Rapports pour dectection virus
Résolu
margouyalex
Messages postés
110
Statut
Membre
-
philae83 Messages postés 12854 Statut Contributeur sécurité -
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour,et encore d'avance un grand merci pour le sérieux de votre site etde son tutoriel ,alors suite à un virus sur messenger voilà mes 3 rapports,sinon je suis sur pc 2.6ghz avec win xp pro sp2 avast pro et zone alarm + spybot ,voici les rapports:
1 avg anti spyware:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 00:43:08 13/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\alex\Bureau\Everest Poker.exe -> Adware.Casino : Aucune action entreprise.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : Aucune action entreprise.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080809.exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080819.old -> Adware.Casino : Aucune action entreprise.
C:\Documents and Settings\alex\Application Data\Registry Cleaner -> Adware.RogueSuspect : Aucune action entreprise.
C:\Documents and Settings\alex\Application Data\Registry Cleaner\RegClean.ini -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial\soref.dll -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial\soref_v1.dll -> Adware.RogueSuspect : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.20:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 00:49:59 13/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\alex\Bureau\Everest Poker.exe -> Adware.Casino : Ignoré.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : Ignoré.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080809.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080819.old -> Adware.Casino : Ignoré.
C:\Documents and Settings\alex\Application Data\Registry Cleaner -> Adware.RogueSuspect : Ignoré.
C:\Documents and Settings\alex\Application Data\Registry Cleaner\RegClean.ini -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial\soref.dll -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial\soref_v1.dll -> Adware.RogueSuspect : Ignoré.
:mozilla.24:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.18:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
2 bitdefender
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 12/10/2007 19:41:56
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\WINDOWS
C:\Program Files
Folders : 4716
Files : 111042
Memory processes scanned : 0
Archives : 1
Runtime packers : 9609
Identified viruses : 3
Infected files : 3
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 3
I/O errors : 2
Scan time : 00:24:50
Scan speed (files/sec) : 74
Virus definitions : 899790
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[ ] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[X] Programs
[ ] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\DOCUME~1\alex\LOCALS~1\Temp\1192210916.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[ ] Registry keys
[ ] Cookies
Summary:
C:\WINDOWS\LBTWiz.exe Infected: Backdoor.Sdbot.DEXW
C:\WINDOWS\LBTWiz.exe Disinfection failed
C:\WINDOWS\LBTWiz.exe Moved
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Detected: Spyware.Winfixer.M
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Disinfection failed
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Moved
C:\Program Files\MSN Messenger\riched20.dll Detected: Adware.MyWebSearch.AV
C:\Program Files\MSN Messenger\riched20.dll Disinfection failed
C:\Program Files\MSN Messenger\riched20.dll Moved
3 rapport highjack
Logfile of HijackThis v1.99.1
Scan saved at 01:01:15, on 13/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\LBTWiz.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://margouyalexvenise.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6969B9C2-948D-40A6-9816-4A96AAC9D491}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{7EDA9965-C2A8-4794-8AC0-20CAF2CC0D0D}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
voilà ce monstreux papyrus,en espérant une aide de votre part et quelques conseils pour mieux se protèger en matière de logiciels,je vous remercie bonne soirée.
1 avg anti spyware:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 00:43:08 13/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\alex\Bureau\Everest Poker.exe -> Adware.Casino : Aucune action entreprise.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : Aucune action entreprise.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080809.exe -> Adware.Casino : Aucune action entreprise.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080819.old -> Adware.Casino : Aucune action entreprise.
C:\Documents and Settings\alex\Application Data\Registry Cleaner -> Adware.RogueSuspect : Aucune action entreprise.
C:\Documents and Settings\alex\Application Data\Registry Cleaner\RegClean.ini -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial\soref.dll -> Adware.RogueSuspect : Aucune action entreprise.
C:\Program Files\Registry Cleaner Trial\soref_v1.dll -> Adware.RogueSuspect : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.20:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 00:49:59 13/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\alex\Bureau\Everest Poker.exe -> Adware.Casino : Ignoré.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : Ignoré.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080809.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{C2EC0B6B-BC9D-4FB7-913B-C0F9A6B493EB}\RP533\A0080819.old -> Adware.Casino : Ignoré.
C:\Documents and Settings\alex\Application Data\Registry Cleaner -> Adware.RogueSuspect : Ignoré.
C:\Documents and Settings\alex\Application Data\Registry Cleaner\RegClean.ini -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial\soref.dll -> Adware.RogueSuspect : Ignoré.
C:\Program Files\Registry Cleaner Trial\soref_v1.dll -> Adware.RogueSuspect : Ignoré.
:mozilla.24:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.18:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\4srwazb3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
2 bitdefender
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 12/10/2007 19:41:56
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\WINDOWS
C:\Program Files
Folders : 4716
Files : 111042
Memory processes scanned : 0
Archives : 1
Runtime packers : 9609
Identified viruses : 3
Infected files : 3
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 3
I/O errors : 2
Scan time : 00:24:50
Scan speed (files/sec) : 74
Virus definitions : 899790
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[ ] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[X] Programs
[ ] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\DOCUME~1\alex\LOCALS~1\Temp\1192210916.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[ ] Registry keys
[ ] Cookies
Summary:
C:\WINDOWS\LBTWiz.exe Infected: Backdoor.Sdbot.DEXW
C:\WINDOWS\LBTWiz.exe Disinfection failed
C:\WINDOWS\LBTWiz.exe Moved
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Detected: Spyware.Winfixer.M
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Disinfection failed
C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll Moved
C:\Program Files\MSN Messenger\riched20.dll Detected: Adware.MyWebSearch.AV
C:\Program Files\MSN Messenger\riched20.dll Disinfection failed
C:\Program Files\MSN Messenger\riched20.dll Moved
3 rapport highjack
Logfile of HijackThis v1.99.1
Scan saved at 01:01:15, on 13/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\LBTWiz.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://margouyalexvenise.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6969B9C2-948D-40A6-9816-4A96AAC9D491}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{7EDA9965-C2A8-4794-8AC0-20CAF2CC0D0D}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
voilà ce monstreux papyrus,en espérant une aide de votre part et quelques conseils pour mieux se protèger en matière de logiciels,je vous remercie bonne soirée.
A voir également:
- Rapports pour dectection virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
