Problème spyware & "scarabés"

Oups !! Désolé !!

Les serveurs officiels ont été mis à jour et par conséquent les adresses aussi

Voici la bonne adresse
_________________
*******************************************************************

J en ai marre, ce PC me gonfle. Je n'arrive pas à installer antivir. A la fin de l'extraction il est indiqué : CRC Failed in basic\msvcp71.dll
Unexpected end of archive
et rien n'est installé sur bureau
En plus, il rame, rame...... au secours
Sur ce, je reviendrai demain soir voir tes conseils. Bonne nuit

Bonsoir Didette,
ne te décourage pas, ton pb trouvera une solution mais parfois c'est long, long, long, je connais... plus d'une semaine pour désinfecté mon pc. et heureusement que ce site existe car je serais encore infecté.
Alors un peu de patience et

et un jour tu feras

à toi

Bonjour Didette Wink

No panic, souffle, respire on va y arriver Wink

Merci cornet Very Happy

Retente l'installe à partir du lien. il arrive que ça bug Wink

et oui c'est le monde magique de l'informatique, mais pas d'affolement on va en venir a bout. Je l'ai testé le lien, tu n'es pas tombé au bon moment c'est tout Wink

_________________
L'ouverture d'esprit n'est pas une fracture du crane

Bonjour tout le monde et merci pour votre soutien.
Là je suis au boulot mais j'ai eu le temps à midi de ré-installé antivir et bien, je crois que je suis maudite, cela n'a pas marché. Même message qu'hier soir après extraction. De plus, j'ai toujours cette fenêtre avec mes 55 erreurs critiques. Dois-je ressayer ce soir ??? @ + et encore merci

Coucou
non enfin si, mais je te donne un autre lien Wink

essaye avec celui-ci :
http://www.clubic.com/lancer-le-telechargement-253562-0-antivir-personal-edition.html
cliques sur la case rouge "Lancer le téléchargement"

et on va étudier la question de près pour l'autre qui ne fonctionne pas (en espérant que celui-ci ne te pose pas de problème) Wink

Merci de ta patience, et excuses nous pour le désagrément Smile

_________________
L'ouverture d'esprit n'est pas une fracture du crane

Bonjour,
Pas eu le temps hier de m'occuper de mon pc. Je le ferai ce soir et vous tiendrez bien évidemment au courant. @ +

Bonjour,
Yes, ça a marché avec l'autre lien. Je post le rapport de suite. Par contre,
quand j'ouvre antivir, la ligne Last Update est écrit en rouge et Not perfomed. Est-ce norma ?? @+

Avira AntiVir Personal
Report file date: mercredi 25 juin 2008 20:43

Scanning for 1165085 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: THIRIET

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AEscript.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 25 juin 2008 20:43

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CnxDslTb.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '21' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\C\Documents and Settings\LocalService\Application Data\Microsoft\Internet Explorer\Desktop.htt.vir
[DETECTION] Contains detection pattern of the HTML script virus HTML/Ficticious
[NOTE] The file was moved to '48d592e1.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\aliceeadsl.exe.vir
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '48cb92ec.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028726.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929342.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028728.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929344.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028730.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929346.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028731.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929347.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028732.scr
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929349.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028734.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4892934b.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028735.DLL
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4892934d.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028736.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4892934f.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028737.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48929351.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP25\A0028946.exe
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '4892935b.qua'!
Begin scan in 'F:\'

End of the scan: mercredi 25 juin 2008 21:01
Used time: 18:13 min

The scan has been done completely.

1192 Scanning directories
80053 Files were scanned
12 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
80041 Files not concerned
469 Archives were scanned
1 Warnings
12 Notes

On y est arrivé enfin presque !!

Si Avira t'indique cela , c'est que sa mise à jour n'a jamais effectué !
Pour cela dans le panneau de controle , clique sur Start Update

Ensuite comme le scan a était effectué sans les derniers mises à jour , et afin de s'assurer d'etre proteger de façon optimal réexecute un scan !! ( sa peut tous changer )
_________________
*******************************************************************

OK mais j'ai quand même toujours la fenêtre qui s'ouvre avec mes 55 erreurs critiques.

Ca ne marche pas le Start Update. Last Update reste ecrit en rouge. Je fais quoi maintenant ??

Salut Didette Smile

il arrive que les serveurs d'antivir bug à cause d'un trop grand nombre de connexions simultanées.
Retente le update à des moments différents voir si ça passe Wink

_________________
L'ouverture d'esprit n'est pas une fracture du crane

OK je ressayerai plus tard. Il n'y a plus rien d'autre à faire. Je suis enfin débarasser des virus ??? Mais que faire pour cette fenêtre qui s'ouvre en permanence ??
De plus, je reviens à mon histoire de racheter un cd car je reste persuadée que j'ai pleins de problèmes depuis que l'on m'a installé le cd xp pro (je pense qu'il s'agit d'un cd piraté). Toutefois, il m'est possible d'avoir les cd d'installation xp familiale (avec numéro de license valide) de ma frangine. Peut-on les installer sur mon pc (un numéro de license pour deux pc) ????
@ +

Je viens de relancer le update et ça c'est mis a jour. Par contre, j'ai eu un message en anglais : Important program file are available for download. Please start the Control Center and select "Start update" from the update menu. If you do not perform the update within 7 days, you will be notified again.
Cela veut dire qu'il faut que je relance un update ??????

non c'est bon le update est fait Wink

ça te dit que tu seras prevenu ds 7 jours si il n'y a pas d'autre update entre temps Wink

Fais ton scan maintenant Smile

_________________
L'ouverture d'esprit n'est pas une fracture du crane

Ci dessous, rapport

Avira AntiVir Personal
Report file date: jeudi 26 juin 2008 00:03

Scanning for 1360080 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: THIRIET

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 21:39:09
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 21:39:10
ANTIVIR3.VDF : 7.0.5.7 28672 Bytes 25/06/2008 21:39:12
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AEscript.DLL : 8.1.0.44 278907 Bytes 25/06/2008 21:40:30
AESCN.DLL : 8.1.0.22 119157 Bytes 25/06/2008 21:40:25
AERDL.DLL : 8.1.0.20 418165 Bytes 25/06/2008 21:40:20
AEPACK.DLL : 8.1.1.6 364918 Bytes 25/06/2008 21:40:11
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 25/06/2008 21:40:05
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 25/06/2008 21:39:58
AEHELP.DLL : 8.1.0.15 115063 Bytes 25/06/2008 21:39:35
AEGEN.DLL : 8.1.0.29 307573 Bytes 25/06/2008 21:39:30
AEEMU.DLL : 8.1.0.6 430451 Bytes 25/06/2008 21:39:24
AECORE.DLL : 8.1.0.31 168310 Bytes 25/06/2008 21:39:18
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 26 juin 2008 00:03

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CnxDslTb.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '21' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Alain\Bureau\Navilog1.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48d8c243.qua'!
C:\QooBox\Quarantine\catchme2008-06-19_200144,33.zip
[0] Archive type: ZIP
--> jwzpqng.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '48d6c303.qua'!
C:\QooBox\Quarantine\C\0tuia0.exe.vir
[DETECTION] Is the Trojan horse TR/Drop.Agent.lea
[NOTE] The file was moved to '48d7c319.qua'!
C:\QooBox\Quarantine\C\nFNZ.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48b0c2ee.qua'!
C:\QooBox\Quarantine\C\xdyytq.exe.vir
[DETECTION] Is the Trojan horse TR/PSW.Ftp.1
[NOTE] The file was moved to '48dbc30d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Alain\cftmon.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '48d6c311.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Alain\~tmp74.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Mutant.AED.2
[NOTE] The file was moved to '48cfc320.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\LocalService\cftmon.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '48d6c314.qua'!
C:\QooBox\Quarantine\C\WINDOWS\braviax.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.FraudLoa.ZB
[NOTE] TR/Dldr.FraudLoa.ZB:[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN]:=sz:www.google.com>=SZ:about:blank
[NOTE] The file was moved to '48c3c322.qua'!
C:\QooBox\Quarantine\C\WINDOWS\services.exe.vir
[DETECTION] Is the Trojan horse TR/Proxy.Small.QN
[NOTE] The file was moved to '48d4c316.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\adsnd.dll.vir
[DETECTION] Is the Trojan horse TR/ATRAPS.Gen
[NOTE] The file was moved to '48d5c317.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmona.exe.vir
[DETECTION] Is the Trojan horse TR/Peed.JLG.11
[NOTE] The file was moved to '48c8c328.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mickey32.sys.vir
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '48c5c31e.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\spools.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '48d1c327.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP20\A0026507.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '4892c304.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP21\A0028566.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '4892c309.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP21\A0028571.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '4892c30a.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP21\A0028573.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '4892c30c.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP23\A0028831.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.wui
[NOTE] The file was moved to '4892c328.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP24\A0028840.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '4892c32b.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP24\A0028843.exe
[DETECTION] Is the Trojan horse TR/PSW.Ftp.1
[NOTE] The file was moved to '4892c32d.qua'!
C:\System Volume Information\_restore{B77BB94D-CA5E-4162-893B-308ECE7240CE}\RP26\A0030165.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '4892c344.qua'!
Begin scan in 'F:\'

End of the scan: jeudi 26 juin 2008 00:26
Used time: 22:57 min

The scan has been done completely.

1191 Scanning directories
80200 Files were scanned
22 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
22 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
80178 Files not concerned
496 Archives were scanned
1 Warnings
22 Notes

Bonjour,
Aujourd'hui,j'ai ce message : 'critical error message - registry damaged and corrupted. To Fix this problem : open internet explorer and type www.registrycleanerxp.com Once you load the web page, close this message window. After you install the cleaner program you will not receive any more reminders or pop-ups like this.
Je sais qu'il ne faut pas télécharger mais comment faire pour éviter d'avoir ces fenêtres qui s'ouvrent en permanence ???

salut Didette,

Ne clic surtout pas sur les fenetres, tu les fermes, c'est tout.

K1Ks va arriver dans pas très longtemps. Il va continuer avec toi.
Je ne peux pas intervenir car je ne sais pas quel est son plan d'intervention sur ta prise en charge.

Il va te donner la suite; ne t'inquiètes pas Wink

_________________
L'ouverture d'esprit n'est pas une fracture du crane

Télécharge le programme R-Hosts de S!RI.

Il va remettre ton fichier Hosts par défaut.

>>> http://siri.urz.free.fr/Softs/RHosts.exe

Double clique sur le programme pour le lancer puis clique sur Restaurer.

Valide la modification en appuyant sur OK.

*******************

Télécharge Deckard System Scanner

>>> Lien et Tuto ici <<<
# Suis les indications et poste le rapport obtenu dans ton prochain message.
_________________
*******************************************************************

Bonjour K1ks
Ci dessous rapport demandé
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professionnel (build 2600)
Architecture: X86; Language: French

CPU 0: Intel(R) Celeron(R) CPU 2.40GHz
Percentage of Memory in Use: 85%
Physical Memory (total/avail): 255.48 MiB / 35.94 MiB
Pagefile Memory (total/avail): 618.52 MiB / 308.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1949.21 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 14.65 GiB total, 11.65 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 59.88 GiB total, 59.79 GiB free.

\\.\PHYSICALDRIVE0 - ST380012A - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 14.65 GiB - C:
\PARTITION1 - Système de fichiers installable - 59.88 GiB - F:

-- Security Center -------------------------------------------------------------

AUOptions is disabled.
AUState says computer has updates disabled.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Alain\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=THIRIET
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Alain
LOGONSERVER=\\THIRIET
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Alain\LOCALS~1\Temp
TMP=C:\DOCUME~1\Alain\LOCALS~1\Temp
USERDOMAIN=THIRIET
USERNAME=Alain
USERPROFILE=C:\Documents and Settings\Alain
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Alain (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Aztech CNR2900 V.90 Modem --> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
FoxTarot version 4.1.7 --> "C:\Program Files\FoxTarot4\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kaspersky Online Scanner --> C:\WINDOWS\System32\KASPER~1\KASPER~1\kavuninstall.exe
Lexmark 510 Series --> C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBZUN5C.EXE -dLexmark 510 Series
LimeWire 4.16.7 --> "C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.14) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
SigmaTel C-Major Audio --> stunwdm.exe
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
ZTE ZXDSL852 --> "C:\Program Files\ZTE Corporation\ZXDSL852\setup.exe" -u

-- Application Event Log -------------------------------------------------------

Event Record #/Type155 / Error
Event Submitted/Written: 06/26/2008 08:18:01 PM
Event ID/Source: 8 / crypt32
Event Description:
Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : 0x2ee7

Event Record #/Type154 / Warning
Event Submitted/Written: 06/26/2008 02:12:46 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
TR/Fakealert.TE.3C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\bt9qq6mm.default\Cache\A13A5C78d01

Event Record #/Type149 / Error
Event Submitted/Written: 06/26/2008 01:29:36 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée TeaTimer.exe, version 1.5.2.16, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Event Record #/Type134 / Error
Event Submitted/Written: 06/23/2008 09:44:11 PM
Event ID/Source: 8193 / VSS
Event Description:
Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine CoCreateInstance. hr = 0x80040206.

Event Record #/Type133 / Error
Event Submitted/Written: 06/23/2008 09:44:11 PM
Event ID/Source: 4609 / EventSystem
Event Description:
Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44 de d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services du Support Technique Microsoft pour signaler cette erreur.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type971 / Error
Event Submitted/Written: 06/26/2008 08:17:53 PM
Event ID/Source: 7016 / Service Control Manager
Event Description:
Le service SmartLinkService a signalé un état actuel 0 non valide.

Event Record #/Type876 / Error
Event Submitted/Written: 06/25/2008 08:43:34 PM
Event ID/Source: 55 / Ntfs
Event Description:
La structure du système de fichiers sur le disque est endommagée et inutilisable.
Veuillez exécuter l'utilitaire chkdsk sur le volume C:.

Event Record #/Type829 / Error
Event Submitted/Written: 06/25/2008 06:08:32 PM
Event ID/Source: 55 / Ntfs
Event Description:
La structure du système de fichiers sur le disque est endommagée et inutilisable.
Veuillez exécuter l'utilitaire chkdsk sur le volume C:.

Event Record #/Type816 / Error
Event Submitted/Written: 06/25/2008 05:38:47 PM / 06/25/2008 05:39:17 PM
Event ID/Source: 5 / CnxEtP
Event Description:
AccessRunner ADSL connection terminated

Event Record #/Type800 / Warning
Event Submitted/Written: 06/25/2008 00:38:01 AM
Event ID/Source: 36 / W32Time
Event Description:
Le service de temps n'a pas pu synchroniser l'heure système de 49152
secondes car aucun fournisseur de temps n'a pu fournir de datage
utilisable. L'horloge système n'est pas synchronisée.

-- End of Deckard's System Scanner: finished at 2008-06-26 20:18:36 ------------