Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Infection par cheval de Troie ALUREON

Alesssandra
 Partager

Messages recommandés

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

C'est mieux comme ça :P

 

Vu l'heure, je vais te laisser des instructions pour faire certaines choses quand tu auras le temps.

 

Désinstalle ComboFix de la manière suivante:

 

Clique sur Démarrer > Exécuter et copie/colle le texte en gras ci-dessous dans la zone de saisie Ouvrir puis cliquer sur OK

 

ComboFix /Uninstall

 

Supprimer les dossiers c:\Qoobox et c:\ComboFix s'ils étaient encore présents sur le C:\

Vider la corbeille.

 

---------------------------------------

Si la console de récupération est installée sur XP, Windows ne laisse que très peu de temps pour choisir de démarrer sur le système ou sur la console. (2 secondes par défaut). C'est très court pour réagir.

 

Pour allonger un peu ce temps de réaction, allez dans le panneau de configuration, double-cliquez sur Système puis cliquez sur Avancé/Propriétés système. Cliquer sur Démarrage et récupération/paramètres.

 

Changer la valeur indiquée à "Afficher la liste des systèmes d'exploitation pendant x secondes": augmentez à 8 secondes.

 

img-2151245pvlz.jpg

 

Cliquez alors sur "Modifier".

 

:att: Le fichier boot.ini va s'ouvrir en forme de fichier texte.

 

N'y touchez pas, fermez la fenêtre en cliquant sur la croix en haut à droite.

 

Cliquez ensuite sur /ok/appliquer/ok.

 

Vous disposerez désormais de 8 secondes à chaque boot du pc pour choisir de démarrer soit sur la console de récupération soit sur le système.

 

Si vous ne touchez à rien pendant ce laps de temps, Windows bootera sur le système.

 

Et si vous souhaitez démarrer de suite sur le système, interrompez le décompte en pressant la touche Enter du clavier.

 

---------------------------------

Je te conseille de désinstaller Microsoft Security Essential et de le remplacer:

 

Je pense qu'il serait mieux protégé avec Antivir.

 

Antivir est un antivirus gratuit, efficace et léger, maintenant en français, dont les mises à jour sont quotidiennes et les nouvelles menaces sont rapidement intégrées dans sa base virale. (D'où la meilleure protection).

 

PS: Quand un fichier infecté est détecté par Antivir, une fenêtre semblable à celle-ci s'ouvre:

 

Avira-Francais-037.jpg

 

Antivir te demande ce qu'il doit faire du fichier infecté.

Choisis Déplacer en quarantaine puis clique sur OK.

 

Tu peux automatiser ce type d'action en cochant une case), comme ci dessous :

 

img-221315ynxxt.jpg

Cela permet de ne pas rester à la surveiller.:P

 

Mets-le à jour puis lance une analyse complète.

Poste le rapport obtenu stp.

 

@++ :P

  • Upvote 1

Alesssandra Member

Alesssandra

Posté(e)
  • Auteur
Posté(e)

OK, merci.

Oui il est tard, je commence a avoir des failles, t'as remarque!

Bonne nuit et encore merci

A + tard

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonne nuit et à demain.

 

Il y aura encore quelques bricoles à faire :P

 

Mais tu as pas mal de pain sur la planche déjà.

 

+++

Alesssandra Member

Alesssandra

Posté(e)
  • Auteur
Posté(e)

Salut!

Je suis de retour!

Alors j'ai telecharge antivr et desinstalle microsoft security essentials.

Voici le rapport de antivir

 

 

 

 

Avira AntiVir Personal

Report file date: 25 May 2010 19:28

 

Scanning for 2158107 virus strains and unwanted programs.

 

The program is running as an unrestricted full version.

Online services are available:

 

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : Me

Computer name : 6910P

 

Version information:

BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00

AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38

AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04

LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36

VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49

VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42

VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42

VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03

VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51

VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51

VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51

VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51

VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51

VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51

VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51

VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51

VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51

VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52

VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52

VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53

VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53

VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54

VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54

VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55

VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55

VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56

VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57

VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57

VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58

VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58

VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58

VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59

VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59

VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59

VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59

Engineversion : 8.2.1.242

AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10

AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10

AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07

AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10

AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06

AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51

AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05

AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05

AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25

AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02

AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01

AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00

AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00

AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38

AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35

AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40

AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46

AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51

AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30

SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58

AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56

NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20

RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29

 

Configuration settings for the scan:

Jobname.............................: Short system scan after installation

Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: off

Integrity checking of system files..: off

Scan all files......................: Intelligent file selection

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

 

Start of the scan: 25 May 2010 19:28

 

The scan of running processes will be started

Scan process 'MsiExec.exe' - '1' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'rsmsink.exe' - '1' Module(s) have been scanned

Scan process 'msdtc.exe' - '1' Module(s) have been scanned

Scan process 'setup.exe' - '1' Module(s) have been scanned

Scan process 'dllhost.exe' - '1' Module(s) have been scanned

Scan process 'dllhost.exe' - '1' Module(s) have been scanned

Scan process 'vssvc.exe' - '1' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'wuauclt.exe' - '1' Module(s) have been scanned

Scan process 'rundll32.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'avconfig.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'avshadow.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'setup.exe' - '1' Module(s) have been scanned

Scan process 'msiexec.exe' - '1' Module(s) have been scanned

Scan process 'presetup.exe' - '1' Module(s) have been scanned

Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned

Scan process 'wscntfy.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'alg.exe' - '1' Module(s) have been scanned

Scan process 'iPodService.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'RichVideo.exe' - '1' Module(s) have been scanned

Scan process 'mdm.exe' - '1' Module(s) have been scanned

Scan process 'jqs.exe' - '1' Module(s) have been scanned

Scan process 'btwdins.exe' - '1' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'BTSTAC~1.EXE' - '1' Module(s) have been scanned

Scan process 'Dropbox.exe' - '1' Module(s) have been scanned

Scan process 'BTTray.exe' - '1' Module(s) have been scanned

Scan process 'ctfmon.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'ClockTraySkins.exe' - '1' Module(s) have been scanned

Module is OK -> <C:\Program Files\Clock Tray Skins\ClockTraySkins.exe>

[WARNING] The file could not be opened!

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned

Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned

Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned

Scan process 'igfxpers.exe' - '1' Module(s) have been scanned

Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned

Scan process 'hkcmd.exe' - '1' Module(s) have been scanned

Scan process 'Explorer.EXE' - '1' Module(s) have been scanned

Scan process 'SCardSvr.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

 

Start scanning boot sectors:

 

Starting to scan executable files (registry).

The registry was scanned ( '1613' files ).

 

 

 

End of the scan: 25 May 2010 19:29

Used time: 00:51 Minute(s)

 

The scan has been done completely.

 

0 Scanned directories

2647 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

1 Files cannot be scanned

2646 Files not concerned

6 Archives were scanned

1 Warnings

0 Notes

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir Alessandra.

 

Comment vas-tu?

 

Ceci est l'analyse rapide d'après installation; il va te falloir faire l'analyse complète du pc :P

 

Poste ensuite le rapport siouplé.

 

@++ :P

  • Upvote 1
Alesssandra Member

Alesssandra

Posté(e)
  • Auteur
Posté(e)

Hey salut Apollo!

 

Ca va super bien, il a fait beau et chaud ce weekend :P (j'habite a Londres).

 

Et toi ca va?

 

Ok, je vais lancer le scan.

 

Il a pas de parefeu antivir? Je dois utiliser celui de microsoft, c'est ca?

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Londres? pas mal mais si je pouvais, je choisirais l'Irlande ou l'Ecosse pour leurs belles régions vertes et sauvages.

 

Le firewall XP n'est qu'un "demi"; il ne filtre que les entrées.

 

Il vaut mieux en installer un tiers.

 

Exemple: très facile à utiliser, surtout avec un tuto.

 

Kerio

http://www.vista-xp.fr/forum/post80.html#80

Tuto: http://www.malekal.com/kerio_firewall.html

 

Avira a une suite complète mais elle est payante, mais s'il fallait débourser ce serait mieux Kaspersky Internet Security ou Kaspersky Pure. Le nec plus ultra mais tout en restant prudente quand-même (pas de P2P et encore moins de cracks).

 

Pour un antispam gratos, voir ma signature. Il est très bon.

 

@++

  • Upvote 1
Alesssandra Member

Alesssandra

Posté(e)
  • Auteur
Posté(e)

Oui l'Irlande et l'Ecosse mais le temps est encore pire qu'ici, je suis alle en Irlande, le ciel n'est jamais bleu, il passe par toutes les nuances de gris possibles et imaginables, mais pas de gris, c'est frustrant...

 

Apparemment y'a encore des trucs louches sur mon ordi...

 

Rapport de antivir

 

 

 

Avira AntiVir Personal

Report file date: 25 May 2010 20:14

 

Scanning for 2158107 virus strains and unwanted programs.

 

The program is running as an unrestricted full version.

Online services are available:

 

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : 6910P

 

Version information:

BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00

AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38

AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04

LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36

VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49

VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42

VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42

VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03

VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51

VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51

VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51

VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51

VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51

VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51

VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51

VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51

VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51

VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52

VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52

VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53

VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53

VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54

VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54

VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55

VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55

VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56

VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57

VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57

VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58

VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58

VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58

VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59

VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59

VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59

VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59

Engineversion : 8.2.1.242

AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10

AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10

AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07

AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10

AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06

AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51

AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05

AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05

AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25

AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02

AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01

AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00

AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00

AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38

AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35

AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40

AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46

AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51

AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30

SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58

AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56

NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20

RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29

 

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Extended process scan...............: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

 

Start of the scan: 25 May 2010 20:14

 

Starting search for hidden objects.

 

The scan of running processes will be started

Scan process 'bfgclient.exe' - '94' Module(s) have been scanned

Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned

Scan process 'dllhost.exe' - '45' Module(s) have been scanned

Scan process 'vssvc.exe' - '48' Module(s) have been scanned

Scan process 'avscan.exe' - '70' Module(s) have been scanned

Scan process 'avcenter.exe' - '63' Module(s) have been scanned

Scan process 'iexplore.exe' - '157' Module(s) have been scanned

Scan process 'bfggameservices.exe' - '38' Module(s) have been scanned

Scan process 'wuauclt.exe' - '38' Module(s) have been scanned

Scan process 'msdtc.exe' - '40' Module(s) have been scanned

Scan process 'dllhost.exe' - '61' Module(s) have been scanned

Scan process 'avgnt.exe' - '51' Module(s) have been scanned

Scan process 'sched.exe' - '46' Module(s) have been scanned

Scan process 'avshadow.exe' - '26' Module(s) have been scanned

Scan process 'avguard.exe' - '56' Module(s) have been scanned

Scan process 'svchost.exe' - '34' Module(s) have been scanned

Scan process 'alg.exe' - '33' Module(s) have been scanned

Scan process 'iPodService.exe' - '30' Module(s) have been scanned

Scan process 'svchost.exe' - '39' Module(s) have been scanned

Scan process 'RichVideo.exe' - '22' Module(s) have been scanned

Scan process 'mdm.exe' - '21' Module(s) have been scanned

Scan process 'jqs.exe' - '33' Module(s) have been scanned

Scan process 'btwdins.exe' - '21' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned

Scan process 'svchost.exe' - '34' Module(s) have been scanned

Scan process 'BTSTAC~1.EXE' - '49' Module(s) have been scanned

Scan process 'Dropbox.exe' - '54' Module(s) have been scanned

Scan process 'BTTray.exe' - '51' Module(s) have been scanned

Scan process 'ctfmon.exe' - '27' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '82' Module(s) have been scanned

Scan process 'ClockTraySkins.exe' - '44' Module(s) have been scanned

Scan process 'jusched.exe' - '21' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '70' Module(s) have been scanned

Scan process 'SynTPEnh.exe' - '28' Module(s) have been scanned

Scan process 'smax4pnp.exe' - '35' Module(s) have been scanned

Scan process 'igfxpers.exe' - '29' Module(s) have been scanned

Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned

Scan process 'hkcmd.exe' - '28' Module(s) have been scanned

Scan process 'Explorer.EXE' - '142' Module(s) have been scanned

Scan process 'SCardSvr.exe' - '23' Module(s) have been scanned

Scan process 'spoolsv.exe' - '63' Module(s) have been scanned

Scan process 'svchost.exe' - '40' Module(s) have been scanned

Scan process 'svchost.exe' - '32' Module(s) have been scanned

Scan process 'svchost.exe' - '176' Module(s) have been scanned

Scan process 'svchost.exe' - '39' Module(s) have been scanned

Scan process 'svchost.exe' - '53' Module(s) have been scanned

Scan process 'lsass.exe' - '58' Module(s) have been scanned

Scan process 'services.exe' - '36' Module(s) have been scanned

Scan process 'winlogon.exe' - '75' Module(s) have been scanned

Scan process 'csrss.exe' - '12' Module(s) have been scanned

Scan process 'smss.exe' - '2' Module(s) have been scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan executable files (registry).

The registry was scanned ( '1613' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\'

C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20100525-192716-C4AB6C79\ARKC1.tmp

[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan

C:\Documents and Settings\Me\Application Data\Sun\Java\Deployment\cache\6.0\33\30feb821-7006d98b

[0] Archive type: ZIP

[DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus

--> vmain.class

[DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus

C:\System Volume Information\_restore{D043BD29-D11C-4CE6-95EB-D97181C58E2F}\RP6\A0005527.exe

[DETECTION] Is the TR/Trash.Gen Trojan

 

Beginning disinfection:

C:\System Volume Information\_restore{D043BD29-D11C-4CE6-95EB-D97181C58E2F}\RP6\A0005527.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '46998d17.qua'.

C:\Documents and Settings\Me\Application Data\Sun\Java\Deployment\cache\6.0\33\30feb821-7006d98b

[DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus

[NOTE] The file was moved to the quarantine directory under the name '5e40a2b0.qua'.

C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20100525-192716-C4AB6C79\ARKC1.tmp

[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '6a0dbc00.qua'.

 

 

End of the scan: 25 May 2010 20:47

Used time: 29:48 Minute(s)

 

The scan has been done completely.

 

8636 Scanned directories

174454 Files were scanned

3 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

3 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

174451 Files not concerned

1658 Archives were scanned

0 Warnings

2 Notes

330856 Objects were scanned with rootkit scan

0 Hidden objects were found

  • Upvote 1
Apollo Devil Member !

Apollo

Posté(e)
Posté(e) (modifié)

Reuh :P

 

Rien de grave, cela a été neutralisé mais par prudence on va faire quelque trucs...

 

1) Vider le cache de la console Java.

 

Par le panneau de configuration, double clique sur java (tasse).

 

Onglet Général/fichiers internet Temporaires/ Paramètres: Supprimer les fichiers.

 

img-22174612i18.jpg

 

Désactiver puis réactiver la restauration du système:

 

Désactiver la Restauration Système.

 

Démarrer/Tous les programmes/Accessoires/Outils Système/

 

Cliquer sur Restauration Système.

 

Cliquer sur "Paramètres de la restauration du système; cocher la case: "Désactiver la Restauration du système sur tous les lecteurs"

Appliquer/OK.

 

Pour réactiver la Restauration système, suivre le même chemin et décocher la case. Appliquer/OK.

 

Un nouveau point de restauration sera automatiquement créé.

 

------------------------------

Supprimer les temporaires:

Télécharge TFC par OldTimer et enregistre-le sur le bureau.

 

  • Fais un double clic sur TFC.exe pour le lancer. (Note: Si tu es sous Vista, fais un clic droit sur le fichier et choisis Exécuter en tant qu'Administrateur).
  • L'outil va fermer tous les programmes lors de son exécution, donc vérifie que tu as sauvegardé tout ton travail en cours avant de commencer.
  • Clique sur le bouton Start pour lancer le processus. Selon la fréquence à laquelle tu supprimes tes fichiers temporaires, cela peut durer de quelques secondes à une minute ou deux. Laisse le programme s'exécuter sans l'interrompre.
  • Lorsqu'il a terminé, l'outil devrait faire redémarrer ton système. S'il ne le fait pas, fais redémarrer manuellement le PC toi-même pour parachever le nettoyage.

 

@++

Modifié par Apollo
  • Upvote 1
Alesssandra Member

Alesssandra

Posté(e)
  • Auteur
Posté(e)

Alors...

 

J'ai fait tout ce que tu m'as dit dans ton dernier post, TFC et vider les temps dans JAVA et tout s'est bien passe.

 

Du coup, je me suis sentie hyper confiante, genre "j'ai tout compris" :P et j'ai lance un scan avec mon nouvel ami antivir, et antivir il dit que mon ordi est tout propre!

 

Voila le log

 

 

 

Avira AntiVir Personal

Report file date: 25 May 2010 22:04

 

Scanning for 2158107 virus strains and unwanted programs.

 

The program is running as an unrestricted full version.

Online services are available:

 

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : 6910P

 

Version information:

BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00

AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38

AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04

LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36

VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49

VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42

VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42

VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03

VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51

VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51

VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51

VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51

VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51

VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51

VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51

VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51

VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51

VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52

VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52

VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53

VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53

VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54

VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54

VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55

VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55

VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56

VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57

VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57

VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58

VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58

VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58

VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59

VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59

VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59

VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59

Engineversion : 8.2.1.242

AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10

AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10

AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07

AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10

AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06

AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51

AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05

AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05

AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25

AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02

AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01

AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00

AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00

AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38

AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35

AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40

AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46

AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51

AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30

SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58

AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56

NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20

RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29

 

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Extended process scan...............: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

 

Start of the scan: 25 May 2010 22:04

 

Starting search for hidden objects.

 

The scan of running processes will be started

Scan process 'msdtc.exe' - '40' Module(s) have been scanned

Scan process 'dllhost.exe' - '61' Module(s) have been scanned

Scan process 'dllhost.exe' - '45' Module(s) have been scanned

Scan process 'vssvc.exe' - '48' Module(s) have been scanned

Scan process 'avscan.exe' - '67' Module(s) have been scanned

Scan process 'avcenter.exe' - '63' Module(s) have been scanned

Scan process 'iexplore.exe' - '152' Module(s) have been scanned

Scan process 'alg.exe' - '33' Module(s) have been scanned

Scan process 'SbPFCl.exe' - '41' Module(s) have been scanned

Scan process 'iPodService.exe' - '30' Module(s) have been scanned

Scan process 'svchost.exe' - '39' Module(s) have been scanned

Scan process 'SbPFSvc.exe' - '88' Module(s) have been scanned

Scan process 'SbPFLnch.exe' - '13' Module(s) have been scanned

Scan process 'RichVideo.exe' - '22' Module(s) have been scanned

Scan process 'avshadow.exe' - '26' Module(s) have been scanned

Scan process 'mdm.exe' - '18' Module(s) have been scanned

Scan process 'jqs.exe' - '33' Module(s) have been scanned

Scan process 'btwdins.exe' - '21' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned

Scan process 'avguard.exe' - '55' Module(s) have been scanned

Scan process 'BTSTAC~1.EXE' - '47' Module(s) have been scanned

Scan process 'Dropbox.exe' - '54' Module(s) have been scanned

Scan process 'BTTray.exe' - '49' Module(s) have been scanned

Scan process 'ctfmon.exe' - '27' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '55' Module(s) have been scanned

Scan process 'avgnt.exe' - '51' Module(s) have been scanned

Scan process 'jusched.exe' - '21' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '68' Module(s) have been scanned

Scan process 'SynTPEnh.exe' - '26' Module(s) have been scanned

Scan process 'smax4pnp.exe' - '33' Module(s) have been scanned

Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned

Scan process 'igfxpers.exe' - '23' Module(s) have been scanned

Scan process 'hkcmd.exe' - '26' Module(s) have been scanned

Scan process 'svchost.exe' - '34' Module(s) have been scanned

Scan process 'Explorer.EXE' - '90' Module(s) have been scanned

Scan process 'sched.exe' - '45' Module(s) have been scanned

Scan process 'SCardSvr.exe' - '23' Module(s) have been scanned

Scan process 'spoolsv.exe' - '63' Module(s) have been scanned

Scan process 'svchost.exe' - '37' Module(s) have been scanned

Scan process 'svchost.exe' - '32' Module(s) have been scanned

Scan process 'svchost.exe' - '169' Module(s) have been scanned

Scan process 'svchost.exe' - '39' Module(s) have been scanned

Scan process 'svchost.exe' - '53' Module(s) have been scanned

Scan process 'lsass.exe' - '58' Module(s) have been scanned

Scan process 'services.exe' - '27' Module(s) have been scanned

Scan process 'winlogon.exe' - '67' Module(s) have been scanned

Scan process 'csrss.exe' - '12' Module(s) have been scanned

Scan process 'smss.exe' - '2' Module(s) have been scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan executable files (registry).

The registry was scanned ( '1618' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\'

 

 

End of the scan: 25 May 2010 22:28

Used time: 23:38 Minute(s)

 

The scan has been done completely.

 

7567 Scanned directories

165658 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

165658 Files not concerned

1279 Archives were scanned

0 Warnings

0 Notes

326415 Objects were scanned with rootkit scan

0 Hidden objects were found

  • Upvote 1

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...