Votre question

SPR/Tool Hardoff A et SPR/Tool Reboot.F

Tags :
  • service pack 2
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Décembre 2009 20:39:00

Bonjour, Avira me signale 2 virus, mais je ne sais comment les supprimer, il semble se trouver dans le programme de Mozilla. Le désinstaller suffit-il à le supprimer? Merci de m'aider, je débute en informatique.
Voici le rapport :


Avira AntiVir Personal
Report file date: jeudi 10 décembre 2009 01:24

Scanning for 1426081 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : FRANCOISE

Version information:
BUILD.DAT : 9.0.0.415 21609 Bytes 08/11/2009 10:00:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 00:20:25
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 00:20:25
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 00:20:25
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 00:20:26
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 00:20:26
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 00:20:26
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 00:20:26
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 00:20:26
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 00:20:26
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 00:20:26
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 00:20:26
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 00:20:26
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 00:20:27
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 00:20:27
VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 00:20:28
VBASE016.VDF : 7.10.1.179 2048 Bytes 07/12/2009 00:20:28
VBASE017.VDF : 7.10.1.180 2048 Bytes 07/12/2009 00:20:28
VBASE018.VDF : 7.10.1.181 2048 Bytes 07/12/2009 00:20:28
VBASE019.VDF : 7.10.1.182 2048 Bytes 07/12/2009 00:20:28
VBASE020.VDF : 7.10.1.183 2048 Bytes 07/12/2009 00:20:28
VBASE021.VDF : 7.10.1.184 2048 Bytes 07/12/2009 00:20:28
VBASE022.VDF : 7.10.1.185 2048 Bytes 07/12/2009 00:20:28
VBASE023.VDF : 7.10.1.186 2048 Bytes 07/12/2009 00:20:28
VBASE024.VDF : 7.10.1.187 2048 Bytes 07/12/2009 00:20:28
VBASE025.VDF : 7.10.1.188 2048 Bytes 07/12/2009 00:20:28
VBASE026.VDF : 7.10.1.189 2048 Bytes 07/12/2009 00:20:29
VBASE027.VDF : 7.10.1.190 2048 Bytes 07/12/2009 00:20:29
VBASE028.VDF : 7.10.1.191 2048 Bytes 07/12/2009 00:20:29
VBASE029.VDF : 7.10.1.192 2048 Bytes 07/12/2009 00:20:29
VBASE030.VDF : 7.10.1.193 2048 Bytes 07/12/2009 00:20:29
VBASE031.VDF : 7.10.1.206 77312 Bytes 09/12/2009 00:20:29
Engineversion : 8.2.1.102
AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52
AESCRIPT.DLL : 8.1.2.45 586108 Bytes 10/12/2009 00:20:34
AESCN.DLL : 8.1.2.5 127346 Bytes 08/11/2009 06:38:46
AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 10/12/2009 00:20:33
AEPACK.DLL : 8.2.0.3 422261 Bytes 08/11/2009 06:38:40
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38
AEHEUR.DLL : 8.1.0.186 2183544 Bytes 10/12/2009 00:20:33
AEHELP.DLL : 8.1.8.0 237942 Bytes 10/12/2009 00:20:31
AEGEN.DLL : 8.1.1.80 364917 Bytes 10/12/2009 00:20:30
AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26
AECORE.DLL : 8.1.8.5 180598 Bytes 10/12/2009 00:20:30
AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: jeudi 10 décembre 2009 01:24

Starting search for hidden objects.
'82407' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'hpgs2wnf.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'E_FATI9CE.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'C:\' <Disque>
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Franckie\Local Settings\Application Data\Mozilla\Firefox\Profiles\n3da1lxo.default\Cache\633285D9d01
[0] Archive type: ZIP
--> SmitfraudFix/Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix/restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program

Beginning disinfection:
C:\Documents and Settings\Franckie\Local Settings\Application Data\Mozilla\Firefox\Profiles\n3da1lxo.default\Cache\633285D9d01
[NOTE] The file was moved to '4b537e16.qua'!


End of the scan: jeudi 10 décembre 2009 05:49
Used time: 1:24:37 Hour(s)

The scan has been done completely.

14503 Scanned directories
657495 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
657492 Files not concerned
16713 Archives were scanned
1 Warnings
2 Notes
82407 Objects were scanned with rootkit scan
0 Hidden objects were found

Autres pages sur : spr tool hardoff spr tool reboot

a c 296 8 Sécurité
10 Décembre 2009 20:57:19

Bonjour,

Tu sais que le programme AntiVir Personal existe en français ?

L'antivirus a détecté des composants de SmitfraudFix, c'est normal.
10 Décembre 2009 21:30:35

Bonjour,
Oui j'avais une version en français, mais je n'ose pas la réinstaller car il semble que mes 2 virus soient en quarantaine et j'ai peur qu'ils fassent des dégâts pendant la manip. Est ce que les SPR signalés sont des composants de Smitfraudix. J'ai téléchargé ce programme en essayant de suivre des conseils donnés sur des forums, mais je ne sais pas au juste à quoi il sert. C'est ballot, non ?
a c 296 8 Sécurité
10 Décembre 2009 21:36:40

Citation :
--> SmitfraudFix/Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix/restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program

--> Oui, ce sont bien des composants de SmitfraudFix.

Citation :
Oui j'avais une version en français, mais je n'ose pas la réinstaller car il semble que mes 2 virus soient en quarantaine et j'ai peur qu'ils fassent des dégâts pendant la manip.

--> Supprime ce qu'il y a dans la quarantaine.

Citation :
J'ai téléchargé ce programme en essayant de suivre des conseils donnés sur des forums, mais je ne sais pas au juste à quoi il sert.

--> Chaque désinfection est différente. Cela peut être dangereux d'exécuter des programmes comme ça au hasard.
10 Décembre 2009 22:39:08

Je supprime ce qu'il y a dans la quarantaine. Merci infiniment de votre aide
a c 296 8 Sécurité
13 Décembre 2009 05:32:00

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS