Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Mardi 2 décembre 2008 - 16:02:18
- inscrits : 1090334
- connectés : 56188
- questions/jour : 4764
- Taux de réponse : 75.81%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Statut : Non résolu
Virus infecté par trojan zlob gen et gen pack
latitu, le mardi 19 septembre 2006 à 09:34:49bonjour à tous
je demande votre aide car mon bitdefender m'indique qu'il bloque des virus mais c'est constament j'ai beau le scanner il me les trouve me les deplace mais il revienne toujours.
mes scan spybot et adware sont deja fait et rien trouvé
Voici mon rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 09:34:40, on 19/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\WService.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\STEPHE\step\Kitbar4$.exe
D:\LAETITIA\BootCD\WinTools\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
voila j'espere que vous allez savoir faire quelque chose merci d'avance
je demande votre aide car mon bitdefender m'indique qu'il bloque des virus mais c'est constament j'ai beau le scanner il me les trouve me les deplace mais il revienne toujours.
mes scan spybot et adware sont deja fait et rien trouvé
Voici mon rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 09:34:40, on 19/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\WService.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\STEPHE\step\Kitbar4$.exe
D:\LAETITIA\BootCD\WinTools\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
voila j'espere que vous allez savoir faire quelque chose merci d'avance
Salut,
clique sur demarrer, rechercher, cherche et supprime ces fichiers: WService.EXE **Si un fichier persiste lors de la suppression fais ceci: -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement Désactive ton pare-feu Windows(SP2) car il ne sert à rien et installe celui-ci pour que tu sois mieux protégé Kerio: (pare-feu, qui reste gratuit après la periode d'essai!) Kerio Personal Firewall -tutorial: pour configurer et comprendre l'utilisation de Kerio http://kerio.probb.fr/ Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp Ewido: (reste gratuit après la période d'essai) Télécharger Ewido Security Suite *C'est en forgeant que l'on devient forgeron* |
voici mon rapport de ewido
ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 13:50:24 19/09/2006 + Scan result: C:\Documents and Settings\User\Cookies\user@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.6:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.7:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\User\Cookies\user@lsfnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\User\Cookies\user@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\User\Cookies\user@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\User\Cookies\user@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned. :mozilla.13:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.14:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\User\Cookies\user@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\User\Cookies\user@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned. C:\Documents and Settings\User\Cookies\user@epilot[1].txt -> TrackingCookie.Epilot : Cleaned. :mozilla.21:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.15:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\User\Cookies\user@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned. C:\Documents and Settings\User\Cookies\user@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned. C:\Documents and Settings\User\Cookies\user@linkbuddies[2].txt -> TrackingCookie.Linkbuddies : Cleaned. C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.10:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.11:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.12:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.9:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. C:\Documents and Settings\User\Cookies\user@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.93:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.94:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.95:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.47:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.48:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.50:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.51:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.52:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.55:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.56:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.57:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.62:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.63:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.64:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.65:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.66:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.60:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.61:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end
|
voici mon nouveau rapport hijackthis
Logfile of HijackThis v1.99.1 Scan saved at 09:33:49, on 20/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe C:\WINDOWS\system32\WService.EXE C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\TooX\Groom\GroomAgent.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\Drivers\WTSRV.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe D:\LAETITIA\BootCD\WinTools\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.... O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit... O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
|
voici le rapport kaspersky
Total number of scanned objects 67893 Number of viruses found 1 Number of infected objects 4 / 0 Number of suspicious objects 0 Duration of the scan process 00:45:38 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Documents\setup.exe Infected: Trojan.Win32.Agent.xu skipped C:\Documents and Settings\All Users\Documents\site\setup.exe Infected: Trojan.Win32.Agent.xu skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\User\Application Data\Lavasoft\Ad-Aware\Logs\AWEVLOG.txt Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\call256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\callmember256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\chat512.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\chatmsg256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\contactgroup256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\index2.dat Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\profile16384.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\transfer256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\transfer512.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\user1024.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\user16384.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\user256.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\user4096.dbb Object is locked skipped C:\Documents and Settings\User\Application Data\Skype\steligwen\voicemail256.dbb Object is locked skipped C:\Documents and Settings\User\Cookies\index.dat Object is locked skipped C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\User\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\User\Local Settings\Temp\Perflib_Perfdata_34c.dat Object is locked skipped C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\KTMJGTIF\popup[1].htm Object is locked skipped C:\Documents and Settings\User\NTUSER.DAT Object is locked skipped C:\Documents and Settings\User\ntuser.dat.LOG Object is locked skipped C:\Program Files\eMule\Temp\001.part Object is locked skipped C:\Program Files\eMule\Temp\002.part Object is locked skipped C:\Program Files\eMule\Temp\003.part Object is locked skipped C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{F1F455E5-9C3F-4532-8A36-61A2D6232FA3}\RP256\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\tmp000056c7\tmp00000000 Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\setup.exe Infected: Trojan.Win32.Agent.xu skipped D:\site\setup.exe Infected: Trojan.Win32.Agent.xu skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.
|
je suis desoler mais j'ai des probleme pour me mettre en mode sans echec car la prise violette de de la carte ne veut pas se reconnaitre donc j'ai mon clavier en usb et pas moyen de le mettre autrement donc si vous avez une idées je vous ecoute |
Telecharges Killbox:
http://www.generation-nt.com/telecharger/fiche/344/KillBox/ Doubles clique sur killbox.exe (Pocket Killbox) - coches: delete on reboot dans la barre vide entre ceci: (exactement) C:\Documents and Settings\All Users\Documents\setup.exe - cliques sur la croix rouge - une fenetre va apparaitre pour confirmation cliques sur YES - une seconde fenetre te demande si tu veux redemarrer cliques sur NO Ensuite à nouveau dans la barre vide tu réentres ceci: D:\site\setup.exe - cliques sur la croix rouge - une fenetre va apparaitre pour confirmation cliques sur YES - une seconde fenetre te demande si tu veux redemarrer cliques sur YES Laisses le pc redemarrer, s'il ne redemarre pas de lui même alors fais le, quand il aura redemarré jette le dossier KillBox et la killbox ;-) C'est en forgeant que l'on devient forgeron - kerio.probb.net |
Résultats pour virus infecté par trojan zlob gen et gen pack
[Trojan] infexté avec Trojan.zlob.gen (Résolu) bonjour a tous :) lorsque je fais des analyses avec Bitdefender, celui ci me trouve des trojan.zlob.gen, trojan.proxy.horst, application.tool.evil et generic malware :s je ne sais pas quoi faire avec tout cela car l'antivirus n'arrive pas a...
www.commentcamarche.net/forum/affich-2392281-trojan-infexte-avec-trojan-zlob-gen
Infecté par Trojan.Peed.Gen (Résolu) Bonjour Après avoir constaté depuis peu que des fenêtres intempestives s'affichaient à l'écran malgré le boqueur de fenêtres, j'ai fait un scan en ligne par Bitdefender qui m'a détecté le virus suivant : Trojan.Peed.Gen Je...
www.commentcamarche.net/forum/affich-3023637-infecte-par-trojan-peed-gen
Trojan.Peed.Gen et punkbuster (Résolu) Bonjour, j'ai un soucis avec un virus nommer Trojan.Peed.Gen mon anti-virus (bitdefender) me dit que punkbuster est infecté par ce virus et que mon pc n'a pas été infecté jusque la tout va bien sauf que j'ai besoin que le punkbuster se...
www.commentcamarche.net/forum/affich-5444385-trojan-peed-gen-et-punkbuster
Résultats pour virus infecté par trojan zlob gen et gen pack
Infecté par Trojan.Peed.Gen (Résolu)Bonjour, Après avoir constaté depuis peu que le portable ramait de plus en plus, j'ai fait un scan en ligne par Bitdefender qui m'a détecté le virus suivant : Trojan.Peed.Gen Je n'arrive pas à le supprimer. Je ne sais plus bien ce que...
www.commentcamarche.net/forum/affich-5086699-infecte-par-trojan-peed-gen
Infection Trojan.Zlob (Résolu)Bonjour, J'ai fais un scan complet de mon disque dur et Malwarebytes' Anti-Malware a détecté ce programme : Trojan.Zlob Il est pour l'instant mis en quarantaine. Que dois-je faire ensuite ? Je vous poste le rapport malwarebytes ? Je...
www.commentcamarche.net/forum/affich-8402710-infection-trojan-zlob
Virus : Win32 trojandownloader.Zlob (Résolu)Bonjour, je me suis recement rendu compte que j'etait inecté par le Virus/Spyware Win32 Trojandownloader.Zlob. Celui-ci a ete detecté par windows defender et AD-aware. Toutefois je n'ai pas reussi a m'en debarasser avec ad-aware Voici...
www.commentcamarche.net/forum/affich-9095444-virus-win32-trojandownloader-zlob