rapport de bitdefender:
BitDefender Online Scanner
Scan report generated at: Thu, Oct 19, 2006 - 20:13:49
Scan path: C:\;D:\;
Statistics
Time 00:19:15
Files 154944
Folders 1550
Boot Sectors 2
Archives 679
Packed Files 23699
Results
Identified Viruses 1
Infected Files 1
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 0
Engines Info
Virus Definitions 477559
Engine build AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins 13
Archive plugins 38
Unpack plugins 6
E-mail plugins 6
System plugins 1
Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes
Scanned File Status
C:\WINDOWS\system32\wineak32.dll Infected with: Trojan.Klone.H
C:\WINDOWS\system32\wineak32.dll Disinfection failed
C:\WINDOWS\system32\wineak32.dll Delete failed
rapport de blacklight:
10/19/06 20:29:20 [Info]: BlackLight Engine 1.0.47 initialized
10/19/06 20:29:20 [Info]: OS: 5.1 build 2600 (Service Pack 1)
10/19/06 20:29:20 [Note]: 7019 4
10/19/06 20:29:20 [Note]: 7005 0
10/19/06 20:29:56 [Note]: 7006 0
10/19/06 20:29:56 [Note]: 7011 1104
10/19/06 20:29:56 [Note]: 7026 0
10/19/06 20:29:56 [Note]: 7026 0
10/19/06 20:29:59 [Note]: FSRAW library version 1.7.1020
10/19/06 20:31:17 [Note]: 7007 0
rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:32:13, on 19/10/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\PRINTV~1\pvmodule.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\System32\ptlaylmr.dll
O2 - BHO: (no name) - {6377FC61-BF51-4859-B33C-EC6AB17C3912} - C:\WINDOWS\System32\jkklm.dll
O2 - BHO: (no name) - {72FD421C-234B-249A-DDA5-00E5DB650FA0} - C:\WINDOWS\System32\czpjlcb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/11b75055509cc6403b19/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: jkklm - C:\WINDOWS\System32\jkklm.dll
O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
voila ça c'est fait!
bitdefender m'a trouvé un virus...
Alors que pense tu de tout ça?
je commence a desesperer :.)
Ran Kaspersky Virus Scan (analyse complète) et il n'a rien trouvé. La seule chose que j'ai trouvé est un site spywarelabs, demandant de le supprimer, mais je ne sais pas ce site spywarelabs ou si elle peut faire confiance.
J'ai essayé d'utiliser msconfig pour éliminer ce logiciel dans la liste de démarrage, seulement pour obtenir un message d'erreur - l'accès est refusé.
Faire une recherche Windows (y compris les fichiers cachés et système) ne se sont pas une chose .... Que dois-je faire?
Merci à tous pour l'aide à l'avance!