Analyse Bitdefender + Hijackthis
69underground
Messages postés
11
Statut
Membre
-
ep44 Messages postés 7432 Statut Contributeur -
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,
Je viens de faire une analyse d'hiver Bitdefender + Hijackthis. Bitdefender a trouve des intrus dont certains semblent toujours presents. Merci de m'indiquer comment resoudre les problemes ! Bonne journee.
Voici les rapports.
Bitdefender:
BitDefender Online Scanner
Scan report generated at: Sun, Jan 27, 2008 - 03:30:13
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
02:16:09
Files
391570
Folders
13945
Boot Sectors
7
Archives
14455
Packed Files
12865
Results
Identified Viruses
4
Infected Files
8
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
11
Engines Info
Virus Definitions
977439
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Detected with: Adware.Savenow.DR
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Detected with: Application.Adware.Savenow.G
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Disinfection failed
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)
Update failed
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Detected with: Application.Adware.Savenow.G
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Disinfection failed
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Deleted
C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll
Infected with: Trojan.Generic.75656
C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll
Deleted
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Detected with: Application.Adware.Savenow.G
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Disinfection failed
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Deleted
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166603.dll
Infected with: Trojan.Generic.75656
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166603.dll
Deleted
Hjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:46, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Yahoo!\NAV\navapsvc.exe
C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\emMON.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\WinTV\WinTV2K.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4GGLH_fr___FR203&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bt.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Wireless Adapter Configurator - Unknown owner - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Je viens de faire une analyse d'hiver Bitdefender + Hijackthis. Bitdefender a trouve des intrus dont certains semblent toujours presents. Merci de m'indiquer comment resoudre les problemes ! Bonne journee.
Voici les rapports.
Bitdefender:
BitDefender Online Scanner
Scan report generated at: Sun, Jan 27, 2008 - 03:30:13
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
02:16:09
Files
391570
Folders
13945
Boot Sectors
7
Archives
14455
Packed Files
12865
Results
Identified Viruses
4
Infected Files
8
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
11
Engines Info
Virus Definitions
977439
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Detected with: Adware.Savenow.DR
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Detected with: Application.Adware.Savenow.G
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Disinfection failed
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)
Update failed
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Detected with: Application.Adware.Savenow.G
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Disinfection failed
C:\Program Files\DaemonTool\DAEMON Tools\SetupDTSB.exe
Deleted
C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll
Infected with: Trojan.Generic.75656
C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll
Deleted
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Detected with: Application.Adware.Savenow.G
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Disinfection failed
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166602.exe
Deleted
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166603.dll
Infected with: Trojan.Generic.75656
C:\System Volume Information\_restore{5ADFB9CA-EE5D-400B-9E36-03CE9021BE6D}\RP562\A0166603.dll
Deleted
Hjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:46, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Yahoo!\NAV\navapsvc.exe
C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\emMON.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\WinTV\WinTV2K.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4GGLH_fr___FR203&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bt.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Wireless Adapter Configurator - Unknown owner - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
A voir également:
- Analyse Bitdefender + Hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Bitdefender free - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
9 réponses
Bonjour
Télécharge FixWareout de l'un de ces deux liens :
http://downloads.subratam.org/Fixwareout.exe
https://www.bleepingcomputer.com/download/linux/
Sauvegarde-le sur ton Bureau, puis lance-le.
Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.
Suis les directives à l'écran.
L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.
Le redémarrage risque de prendre un peu plus de temps; ceci est normal.
Lorsque redémarré, un fichier texte apparaîtra (report.txt); copie/colle ce rapport dans ta prochaine réponse, avec un nouveau rapport HijackThis également.
@+
Télécharge FixWareout de l'un de ces deux liens :
http://downloads.subratam.org/Fixwareout.exe
https://www.bleepingcomputer.com/download/linux/
Sauvegarde-le sur ton Bureau, puis lance-le.
Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.
Suis les directives à l'écran.
L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.
Le redémarrage risque de prendre un peu plus de temps; ceci est normal.
Lorsque redémarré, un fichier texte apparaîtra (report.txt); copie/colle ce rapport dans ta prochaine réponse, avec un nouveau rapport HijackThis également.
@+
Merci beaucoup pour la reponse.
Voici le rapport FixWareout :
Username "user" - 27/01/2008 12:06:03 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.114.11 85.255.112.234" <Value cleared.
Impossible de vider la cache de résolution DNS : La fonction a échoué lors de l'exécution.
System was rebooted successfully.
~~~~~ Postrun check
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="C:\\WINDOWS\\ATK0100\\Hcontrol.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ATIPTA"="C:\\Progra~1\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATIModeChange"="Ati2mdxx.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"btbb_wcm_McciTrayApp"="C:\\Program Files\\btbb_wcm\\McciTrayApp.exe"
"Power_Gear"="C:\\Program Files\\ASUS\\Power4 Gear\\BatteryLife.exe 1"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_02\\bin\\jusched.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\AVG Anti-spy\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
Et le nouveau rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:48, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Yahoo!\NAV\navapsvc.exe
C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4GGLH_fr___FR203&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bt.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Wireless Adapter Configurator - Unknown owner - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Voici le rapport FixWareout :
Username "user" - 27/01/2008 12:06:03 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.114.11 85.255.112.234" <Value cleared.
Impossible de vider la cache de résolution DNS : La fonction a échoué lors de l'exécution.
System was rebooted successfully.
~~~~~ Postrun check
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="C:\\WINDOWS\\ATK0100\\Hcontrol.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ATIPTA"="C:\\Progra~1\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATIModeChange"="Ati2mdxx.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"btbb_wcm_McciTrayApp"="C:\\Program Files\\btbb_wcm\\McciTrayApp.exe"
"Power_Gear"="C:\\Program Files\\ASUS\\Power4 Gear\\BatteryLife.exe 1"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_02\\bin\\jusched.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\AVG Anti-spy\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
Et le nouveau rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:48, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Yahoo!\NAV\navapsvc.exe
C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4GGLH_fr___FR203&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bt.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-spy\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Wireless Adapter Configurator - Unknown owner - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
relance hijack et coche ceci
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
ensuite clic sur fix checked
ensuite
je vois que tu as AVG anti-spyware fait les mises à jours et lance le en mode sans échec
et poste le rapport
@+
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\MemoWeb 4 - Découverte\IEBtn\Launcher (file missing)
ensuite clic sur fix checked
ensuite
je vois que tu as AVG anti-spyware fait les mises à jours et lance le en mode sans échec
et poste le rapport
@+
Merci pur l'aide.
Voici le rapport AVG, j'ai supprime les 35 TrackingCookies.
:mozilla.113:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.127:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.128:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.129:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.88:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.89:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.60:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\Lolo\Cookies\lolo@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.58:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.59:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.79:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.80:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
Voici le rapport AVG, j'ai supprime les 35 TrackingCookies.
:mozilla.113:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.127:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.128:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.129:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.88:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.89:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.60:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\Lolo\Cookies\lolo@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.58:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.59:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.79:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.80:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Lolo\Application Data\Mozilla\Firefox\Profiles\y9aur99i.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
il faut le refaire et choisir supprimer
sur ton rapport tu as aucune action entreprise
donc recommence et ensuite
maintenant on va faire un scan en ligne
avec bitdefender et colle le rapport
https://www.bitdefender.com/toolbox/
un tuto
https://kerio.probb.fr/
@+
sur ton rapport tu as aucune action entreprise
donc recommence et ensuite
maintenant on va faire un scan en ligne
avec bitdefender et colle le rapport
https://www.bitdefender.com/toolbox/
un tuto
https://kerio.probb.fr/
@+
Effectivement j'avais genere le rapport precedent avant la suppression. Mais j'avais bien supprimer les fichiers a supprimer par la suite.
Voici le rapport bitdefender, il reste des intrus.
Merci encore pour l'aide efficace !
BitDefender Online Scanner
Scan report generated at: Sun, Jan 27, 2008 - 21:47:13
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;
Statistics
Time
03:09:07
Files
343132
Folders
12556
Boot Sectors
9
Archives
8342
Packed Files
9470
Results
Identified Viruses
3
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
7
Engines Info
Virus Definitions
977527
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Detected with: Adware.Savenow.DR
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Detected with: Application.Adware.Savenow.G
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Disinfection failed
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)
Update failed
Voici le rapport bitdefender, il reste des intrus.
Merci encore pour l'aide efficace !
BitDefender Online Scanner
Scan report generated at: Sun, Jan 27, 2008 - 21:47:13
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;
Statistics
Time
03:09:07
Files
343132
Folders
12556
Boot Sectors
9
Archives
8342
Packed Files
9470
Results
Identified Viruses
3
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
7
Engines Info
Virus Definitions
977527
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\048E4320=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Zlob.7.1FED44BB
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A56907.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Detected with: Adware.Savenow.DR
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F720D4D.exe=>(Quarantine-2)
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Detected with: Application.Adware.Savenow.G
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Disinfection failed
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)=>zlib_nsis0010
Deleted
C:\Program Files\BSplayer\bsplayer141.832.exe=>(NSIS o)
Update failed
Bonsoir non il sont bien supprimer
Results
Identified Viruses
3
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
7
as tu encore des soucis ?
Results
Identified Viruses
3
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
7
as tu encore des soucis ?
