Analyse d'un hijackhis.
deyshauna
Messages postés
181
Statut
Membre
-
Kristopher Messages postés 3752 Statut Contributeur -
Kristopher Messages postés 3752 Statut Contributeur -
bonsoir
voila depuis 2jours quand je demare mon pc, mon zone alarme me demande si j'autorise l'installation de ce programme qui je ne sais pas si cela est un virus ou autre malware( GENERIC HOST PROCES FOR WIN32 SERVICES) et cela me coupe des fois la connexxion. merci
voici mon hijackhis.
configuration windows xp pro
Logfile of HijackThis v1.99.1
Scan saved at 20:27:56, on 6-4-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\SEVERIN\Bureaublad\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?77d0f146ca6a4a548544912e6835478a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?77d0f146ca6a4a548544912e6835478a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
voila depuis 2jours quand je demare mon pc, mon zone alarme me demande si j'autorise l'installation de ce programme qui je ne sais pas si cela est un virus ou autre malware( GENERIC HOST PROCES FOR WIN32 SERVICES) et cela me coupe des fois la connexxion. merci
voici mon hijackhis.
configuration windows xp pro
Logfile of HijackThis v1.99.1
Scan saved at 20:27:56, on 6-4-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\SEVERIN\Bureaublad\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?77d0f146ca6a4a548544912e6835478a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?77d0f146ca6a4a548544912e6835478a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
A voir également:
- Analyse d'un hijackhis.
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Échec de l'analyse antivirus. ✓ - Forum Antivirus
- Analyse et réparation disque dur externe - Guide
4 réponses
Salut,
Rien d'abracadabrant dans ton rapport HijackThis, hormis le fait que Windows ne soit pas à jour.
Donc, envisage sérieusement à faire ceci dans l'ordre :
1/ Scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
2/ Fais toutes les mises à jour via Windows update :
http://www.windowsupdate.com/windowsupdate/v6/default.aspx
3/ Reposte un nouveau log HijackThis stp.
++
Rien d'abracadabrant dans ton rapport HijackThis, hormis le fait que Windows ne soit pas à jour.
Donc, envisage sérieusement à faire ceci dans l'ordre :
1/ Scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
2/ Fais toutes les mises à jour via Windows update :
http://www.windowsupdate.com/windowsupdate/v6/default.aspx
3/ Reposte un nouveau log HijackThis stp.
++
Salut deyshauna, si tu refuses GENERIC HOST PROCES, pas de navigation sur Internet, donc coche le, pour ne plus avoir à répeter la manip à chaque fois, je confirme les propos de Kristopher, rien de spécial dans ton log. bonne soirée.
bonsoir chers messieurs.
voici le nouveau rapport de bitdefender et de hijackhis. en passant je ne posséde pas de SP2 de windows.
merci.
BitDefender Online Scanner
Scan report generated at: Sat, Apr 08, 2006 - 20:17:16
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:04:23
Files
255907
Folders
2663
Boot Sectors
2
Archives
1847
Packed Files
16828
Results
Identified Viruses
17
Infected Files
30
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
30
Engines Info
Virus Definitions
363399
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Infected with: Trojan.Swizzor.DH
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Infected with: Trojan.Swizzor.DH
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008279.exe
Infected with: GenPack:Trojan.Downloader.Small.VU
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008279.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Infected with: MemScan:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Infected with: GenPack:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Infected with: Trojan.Spy.Small.DM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Infected with: Trojan.Popuper.N
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Infected with: MemScan:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Infected with: GenPack:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Infected with: Trojan.Fakealert.BE
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Infected with: Trojan.Downloader.Swizzor.DO
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Deleted
C:\WINDOWS\system32\dfrgsrv.exe
Infected with: Dropped:Trojan.Downloader.Zlob.HH
C:\WINDOWS\system32\dfrgsrv.exe
Disinfection failed
C:\WINDOWS\system32\dfrgsrv.exe
Deleted
C:\WINDOWS\mynew.ocx
Infected with: Trojan.Downloader.Mypay.A
C:\WINDOWS\mynew.ocx
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Infected with: Exploit.ADODB.Stream.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm
Update failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Infected with: Exploit.ADODB.Stream.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm
Update failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Infected with: Trojan.Clicker.HTML.IFrame.A
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm
Updated
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Infected with: Exploit.Win32.MS05-002.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Infected with: Trojan.Downloader.IH
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Deleted
Logfile of HijackThis v1.99.1
Scan saved at 20:55:24, on 8-4-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\SEVERIN\Bureaublad\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?77d0f146ca6a4a548544912e6835478a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?77d0f146ca6a4a548544912e6835478a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
voici le nouveau rapport de bitdefender et de hijackhis. en passant je ne posséde pas de SP2 de windows.
merci.
BitDefender Online Scanner
Scan report generated at: Sat, Apr 08, 2006 - 20:17:16
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:04:23
Files
255907
Folders
2663
Boot Sectors
2
Archives
1847
Packed Files
16828
Results
Identified Viruses
17
Infected Files
30
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
30
Engines Info
Virus Definitions
363399
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Infected with: Trojan.Swizzor.DH
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006573.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Infected with: Trojan.Swizzor.DH
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP83\A0006574.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008241.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008279.exe
Infected with: GenPack:Trojan.Downloader.Small.VU
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP115\A0008279.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Infected with: MemScan:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009109.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Infected with: GenPack:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP133\A0009110.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Infected with: Trojan.Spy.Small.DM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009293.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009294.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Infected with: Trojan.Popuper.N
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009295.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Infected with: MemScan:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009319.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Infected with: GenPack:Trojan.Small.S
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009323.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Infected with: Trojan.Small.EV
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP135\A0009330.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009416.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP138\A0009436.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP142\A0009698.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009716.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Infected with: Trojan.Clicker.Agent.AM
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP144\A0009731.exe
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Infected with: Trojan.Fakealert.BE
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP147\A0010152.dll
Deleted
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Infected with: Trojan.Downloader.Swizzor.DO
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Disinfection failed
C:\System Volume Information\_restore{44C4B338-D8A1-48D1-8C02-A2146DF1DE81}\RP153\A0010748.exe
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171146.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171201.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171202.backup
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.20051012-171210.backup
Deleted
C:\WINDOWS\system32\dfrgsrv.exe
Infected with: Dropped:Trojan.Downloader.Zlob.HH
C:\WINDOWS\system32\dfrgsrv.exe
Disinfection failed
C:\WINDOWS\system32\dfrgsrv.exe
Deleted
C:\WINDOWS\mynew.ocx
Infected with: Trojan.Downloader.Mypay.A
C:\WINDOWS\mynew.ocx
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Infected with: Exploit.ADODB.Stream.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm=>/777chm.htm
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\VRHPKO0Q\777_bb[1].chm
Update failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Infected with: Exploit.ADODB.Stream.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm=>/1.htm
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\D7ZZ9DKE\D4XTLe0Lxe4lob-nTRt_[1].chm
Update failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Infected with: Trojan.Clicker.HTML.IFrame.A
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm=>(JAVASCRIPT 3)
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\073FU4P1\smutgod[1].htm
Updated
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Infected with: Exploit.Win32.MS05-002.Gen
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\V35DT196\xoce[1].ani
Deleted
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Infected with: Trojan.Downloader.IH
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Disinfection failed
C:\Documents and Settings\SEVERIN\Local Settings\Temporary Internet Files\Content.IE5\MJ3GLSLX\ie[1].exe
Deleted
Logfile of HijackThis v1.99.1
Scan saved at 20:55:24, on 8-4-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\SEVERIN\Bureaublad\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?77d0f146ca6a4a548544912e6835478a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?77d0f146ca6a4a548544912e6835478a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod3\v4\yhexbmes.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Bonsoir LYONNAIS, chère deyshauna;)
~~ Fais ceci dans l'ordre ~~
1/ Clique droit sur Poste de travail -> Propriétés-> onglet Restauration du système -> tu coches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer -> Oui.
Ensuite, tu décoches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer
2/ Télécharge et nettoie ton PC avec ces deux logiciels :
CCLEANER https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Utilisation : Dans l'onglet "Nettoyeur" cliquez sur "Analyse". Une fois l'analyse terminée, cliquez sur "Lancer le Nettoyage".
Ensuite, dans l'onglet "Erreurs" cliquez sur "Chercher des erreurs" puis, avant de cliquer sur "Réparer les erreurs sélectionnées" effectuez une sauvegarde de votre registre (comme proposé).
CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
Visiblement, tu as ignoré mon conseil 2/ de mon 1er message.
Je te répète donc (c'est important) :
3/ Fais toutes les mises à jour via Windows update :
http://www.windowsupdate.com/windowsupdate/v6/default.aspx
Bonne chance ^^
~~ Fais ceci dans l'ordre ~~
1/ Clique droit sur Poste de travail -> Propriétés-> onglet Restauration du système -> tu coches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer -> Oui.
Ensuite, tu décoches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer
2/ Télécharge et nettoie ton PC avec ces deux logiciels :
CCLEANER https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Utilisation : Dans l'onglet "Nettoyeur" cliquez sur "Analyse". Une fois l'analyse terminée, cliquez sur "Lancer le Nettoyage".
Ensuite, dans l'onglet "Erreurs" cliquez sur "Chercher des erreurs" puis, avant de cliquer sur "Réparer les erreurs sélectionnées" effectuez une sauvegarde de votre registre (comme proposé).
CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
Visiblement, tu as ignoré mon conseil 2/ de mon 1er message.
Je te répète donc (c'est important) :
3/ Fais toutes les mises à jour via Windows update :
http://www.windowsupdate.com/windowsupdate/v6/default.aspx
Bonne chance ^^
