 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aecore.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
14.10.2008 20:20:19 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aegen.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
14.10.2008 20:20:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeheur.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
14.10.2008 20:20:21 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeoffice.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
14.10.2008 20:20:22 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aepack.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll
14.10.2008 20:20:23 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aerdl.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll
14.10.2008 20:20:24 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aescript.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
14.10.2008 20:20:24 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48f4e236\ave2\aeset.dat to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat
14.10.2008 20:20:24 - A total of 13 files were updated
14.10.2008 20:20:24 - Initialize AVWSC.EXE
14.10.2008 20:20:24 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
14.10.2008 20:20:24 - Status of service AntiVirService is running
14.10.2008 20:20:29 - Reinitialization of AntiVirService carried out successfully.
14.10.2008 20:20:29 - Starting avgnt.exe successful
14.10.2008 20:20:29 - Dialup: 0
14.10.2008 20:20:29 - Downloaded bytes: 5796504
14.10.2008 20:20:29 - Downloaded file(s): 13
14.10.2008 20:20:29 - Downloaded file(s): filelist.ini; product.ini; antivir2.vdf; antivir3.vdf; avrep.dll; aecore.dll; aegen.dll; aeheur.dll; aeoffice.dll; aepack.dll
14.10.2008 20:20:29 - Downloaded file(s): aerdl.dll; aescript.dll; aeset.dat
14.10.2008 20:20:29 - Required time: 03:03
14.10.2008 20:20:29 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate
14.10.2008 20:20:36 - Update finished successfully

mayelisse · Answer

quelqu'un pour m'aider, j'en suis tjrs au meme point

yvon · Answer

bonjour
appuie sur la touche windows et r en meme temps, dans la fenetre tape MRT et suis les instructions

mayelisse · Answer

je comprends pas j'arrive ds executer c ca?

jlpjlp · Answer

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

mayelisse · Answer

ca y est c fait il a trouve 1 virus mais j'ai tjrs le meme pbm qd meme ;o( IE et firefox ne fontionne pas correctement, ca me met impossivle d'ouvrir la page, il ft que je reactualise plusieurs fois pr q ca marche

jlpjlp · Answer

quel virus? le rapport combofix?

mayelisse · Answer

voila le dernier rapport
ComboFix 08-10-14.07 - Karen DEPLANQUE 2008-10-15 10:31:29.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.147 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Karen DEPLANQUE\Bureau\killbagle.exe

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-09-15 au 2008-10-15 ))))))))))))))))))))))))))))))))))))
.

2008-10-15 07:47 . 2008-10-15 07:47 <REP> d-------- C:\Program Files\Sun
2008-10-15 07:47 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-10-14 20:16 . 2008-10-14 20:16 <REP> d-------- C:\Program Files\Avira
2008-10-14 20:16 . 2008-10-14 20:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-14 16:38 . 2008-10-14 21:32 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-14 16:38 . 2008-10-14 16:38 <REP> d-------- C:\Documents and Settings\Karen DEPLANQUE\Application Data\Malwarebytes
2008-10-14 16:38 . 2008-10-14 16:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-14 16:38 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-14 16:38 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-14 13:15 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-10-14 13:15 . 2004-08-04 00:55 91,648 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2008-10-14 13:15 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2008-10-14 13:15 . 2004-08-04 00:55 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2008-10-14 13:15 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-10-14 13:15 . 2004-08-04 00:54 54,784 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-10-14 13:15 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2008-10-14 13:15 . 2004-08-04 00:55 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2008-10-14 13:15 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
2008-10-14 13:15 . 2004-08-04 00:55 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax
2008-10-14 09:51 . 2008-10-14 09:59 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
2008-10-14 09:51 . 2005-04-27 16:36 245,408 --a------ C:\WINDOWS\system32\unicows.dll
2008-10-14 09:41 . 2008-10-14 09:41 <REP> d-------- C:\Documents and Settings\Karen DEPLANQUE\Application Data\InstallShield
2008-10-14 09:41 . 2007-06-29 16:32 611,584 --a------ C:\WINDOWS\system32\drivers\PFC027.SYS
2008-10-14 09:41 . 2007-05-17 15:50 129,024 --a------ C:\WINDOWS\system32\SP207.AX
2008-10-14 09:41 . 2006-11-20 09:04 6,656 --a------ C:\WINDOWS\system32\CoInst_070629.dll
2008-10-14 09:41 . 2007-06-29 11:07 566 --a------ C:\WINDOWS\system32\SP207.INI
2008-10-13 22:47 . 2008-02-29 11:09 265,948 --a--c--- C:\WINDOWS\system32\OLD8.tmp
2008-10-13 22:47 . 2006-12-29 20:08 23,044 --a--c--- C:\WINDOWS\system32\OLDB.tmp
2008-10-06 22:35 . 2008-07-18 22:09 29,896 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-10-04 16:05 . 2008-10-04 16:05 <REP> dr------- C:\Documents and Settings\LocalService\Mes documents
2008-10-04 16:04 . 2008-10-04 16:04 <REP> d-------- C:\WINDOWS\PixArt
2008-10-04 15:48 . 2008-10-14 09:41 <REP> d-------- C:\Program Files\Webcam 1200

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 05:47 --------- d-----w C:\Program Files\Java
2008-10-14 07:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-14 07:51 --------- d-----w C:\Program Files\ArcSoft
2008-08-21 12:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-06-04 20:06 3,734 -c--a-w C:\Documents and Settings\Karen DEPLANQUE\Application Data\wklnhst.dat
2006-03-07 17:36 2,855,080 -c--a-w C:\Program Files\aawsepersonal.exe
2006-02-23 14:07 2,386,722 -c--a-w C:\Program Files\FileZilla_Server-0.9.12c.exe
2006-02-04 11:04 4,677,596 -c--a-w C:\Program Files\eMule0.47a-Installer.exe
2005-12-02 17:47 18,717,124 -c--a-w C:\Program Files\psp702fv.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-14 57344]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-07 98304]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-11-07 26112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"ArcSoft Connection Service"="C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-18 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-08-14 57344]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2003-11-04 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 PAC207;Webcam 1200;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

*Newly Created Service* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Karen DEPLANQUE\Application Data\Mozilla\Firefox\Profiles\mg8y2mko.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 10:33:44
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-15 10:37:17
ComboFix-quarantined-files.txt 2008-10-15 08:36:49
ComboFix2.txt 2008-10-15 06:11:21

Avant-CF: 166 821 646 336 octets libres
Après-CF: 166,825,263,104 octets libres

128 --- E O F --- 2008-07-09 14:44:46

mayelisse · Answer

a mon scan d'hier, il avait trouve un fichiers infectes, j'ai suupose que c'etait le troyen trouve avec hijackthis hier car ce matin, celui ci n'apparait pas ds le scan d'hijackthis

jlpjlp · Answer

met a jour internet explorer:


https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html


______________


encore des soucis? explique

mayelisse · Answer

et ensuite comment dois je supprimer le IE6?

jlpjlp · Answer

il s'en occupe tout seul. internet explorer 6 reste en memoire pour revenir en arrière au cas où...

mayelisse · Answer

ah ben heureusement qu'il y a un au cas ou...voila une heure, que je patauge, pu d'acces a internet, pu possibilite d'imprimer car mon imprimante n'est pas compatible, voila pourquoi je l'avais pas telecharger qd il est sortit, donc je suis revenue IE6
ca rame encore avec ce probleme que je connais depuis 3/4 jouirs, je sais pas quoi faire

jlpjlp · Answer

restaure ton ordi avant le plantage pour voir:

http://www.infoprat.net/astuces/windows2k_xp/astuces/divers_004.php

Virus je ne m'en sors pas

16 réponses

Votre réponse

Discussions similaires

Newsletters