Virus Antivirus 2009

Résolu
Safius -  
Safius Messages postés 188 Statut Membre -
Bonjour,

En tappant sur Google "Virus antivirus 2009", j'ai vu plusieurs liens vers ce site où des personnes ont eu exactement le même problème que moi. En voulant répondre à un de ces topics il m'a été conseillé de créer mon propre sujet sur la question. C'est donc ce que je fais ...

Depuis quelques jours, j'ai en permanance des fenêtres me poussant à installer "antivirus2009" et un nombre impressionnant de pub. Déjà auparavant j'avais quelques pub CiD mais là c'est puissance 1000 ! Je suppose que c'est lié au virus antivirus 2009. J'ai fais un scanner avec avast qui m'a trouvé des virus mais n'a pas supprimé celui là.
Sur un autre forum, j'ai vu qu'on pouvait faire une sorte de rapport et qu'on pouvait m'aider sur ce site. J'espère vraiment que vous trouverez la solution.

Merci d'avance.
Voici le rapport avec HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:06:04, on 11/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\system32\ieexplorer32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\HAD\PTW.EXE
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Em\Bureau\Coucou.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=FRE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:\WINDOWS\system32\winsrc.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {D9EEC67F-E979-4394-AF25-98DBC5EA7BBB} - C:\WINDOWS\system32\nnnkKEXR.dll
O2 - BHO: {a7fde89a-0048-6dd8-1554-87246f95121e} - {e12159f6-4278-4551-8dd6-8400a98edf7a} - C:\WINDOWS\system32\gtguzx.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [c4e3fe58] rundll32.exe "C:\WINDOWS\system32\cvnvsmfc.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [E06FDXRC_208828] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [27394083751167013977194930702190] C:\Program Files\Antivirus 2009\av2009.exe
O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieexplorer32.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: Prayer.lnk = C:\HAD\PTW.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer l'image vers la bibliothèque - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: gtguzx.dll
O20 - Winlogon Notify: nnnkKEXR - C:\WINDOWS\SYSTEM32\nnnkKEXR.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:

179 réponses

Précédent
Réponse 141 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bon ... passes à la suite et postes moi le rapport demandé une fois terminé ... ;)
0
Réponse 142 / 179
Safius Messages postés 188 Statut Membre 2
 
Oh! Jsuis bête j'avais pas supprimer l'ancienne version mais j'ai oublié d'installer la nouvelle de Java -_- Donc c'est bon j'ai tout fait, pour Adobe Reader aussi =)
Par contre mon ordi s'est encore mis en écran bleu ... ça jcrois qu'on y peut rien ^^

Voici le rapport HiJack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:45, on 19/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=FRE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [E06FDXRC_208828] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: Prayer.lnk = C:\HAD\PTW.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer l'image vers la bibliothèque - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 143 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Très bien ...


maintenant , avant de passer à la fase finale .... ton antivirus ! ...


Avast est HS apparemment ( plus présent au démarrage ... ) ... je te propose de changer pour un Antivirus plus légé et plus performant ( gratuit aussi ) ...

si cela te dis , je te donne la procédure pour faire le changement ... ;)


Dis moi ...
0
Réponse 144 / 179
Safius Messages postés 188 Statut Membre 2
 
Bah s'il est plus performant, j'dis pas non ^^
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 145 / 179
Safius Messages postés 188 Statut Membre 2
 
Je n'arrive pas à me mettre en mode sans échec. Il me demande un mot de passe pour ouvrir le compte Administrateur, mais je n'ai pas ce mot de passe. Quand je vais dans panneau de configuration et comptes utilisateurs, il n'y a pas non plus le compte Administrateur.
Je fais comment ? :/ Il ne me demande que le compte Administrateur et pas de compte habituel...
0
Réponse 146 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
rrrr , ces pc piratés ....


lances le scan en mode normal ....
0
Réponse 147 / 179
Safius Messages postés 188 Statut Membre 2
 
Donc je peux pas désinstaller Avast ? (J'en suis encore à ce stade en fait...)
0
Réponse 148 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
c'est vrai ... ^^

pour le mot de passe , possible qu'il n'y en est pas en fait ... clique directement sur Ok sans rien rentrer pour voir et dis moi ....
0
Réponse 149 / 179
Safius Messages postés 188 Statut Membre 2
 
C'est ce que j'avais essayé en premier et non ça ne marche pas ...
0
Réponse 150 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Essayes ce-ci d'abors pour réparer le mode sans échec :
Cliques droit sur ce lien :
http://www.malekal.com/download/SafeBoot.reg
Et choisis " enregistrer la cible sous " afin de télécharger "SafeBoot.reg" sur ton Bureau .
Doubles cliques sur ce .reg et acceptes la fusion avec le registre .


ensuite re-tentes le coup et dis moi ...
0
Réponse 151 / 179
Safius Messages postés 188 Statut Membre 2
 
Toujours pareil =s
0
Réponse 152 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
tant pis ...


fais la désinstalle en mode normal en désactivant Avast avant !


ensuite poursuit la manipe et fais le scan avec AntiVir en mode normal aussi ...

0
Réponse 153 / 179
Safius Messages postés 188 Statut Membre 2
 
J'ai desactivé Avast avant et la desinstallation ne marche pas... Message d'erreur.
0
Réponse 154 / 179
Utilisateur anonyme
 
salut ske et safuis...
apparemment ca devient une
histoire d amour....
merci encore ske 69 d avoir pris la suite...
courage safius.....
bien a vous 2...
a+
0
Réponse 155 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
grrrrrr... essayes de réparer le mode sans échec ainsi :

Télécharges ceci :
https://download.bleepingcomputer.com/sUBs/SafeBootKeyRepair.exe

double clique dessus ( cela répare la clé safeboot qui gère le mode sans echec ).



puis retentes le coup ....
0
Réponse 156 / 179
Safius Messages postés 188 Statut Membre 2
 
Toujours pareil ...
0
Réponse 157 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Quelle merde ces Windows piraté ....


Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau.

http://oldtimer.geekstogo.com/OTMoveIt3.exe

! Déconnectes toi et fermes toute tes applications en cours !

Double cliques sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copies ce qui se trouve en citation ci-dessous, 


:Processes
explorer.exe

:Services
avast! Antivirus
avast! Mail Scanner
avast! Web Scanner
avast! iAVS4 Control Service

:Reg

:Files
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 
C:\Program Files\Alwil Software\Avast4\ashServ.exe 
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Alwil Software

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]



et colles le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)

-> cliques sur MoveIt! pour lancer la suppression.
-> laisses travailler l'outil ...

( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)

-> une fois finis , un petite fenêtre s'ouvre : cliques sur " Yes " .

Ton PC va redémarrer de lui même ...

-->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).

0
Réponse 158 / 179
Safius Messages postés 188 Statut Membre 2
 
Voilà le rapport =) :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service avast! Antivirus .
Service avast! Mail Scanner stopped successfully.
Service avast! Mail Scanner deleted successfully.
Service avast! Web Scanner stopped successfully.
Service avast! Web Scanner deleted successfully.
Unable to stop service avast! iAVS4 Control Service .
========== REGISTRY ==========
========== FILES ==========
File move failed. C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashServ.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashWebSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashDisp.exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HtmlData scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HELP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\report scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\moved scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\log scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\journal scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\integ scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\chest scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\backup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software scheduled to be moved on reboot.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_138.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2b4.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11192008_222128

Files moved on Reboot...
File move failed. C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashServ.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashWebSv.exe scheduled to be moved on reboot.
File move failed. C:\Program Files\Alwil Software\Avast4\ashDisp.exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HtmlData scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HELP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HtmlData scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HELP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\report scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\moved scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\log scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\journal scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\integ scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\chest scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\backup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\report scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\moved scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\log scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\journal scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\integ scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\chest scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\backup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HtmlData scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HELP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\report scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\moved scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\log scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\journal scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\integ scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\chest scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\backup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup\INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\Setup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HtmlData scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH\HELP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\FRENCH scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\report scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\moved scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\log scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\journal scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\integ scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\chest scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA\backup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4\DATA scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software\Avast4 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Alwil Software scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_138.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_2b4.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat moved successfully.
0
Réponse 159 / 179
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bien ... maintenant retentes une désinstalles en mode normal avec le petit utilitaire ...
0
Réponse 160 / 179
hva76 Messages postés 87 Statut Membre 1
 
Bonsoir , désolé pour le flood , il me semble que tu es un des plus competent ici , j'ai posté mon lien , si tu pouvais traité mon probleme ou le faire traité par des collegue a toi competent j'en serait ravi.


Bon travail.
0

Discussions similaires

télécharger et installer encarta junior
98653773 -
1 -

3 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Telecharger encarta junior 2015 Gratuit en Francais
Chairman -
Weuz -

2 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse