Virus drive cleaner
flo
-
jo -
jo -
Bonjour je reçois des fenêtres intempestives suite au virus drive cleaner
j'ai suivi les démarches, j'espère les avoir bien exécutées mais je continue à avoir des fenêtres de pub
voici mes rapports
merci d'avance pour votre aide
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:32:16 16/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_clint.dll -> Adware.Cydoor : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_htm.dll -> Adware.Cydoor : Nettoyé.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé.
C:\Program Files\FreeGo\Winpcap\WinPcap4.exe -> Adware.MediaTicket : Nettoyé.
C:\Program Files\WinPcap\Uninstall.exe -> Adware.MediaTicket : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/of_play_ins_w_2039.exe -> Adware.OnFlow : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/tsad.dll -> Adware.TimeSinc : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsad.dll -> Adware.TimeSink : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsadbot.exe -> Adware.TimeSink : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/TSAdBot.exe -> Adware.TimeSink : Nettoyé.
C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\xbox\Emulateur - Xbox.rar/Emulateur - Xbox\xbox_emulator.1.00.exe -> Backdoor.Emulbox : Nettoyé.
C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\Ps2\PS2 Emulateur pour PC.exe -> Backdoor.VB.nn : Nettoyé.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Tue, Apr 17, 2007 - 18:52:03
Scan path: C:\;
Statistics
Time
01:56:37
Files
468868
Folders
5990
Boot Sectors
2
Archives
7718
Packed Files
40414
Results
Identified Viruses
12
Infected Files
32
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
44
Engines Info
Virus Definitions
486517
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Infected with: Trojan.Downloader.Agent.AMM
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Infected with: Trojan.Downloader.Agent.AMM
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Infected with: Trojan.Downloader.Winfixer.O
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab
Update failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2)
Infected with: Generic.Sdbot.BC9D7D17
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2)
Infected with: Generic.Sdbot.FBB56154
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2)
Infected with: Generic.Sdbot.F2997CD6
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2)
Infected with: Generic.Sdbot.BC9D7D17
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2)
Infected with: Generic.Sdbot.129EE275
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2)
Infected with: Generic.Sdbot.FBB56154
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2)
Deleted
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Infected with: Backdoor.FTP.Bmail
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Deleted
C:\RECYCLER\NPROTECT\00021730.exe
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053
Update failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2)
Infected with: Generic.Sdbot.F2997CD6
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2)
Deleted
C:\WINDOWS\pmkkji.dll
Infected with: Trojan.Agent.AOM
C:\WINDOWS\pmkkji.dll
Disinfection failed
C:\WINDOWS\pmkkji.dll
Delete failed
C:\WINDOWS\system32\kbd394.dll
Infected with: Trojan.Downloader.ConHook.AI
C:\WINDOWS\system32\kbd394.dll
Disinfection failed
C:\WINDOWS\system32\kbd394.dll
Delete failed
C:\WINDOWS\xxyvsp.dll
Infected with: Trojan.Agent.AOM
C:\WINDOWS\xxyvsp.dll
Disinfection failed
C:\WINDOWS\xxyvsp.dll
Delete failed
Logfile of HijackThis v1.99.1
Scan saved at 18:58:12, on 17/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\System32\tmp18.tmp.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {ebdb593b-32c8-467c-8eb6-6f508b7146dd} - C:\WINDOWS\system32\kbd394.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows PDG] winpdg.exe
O4 - HKLM\..\Run: [Microsoft Services] lssrv.exe
O4 - HKLM\..\Run: [start uploading] smsss.exe
O4 - HKLM\..\Run: [Start Upping] svchostes.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BootService] rundll32.exe "C:\WINDOWS\xxyvsp.dll",realset
O4 - HKLM\..\RunServices: [Windows Update] wupdate.exe
O4 - HKLM\..\RunServices: [Windows PDG] winpdg.exe
O4 - HKLM\..\RunServices: [Microsoft Services] lssrv.exe
O4 - HKLM\..\RunServices: [start uploading] smsss.exe
O4 - HKLM\..\RunServices: [Start Upping] svchostes.exe
O4 - HKCU\..\Run: [start uploading] smsss.exe
O4 - HKCU\..\Run: [Start Upping] svchostes.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunServices: [start uploading] smsss.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\UTILIT~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://cdiscount.htmlupload.com/upload/JavaActiveX/ImageUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: kbd394 - C:\WINDOWS\SYSTEM32\kbd394.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
j'ai suivi les démarches, j'espère les avoir bien exécutées mais je continue à avoir des fenêtres de pub
voici mes rapports
merci d'avance pour votre aide
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:32:16 16/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_clint.dll -> Adware.Cydoor : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_htm.dll -> Adware.Cydoor : Nettoyé.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé.
C:\Program Files\FreeGo\Winpcap\WinPcap4.exe -> Adware.MediaTicket : Nettoyé.
C:\Program Files\WinPcap\Uninstall.exe -> Adware.MediaTicket : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/of_play_ins_w_2039.exe -> Adware.OnFlow : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/tsad.dll -> Adware.TimeSinc : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsad.dll -> Adware.TimeSink : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsadbot.exe -> Adware.TimeSink : Nettoyé.
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/TSAdBot.exe -> Adware.TimeSink : Nettoyé.
C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\xbox\Emulateur - Xbox.rar/Emulateur - Xbox\xbox_emulator.1.00.exe -> Backdoor.Emulbox : Nettoyé.
C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\Ps2\PS2 Emulateur pour PC.exe -> Backdoor.VB.nn : Nettoyé.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Tue, Apr 17, 2007 - 18:52:03
Scan path: C:\;
Statistics
Time
01:56:37
Files
468868
Folders
5990
Boot Sectors
2
Archives
7718
Packed Files
40414
Results
Identified Viruses
12
Infected Files
32
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
44
Engines Info
Virus Definitions
486517
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Infected with: Trojan.Downloader.Agent.AMM
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1]
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Infected with: Trojan.Agent.AMQ
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1]
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Infected with: Trojan.Downloader.Agent.AMM
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Infected with: Trojan.Downloader.Winfixer.O
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Disinfection failed
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe
Deleted
C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab
Update failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2)
Infected with: Generic.Sdbot.BC9D7D17
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2)
Infected with: Generic.Sdbot.FBB56154
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2)
Infected with: Generic.Sdbot.F2997CD6
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Disinfection failed
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2)
Infected with: Generic.Sdbot.BC9D7D17
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2)
Infected with: Generic.Sdbot.129EE275
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2)
Deleted
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2)
Infected with: Generic.Sdbot.FBB56154
C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2)
Deleted
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021522.exe=>wise0020
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021730.exe=>wise0009
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Infected with: Backdoor.FTP.Bmail
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0021
Deleted
C:\RECYCLER\NPROTECT\00021730.exe
Update failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Detected with: Adware.CyDoor
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Disinfection failed
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll
Deleted
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)
Updated
C:\RECYCLER\NPROTECT\00021730.exe=>wise0053
Update failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Infected with: Backdoor.Poebot.A
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2)
Infected with: Generic.Sdbot.F2997CD6
C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2)
Deleted
C:\WINDOWS\pmkkji.dll
Infected with: Trojan.Agent.AOM
C:\WINDOWS\pmkkji.dll
Disinfection failed
C:\WINDOWS\pmkkji.dll
Delete failed
C:\WINDOWS\system32\kbd394.dll
Infected with: Trojan.Downloader.ConHook.AI
C:\WINDOWS\system32\kbd394.dll
Disinfection failed
C:\WINDOWS\system32\kbd394.dll
Delete failed
C:\WINDOWS\xxyvsp.dll
Infected with: Trojan.Agent.AOM
C:\WINDOWS\xxyvsp.dll
Disinfection failed
C:\WINDOWS\xxyvsp.dll
Delete failed
Logfile of HijackThis v1.99.1
Scan saved at 18:58:12, on 17/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\System32\tmp18.tmp.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {ebdb593b-32c8-467c-8eb6-6f508b7146dd} - C:\WINDOWS\system32\kbd394.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows PDG] winpdg.exe
O4 - HKLM\..\Run: [Microsoft Services] lssrv.exe
O4 - HKLM\..\Run: [start uploading] smsss.exe
O4 - HKLM\..\Run: [Start Upping] svchostes.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BootService] rundll32.exe "C:\WINDOWS\xxyvsp.dll",realset
O4 - HKLM\..\RunServices: [Windows Update] wupdate.exe
O4 - HKLM\..\RunServices: [Windows PDG] winpdg.exe
O4 - HKLM\..\RunServices: [Microsoft Services] lssrv.exe
O4 - HKLM\..\RunServices: [start uploading] smsss.exe
O4 - HKLM\..\RunServices: [Start Upping] svchostes.exe
O4 - HKCU\..\Run: [start uploading] smsss.exe
O4 - HKCU\..\Run: [Start Upping] svchostes.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunServices: [start uploading] smsss.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\UTILIT~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://cdiscount.htmlupload.com/upload/JavaActiveX/ImageUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: kbd394 - C:\WINDOWS\SYSTEM32\kbd394.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
A voir également:
- Virus drive cleaner
- Hd cleaner - Télécharger - Optimisation
- Windows memory cleaner - Télécharger - Optimisation
- Google drive - Accueil - Arnaque
- Adw cleaner - Télécharger - Antivirus & Antimalwares
- Flash drive tester - Télécharger - Divers Utilitaires
25 réponses
Bonjour,
voilà j'ai fait ce que tu m'as demandé.
J'ai pas eu de difficultés pour le faire, bon c'est vrai que rien n'était compliqué ^^
Suis-je complètement désinfecté?
Pour ce qui est de l'ordinateur portable, je n'ai apparament pas de cd de restauration et le pc ne démarre pas sur windows (écran bleu) et le clavier ne répond pas avant le lancement de Windows.
Que puis-je faire?
La ram peut-elle être défectueuse?
Merci
voilà j'ai fait ce que tu m'as demandé.
J'ai pas eu de difficultés pour le faire, bon c'est vrai que rien n'était compliqué ^^
Suis-je complètement désinfecté?
Pour ce qui est de l'ordinateur portable, je n'ai apparament pas de cd de restauration et le pc ne démarre pas sur windows (écran bleu) et le clavier ne répond pas avant le lancement de Windows.
Que puis-je faire?
La ram peut-elle être défectueuse?
Merci
Ton PC me semble propre à toi de me dire si tu rencontres des problèmes.
Pour le PC portable, n'hésite pas à le démonter pour le nettoyer il est peut-être sale ;-)
A++
Pour le PC portable, n'hésite pas à le démonter pour le nettoyer il est peut-être sale ;-)
A++
Bonjour,
je n'ai plus de problème, seulement j'ai parfois du mal à me connecter sur internet, mais je redémarre mon ordinateur dans ce cas.
J'ai fait un scan avec avast, il m'a détecté un cheval de troie qu'il m'a supprimé (enfin j'espère).
Sinon ras.
Merci beaucoup pour ton aide.
Je colle un rapport hijackthis pour confirmation
Logfile of HijackThis v1.99.1
Scan saved at 14:04:39, on 27/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast\aswUpdSv.exe
C:\Program Files\Antivirus\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast\ashWebSv.exe
C:\Program Files\Antivirus\Avast\ashMaiSv.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)
je n'ai plus de problème, seulement j'ai parfois du mal à me connecter sur internet, mais je redémarre mon ordinateur dans ce cas.
J'ai fait un scan avec avast, il m'a détecté un cheval de troie qu'il m'a supprimé (enfin j'espère).
Sinon ras.
Merci beaucoup pour ton aide.
Je colle un rapport hijackthis pour confirmation
Logfile of HijackThis v1.99.1
Scan saved at 14:04:39, on 27/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast\aswUpdSv.exe
C:\Program Files\Antivirus\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast\ashWebSv.exe
C:\Program Files\Antivirus\Avast\ashMaiSv.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)
Salut
Fais ceci :
¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- AVG Anti-Spyware Guard
- InstallDriver Table Manager
- NVIDIA Driver Helper Service
- Remote Packet Capture Protocol v.0
- Symantec Network Drivers Service
¤ Télécharge et double clic sur ce fichier, c'est pour corriger des traces laissés par ton infection. Accepte la fusion au registre
---> http://www.mediafire.com/?5kndjznzk3z
¤ Nettoyes complétement avec CCleaner.
¤ Puis défragmente ton PC, pas avec celui de Windows ..
https://kerio.probb.fr/t17-pourquoi-et-comment-dfragmenter-le-disque-dur
Ensuite, redémarre ton PC et dis moi comment ça se passe :-)
Fais ceci :
¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- AVG Anti-Spyware Guard
- InstallDriver Table Manager
- NVIDIA Driver Helper Service
- Remote Packet Capture Protocol v.0
- Symantec Network Drivers Service
¤ Télécharge et double clic sur ce fichier, c'est pour corriger des traces laissés par ton infection. Accepte la fusion au registre
---> http://www.mediafire.com/?5kndjznzk3z
¤ Nettoyes complétement avec CCleaner.
¤ Puis défragmente ton PC, pas avec celui de Windows ..
https://kerio.probb.fr/t17-pourquoi-et-comment-dfragmenter-le-disque-dur
Ensuite, redémarre ton PC et dis moi comment ça se passe :-)
Bonjour,
j'ai utilisé un des logiciels de défragmentation, auslogics, et à première vue je n'ai aucun problème à première vue, même pas de virus (avast). Pourvu que ça dure!! ^^
Merci beaucoup.
Si je dois encore faire quelque chose, tiens moi au courant.
A+
j'ai utilisé un des logiciels de défragmentation, auslogics, et à première vue je n'ai aucun problème à première vue, même pas de virus (avast). Pourvu que ça dure!! ^^
Merci beaucoup.
Si je dois encore faire quelque chose, tiens moi au courant.
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Le pc démarre normalement. Allez savoir ce qui s'est passé.
Bonne soirée.