|
|
|
|
Bonjour,
je suis sur windows XP, j'utilise firefox. cherche quelqu'un pour m'aider. Depuis plusieurs mois je fais face à une série d'Adware, trojans, spywares en tout genre (Internet Explorer a bien morflé). Impossible de m'en débarrasser. J'ai essayé un peu de tout. Je suis d'habitude sur macintosh donc les virus c'est pas ma tasse de thé. J'ai fait ce que vous recommandez, je vous envoie les trois rapports, si quelqu'un pouvait m'aider...
merci d'avance
RAPPORT AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:48:25 28/03/2007
+ Résultat de l'analyse:
:mozilla.18:C:\Documents and Settings\Eleonore\Application Data\Mozilla\Firefox\Profiles\75urk1d8.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\mod\Cookies\mod@com[2].txt -> TrackingCookie.Com : Aucune action entreprise.
C:\Documents and Settings\mod\Cookies\mod@search.msn[1].txt -> TrackingCookie.Msn : Aucune action entreprise.
C:\Documents and Settings\mod\Cookies\mod@toplist[1].txt -> TrackingCookie.Toplist : Aucune action entreprise.
Fin du rapport
RAPPORT BIT DEFENDER
BitDefender Online Scanner
Scan report generated at: Wed, Mar 28, 2007 - 21:15:54
Scan path: C:\;D:\;E:\;
Statistics
Time
01:08:51
Files
301617
Folders
4525
Boot Sectors
4
Archives
8066
Packed Files
30863
Results
Identified Viruses
7
Infected Files
32
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
31
Engines Info
Virus Definitions
408581
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\system32\qsyweogq.dll
Infected with: MemScan:Trojan.Spy.Agent.NU
C:\WINDOWS\system32\qsyweogq.dll
Disinfection failed
C:\WINDOWS\system32\qsyweogq.dll
Delete failed
C:\WINDOWS\system32\kvnhgyc.dll
Infected with: Trojan.Busky.1.Gen
C:\WINDOWS\system32\kvnhgyc.dll
Disinfection failed
C:\WINDOWS\system32\kvnhgyc.dll
Deleted
C:\WINDOWS\system32\mttqnzh.dll
Infected with: Trojan.Busky.2.Gen
C:\WINDOWS\system32\mttqnzh.dll
Disinfection failed
C:\WINDOWS\system32\mttqnzh.dll
Deleted
C:\WINDOWS\system32\fpgxbkgo.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\fpgxbkgo.dll
Disinfection failed
C:\WINDOWS\system32\fpgxbkgo.dll
Deleted
C:\WINDOWS\system32\ndmcusqt.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\ndmcusqt.dll
Disinfection failed
C:\WINDOWS\system32\ndmcusqt.dll
Deleted
C:\WINDOWS\system32\ndptwrnb.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\ndptwrnb.dll
Disinfection failed
C:\WINDOWS\system32\ndptwrnb.dll
Deleted
C:\WINDOWS\system32\cflmneje.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\cflmneje.dll
Disinfection failed
C:\WINDOWS\system32\cflmneje.dll
Deleted
C:\WINDOWS\system32\hgicggds.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\hgicggds.dll
Disinfection failed
C:\WINDOWS\system32\hgicggds.dll
Deleted
C:\WINDOWS\system32\hvxmkocy.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\hvxmkocy.dll
Disinfection failed
C:\WINDOWS\system32\hvxmkocy.dll
Deleted
C:\WINDOWS\system32\lwqbdlnp.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\lwqbdlnp.dll
Disinfection failed
C:\WINDOWS\system32\lwqbdlnp.dll
Deleted
C:\WINDOWS\system32\mvpieixs.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\mvpieixs.dll
Disinfection failed
C:\WINDOWS\system32\mvpieixs.dll
Deleted
C:\WINDOWS\system32\xtjrkylr.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\xtjrkylr.dll
Disinfection failed
C:\WINDOWS\system32\xtjrkylr.dll
Deleted
C:\WINDOWS\system32\fnegfpob.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\fnegfpob.dll
Disinfection failed
C:\WINDOWS\system32\fnegfpob.dll
Deleted
C:\WINDOWS\system32\xryiyuql.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\xryiyuql.dll
Disinfection failed
C:\WINDOWS\system32\xryiyuql.dll
Deleted
C:\WINDOWS\system32\agvbnnkt.dll
Infected with: Trojan.BHO.AL
C:\WINDOWS\system32\agvbnnkt.dll
Disinfection failed
C:\WINDOWS\system32\agvbnnkt.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0004950.dll
Infected with: Trojan.Spy.VBStat.B
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0004950.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0004950.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0005995.exe
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0005995.exe
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP25\A0005995.exe
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP31\A0006271.DLL
Infected with: Trojan.Juan.Q
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP31\A0006271.DLL
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP31\A0006271.DLL
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007894.dll
Infected with: Trojan.Busky.1.Gen
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007894.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007894.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007895.dll
Infected with: Trojan.Busky.2.Gen
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007895.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007895.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007896.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007896.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007896.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007897.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007897.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007897.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007898.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007898.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007898.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007899.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007899.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007899.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007900.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007900.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007900.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007901.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007901.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007901.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007902.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007902.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007902.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007903.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007903.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007903.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007904.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007904.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007904.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007905.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007905.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007905.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007906.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007906.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007906.dll
Deleted
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007907.dll
Infected with: Trojan.BHO.AL
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007907.dll
Disinfection failed
C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP41\A0007907.dll
Deleted
RAPPORT HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 21:25:24, on 28/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {00A7863B-DDC7-0034-A0C8-07530F512758} - C:\WINDOWS\system32\mttqnzh.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2D0B254F-D652-4430-93AA-5FABBF716B80} - C:\WINDOWS\assembly\tmp\urnfmc.dll (file missing)
O2 - BHO: (no name) - {39f25b12-74ff-4079-a51f-1d70f5b08b84} - (no file)
O2 - BHO: (no name) - {450F80C3-F5E4-42CB-971E-467E75F721B3} - C:\WINDOWS\system32\bkejbmpk.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {CA1C19AA-06A4-4A4F-9545-C38D9D208F17} - C:\WINDOWS\system32\bkejbmpk.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\qsyweogq.dll",setvm
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: aqytmevk - aqytmevk.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: urnfmc - C:\WINDOWS\assembly\tmp\urnfmc.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O20 - Winlogon Notify: winemv32 - winemv32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Configuration: Windows XP Firefox 2.0.0.3
La seule solution c'est de reformater ton ordinateur par un spécialiste dans ta ville il y a surement des boutique qui vendent des ordinateur d'occasion et reformate, répare ... Ou je te conseille aussi de télécharger Avast Antivirus c'est un très bon outil il désinfecte ton PC et il ne laisse aucune trace de virus ! Enfin a l'avenir fait bien attention sur le web !! |
Bonsoir Atchoum44,
|
Bonsoir,
La seule solution c'est de reformater ton ordinateur CERTAINEMENT PAS cela devient assez pénible de voir ce genre de remarque sur les forums. * Télécharge VundoFix.exe (par Atribune) sur ton Bureau http://www.atribune.org/ccount/click.php?id=4 * Double-clique VundoFix.exe afin de le lancer * Clique sur le bouton Scan for Vundo * Lorsque le scan est complété, clique sur le bouton Remove Vundo * Une invite te demandera si tu veux supprimer les fichiers, clique YES * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers * Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK * Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo". Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills |
Oui oui. Je l'ai fait. Vundo a bien fonctionné. Mais au redémmarage: erreur de chargement DLL: C:/WINDOWS/system32/qsyweogq.dll.
|
Voici :
|
J'ai fais la démarche avec Vundofix, j'ai répondu yes à delete. Redémarrage... même erreur de .DLL manquant, j'ai fais le scan Hijack, j'ai supprimé les lignes et refais un scan. Mais impossible de retrouver le rapport de Vundofix, j'ai que le premier... c'est grave? en tout cas je te met les deux rapports hijackthis. Et merci beaucoup au fait.
|
Bonjour,
|
Bit defender a repéré les virus dans le backup de Vundofix et dans "volume restore", un truc du genre. C'est bon non? je t'envoie le rapport.
|
Voici:
|
C'est quoi virus win32 trojan Caution this harddisk may be infected by virus Download trojan virus Hacktool.rootkit trojan virus La ram a été infecté par un virus Mon ordinateur est infecté par win32 trojan Pc infecte par un virus Reparer pc infecte par virus Supprimer des virus et trojan gratuitement Trojan Virus .win32.trojan ik Virus heur trojan win32 generic Virus heur trojan.script.iframe Virus saint trojan Virus trojan Virus trojan horse Virus trojan.autorun.alk Win32:trojan-gen virus/ver
