Salut à tous,
tout d'abord, merci à tous ceux qui contribuent au site et qui prennent un peu de temps à aider ceux qui galere un peu...
Voila mon petit pb, j ai un pop up qui s affiche en bas de mon ecran, genre "virus alert, computer infected et cie"
Donc j ai suivi la procedure
"Méthode préliminaire de désinfection " que j ai trouvé sur le site histoire de me debarrasser de tout parasite et j ai généré les fichiers codes.
voila donc les 3 logs
Un enorme merci à celui ou celle qui pourra m aider
bonne soirée à tous
Pierre
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 16:41:37 26/07/2006
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{5753791b-f607-48ca-814e-91c14d081f9e} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{ee2975b6-e8d5-405e-8448-8fe9590f6cfb} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5753791b-f607-48ca-814e-91c14d081f9e} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1606980848-162531612-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5753791B-F607-48CA-814E-91C14D081F9E} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Program Files\Adverts\uninst.exe -> Adware.Lop : Cleaned with backup (quarantined).
C:\Documents and Settings\moi\Mes documents\Amaury Squattage\Mes documents\Mes fichiers reçus\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.af : Cleaned with backup (quarantined).
C:\Documents and Settings\moi\Local Settings\Temp\tmp21D.tmp -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
C:\WINDOWS\system32\__delete_on_reboot__m_z_o_e_u_t_._d_l_l_ -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
[1832] C:\WINDOWS\system32\mzoeut.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
:mozilla.23:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\moi\Cookies\moi@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.45:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\moi\Cookies\moi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\RECYCLER\S-1-5-21-1606980848-162531612-725345543-1003\Dc61.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.18:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.6:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.37:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.38:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.39:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.40:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.41:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.44:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.46:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.20:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.21:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.22:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\moi\Cookies\moi@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\RECYCLER\S-1-5-21-1606980848-162531612-725345543-1003\Dc66.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.16:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.17:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\m12ket6h.Amaury\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\moi\Cookies\moi@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
::Report end
BitDefender Online Scanner - Real Time Virus Report
Generated at: Wed, Jul 26, 2006 - 20:07:59
--------------------------------------------------------------------------------
Scan Info
Scanned Files
412866
Infected Files
92
Virus Detected
Exploit.Html.MhtRedir.Gen
1
Trojan.Downloader.Delf.KS
4
Exploit.Win32.WMF-PFV
1
Win32.Bagle.Z@mm
6
Trojan.Flooder.Vb.X
1
Win32.Netsky.Y@mm
1
Win32.Netsky.D@mm
51
Win32.Netsky.AC@mm
18
Trojan.FakeAlert.CO
2
Win32.Plexus.B@mm
1
Win32.Netsky.P@mm
3
Win32.Bagle.AA@mm
1
Win32.Mydoom.M@mm
1
Win32.Bagle.Bd@mm.Dam.1
1
--------------------------------------------------------------------------------
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world
Logfile of HijackThis v1.99.1
Scan saved at 20:58:02, on 26/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stacmon.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\Documents and Settings\moi\Mes documents\NetWatcherPro(pour controler les gens sur son partage)\NetWatcherPro.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\NETGEAR\WG511v2\wlancfg5.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://cache.rez-gif.supelec.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .rez-gif.supelec.fr;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {d1ac752e-883f-4ed8-8828-b618c3a72152} - C:\Program Files\IntCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\WDM\stacmon.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [NetWatcherPro] C:\Documents and Settings\moi\Mes documents\NetWatcherPro(pour controler les gens sur son partage)\NetWatcherPro.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Efface Historique 2.0] C:\PROGRA~1\EFFACE~1\EFFACE~1.EXE -s
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PrevxOne] C:\Program Files\Prevx1\PXConsole.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG511v2 Wireless Assistant.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Afficher la suite
27 juil. 2006 à 11:20
bye
Pierre