Virus infecté par trojan zlob gen et gen pack

latitu Messages postés 70 Statut Membre -  
 Utilisateur anonyme -
bonjour à tous

je demande votre aide car mon bitdefender m'indique qu'il bloque des virus mais c'est constament j'ai beau le scanner il me les trouve me les deplace mais il revienne toujours.

mes scan spybot et adware sont deja fait et rien trouvé

Voici mon rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 09:34:40, on 19/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\WService.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\STEPHE\step\Kitbar4$.exe
D:\LAETITIA\BootCD\WinTools\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

voila j'espere que vous allez savoir faire quelque chose merci d'avance

6 réponses

  1. Utilisateur anonyme
     
    Salut,

    clique sur demarrer, rechercher, cherche et supprime ces fichiers:

    WService.EXE

    **Si un fichier persiste lors de la suppression fais ceci:
    -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

    Désactive ton pare-feu Windows(SP2) car il ne sert à rien et installe celui-ci pour que tu sois mieux protégé

    Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
    Kerio Personal Firewall
    -tutorial: pour configurer et comprendre l'utilisation de Kerio
    https://kerio.probb.fr/

    Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
    Ewido: (reste gratuit après la période d'essai)
    Télécharger Ewido Security Suite
    0
  2. latitu Messages postés 70 Statut Membre
     
    voici mon rapport de ewido

    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 13:50:24 19/09/2006

    + Scan result:

    C:\Documents and Settings\User\Cookies\user@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.6:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.7:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\User\Cookies\user@lsfnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\User\Cookies\user@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\User\Cookies\user@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\User\Cookies\user@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
    :mozilla.13:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.14:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    C:\Documents and Settings\User\Cookies\user@com[1].txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\User\Cookies\user@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
    C:\Documents and Settings\User\Cookies\user@epilot[1].txt -> TrackingCookie.Epilot : Cleaned.
    :mozilla.21:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
    :mozilla.15:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\User\Cookies\user@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
    C:\Documents and Settings\User\Cookies\user@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned.
    C:\Documents and Settings\User\Cookies\user@linkbuddies[2].txt -> TrackingCookie.Linkbuddies : Cleaned.
    C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.10:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.11:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.12:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.9:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    C:\Documents and Settings\User\Cookies\user@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.93:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
    :mozilla.94:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
    :mozilla.95:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
    :mozilla.47:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.48:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.50:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.51:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.52:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.55:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.56:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.57:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.62:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.63:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.64:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.65:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.66:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.60:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.61:C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\smqg7lx0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

    ::Report end
    0
    1. Utilisateur anonyme
       
      Fais ce nettoyage: (à faire réguliérement)

      ¤Telecharges et installes ceci:
      CCleaner:
      Télécharger Ccleaner

      dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
      Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

      ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"


      puis remets un rapport hijackthis stp
      0
  3. latitu Messages postés 70 Statut Membre
     
    voici mon nouveau rapport hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 09:33:49, on 20/09/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\WINDOWS\system32\WService.EXE
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\TooX\Groom\GroomAgent.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\Drivers\WTSRV.EXE
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    D:\LAETITIA\BootCD\WinTools\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
    O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
    0
    1. Utilisateur anonyme
       
      Salut,

      ça me semble ok, finit par ça:

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
      Une fois qu'il a terminé colle le rapport ici stp

      _Online Scanner
      _Kaspersky Online Scanner
      _My Computer

      https://www.kaspersky.fr/downloads
      0
  4. latitu Messages postés 70 Statut Membre
     
    voici le rapport kaspersky

    Total number of scanned objects 67893
    Number of viruses found 1
    Number of infected objects 4 / 0
    Number of suspicious objects 0
    Duration of the scan process 00:45:38

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

    C:\Documents and Settings\All Users\Documents\setup.exe Infected: Trojan.Win32.Agent.xu skipped

    C:\Documents and Settings\All Users\Documents\site\setup.exe Infected: Trojan.Win32.Agent.xu skipped

    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\User\Application Data\Lavasoft\Ad-Aware\Logs\AWEVLOG.txt Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\call256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\callmember256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\chat512.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\chatmsg256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\contactgroup256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\index2.dat Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\profile16384.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\transfer256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\transfer512.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\user1024.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\user16384.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\user256.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\user4096.dbb Object is locked skipped

    C:\Documents and Settings\User\Application Data\Skype\steligwen\voicemail256.dbb Object is locked skipped

    C:\Documents and Settings\User\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Temp\Perflib_Perfdata_34c.dat Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\KTMJGTIF\popup[1].htm Object is locked skipped

    C:\Documents and Settings\User\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\User\ntuser.dat.LOG Object is locked skipped

    C:\Program Files\eMule\Temp\001.part Object is locked skipped

    C:\Program Files\eMule\Temp\002.part Object is locked skipped

    C:\Program Files\eMule\Temp\003.part Object is locked skipped

    C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped

    C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\System Volume Information\_restore{F1F455E5-9C3F-4532-8A36-61A2D6232FA3}\RP256\change.log Object is locked skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\default Object is locked skipped

    C:\WINDOWS\system32\config\default.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SAM Object is locked skipped

    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\system32\config\software Object is locked skipped

    C:\WINDOWS\system32\config\software.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\system Object is locked skipped

    C:\WINDOWS\system32\config\system.LOG Object is locked skipped

    C:\WINDOWS\system32\h323log.txt Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

    C:\WINDOWS\Temp\tmp000056c7\tmp00000000 Object is locked skipped

    C:\WINDOWS\wiadebug.log Object is locked skipped

    C:\WINDOWS\wiaservc.log Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    D:\setup.exe Infected: Trojan.Win32.Agent.xu skipped

    D:\site\setup.exe Infected: Trojan.Win32.Agent.xu skipped

    D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    Scan process completed.
    0
    1. Utilisateur anonyme
       
      Salut,

      Suit ce chemin et supprime le "...exe"

      C:\Documents and Settings\All Users\Documents\site,

      setup.exe


      Même chose ici:

      D:\setup.exe

      et là:


      D:\site\setup.exe

      Si un fichier persiste lors de la suppression fais ceci:
      -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

      une fois que c'est fait dis nous ou en sont tes problémes
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. latitu Messages postés 70 Statut Membre
     
    je suis desoler mais j'ai des probleme pour me mettre en mode sans echec car la prise violette de de la carte ne veut pas se reconnaitre donc j'ai mon clavier en usb et pas moyen de le mettre autrement donc si vous avez une idées je vous ecoute
    0
  7. Utilisateur anonyme
     
    Telecharges Killbox:
    https://www.generation-nt.com/killbox-telechargement-25430.html

    Doubles clique sur killbox.exe (Pocket Killbox)

    - coches: delete on reboot
    dans la barre vide entre ceci: (exactement)

    C:\Documents and Settings\All Users\Documents\setup.exe

    - cliques sur la croix rouge
    - une fenetre va apparaitre pour confirmation cliques sur YES
    - une seconde fenetre te demande si tu veux redemarrer cliques sur NO

    Ensuite à nouveau dans la barre vide tu réentres ceci:

    D:\site\setup.exe

    - cliques sur la croix rouge
    - une fenetre va apparaitre pour confirmation cliques sur YES
    - une seconde fenetre te demande si tu veux redemarrer cliques sur YES

    Laisses le pc redemarrer, s'il ne redemarre pas de lui même alors fais le, quand il aura redemarré jette le dossier KillBox et la killbox ;-)
    0