Au secours, plein de virus
Résolu
LiliSam
-
higelin22 Messages postés 263 Statut Membre -
higelin22 Messages postés 263 Statut Membre -
Bonjour,
Je semble avoir plein de virus mais je ne peux pas exécuter ni antivirus ni aucunes applications. Le rapport suivant vient de WinAntivirusPro mais pour détruire les virus, il faut payer avant. À date, j'ai essayé plusieurs antivirus mais dès que je veux détruire, l'application ne fonctionne pas. J'ai sois un message que rundll32.exe n'existe pas ou on me demande quel programme utilisé pour ouvrir le fichier. J'ai essayé de copier un autre rundll32.exe mais cela n'a pas fonctionné. J'ai vraiment besoin d'aide. Je ne sais pas si je devrais essayer WinAntivirusPro car j'ai peur de payer pour rien.
WinAntivirusPro system scan report.
Report generated 30-05-08 18:09:34
Type Run type Name Details
Worm C:\WINDOWS\fxsst.dll Win32.Sdbot.ADN A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\iassvcs.dll Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Rogue C:\WINDOWS\igfxext.exe SecurePCCleaner Rogue Security Software: fake Security software that uses deceptive means for installation and purpose.
Worm C:\WINDOWS\igfxtray.exe Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\kbdbr.dll Trojan.Win32.Agent.ado Trojan downloader that is spread as an attachment to a spam email and tries to download a password stealer.
Trojan C:\WINDOWS\kbdhept.dll Trojan.Alg.t Trojan program that can compromise your private information stored on the hard drive.
Trojan C:\WINDOWS\licwmi.dll Win32.Spamta.KG.worm A multi-component mass-mailing worm that downloads and executes files from the Internet.
Trojan C:\WINDOWS\mscdexnt.exe Trojan-Downloader.VBS.Small.dc This Trojan downloads other files via the FTP protocol and launches them for execution on the victim machine without the user’s knowledge.
Trojan C:\WINDOWS\msconf.dll Trojan.BAT.Adduser.t This Trojan has a malicious payload. It is a BAT file. It is 1129 bytes in size.
Spyware autorun Win32.PerFiler Win32.PerFiler is designed to retrieve and install files when executed. Win32.PerFiler is configured to download from either a designated web or FTP site.
Worm autorun Win32.Peacomm.dam A Trojan Downloader that is spread as an attachment to emails with news headlines as the subject lines which downloads additional security threats.
Trojan C:\WINDOWS\mshtmler.dll Trojan.IRCBot.d a worm that opens an IRC back door on the compromised host.
Dialer C:\WINDOWS\msvcp50.dll Dialer.Trafficjam.a Dialer.Trafficjam.a is a premium-rate phone dialer that automatically invokes paid access to various porn-related Web sites.
Spyware C:\WINDOWS\msvcp70.dll Spyware.IEMonster.d "Steals passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Trojan C:\WINDOWS\msvcr71.dll Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Trojan C:\WINDOWS\msvcrt.dll Win32.Outsbot.u A backdoor Trojan that is remotely controlled via Internet Relay Chat (IRC).
Spyware autorun Spyware.KnownBadSites Uses the Windows hosts file to redirect your browser to a malicious site when you try to access a valid site.
Worm C:\WINDOWS\msxml4r.dll Win32.Sdbot.ADN A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\netdde.exe Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Trojan C:\WINDOWS\npptools.dll Trojan.Dropper.MSWord.j A Microsoft Word macro virus that drops a trojan onto the infected host.
Adware C:\WINDOWS\ntdll.dll Adware.eXact.BargainBuddy A browser helper object that monitors internet browsing sessions in an attempt to redirect search queries and distribute unsolicited advertisements.
Trojan autorun Infostealer.Banker.E Steals sensitive information from the infected computer (e.g. logins and passwords from online banking sessions).
Trojan C:\WINDOWS\qappsrv.exe Trojan.Dropper.MSWord.j A Microsoft Word macro virus that drops a trojan onto the infected host.
Worm C:\WINDOWS\qdv.dll Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\racpldlg.dll Trojan.Clicker.EC Trojan.Clicker.EC is an information stealing Trojan that masquerades as a legitimate system file so as to avoid detection and subsequent removal.
Spyware autorun Win32.PerFiler Win32.PerFiler is designed to retrieve and install files when executed. Win32.PerFiler is configured to download from either a designated web or FTP site.
Spyware C:\WINDOWS\rsvpperf.dll Spyware.007SpySoftware Program designed to monitor user activity. May be used with or without consent.
Trojan C:\WINDOWS\safrslv.dll Win32.Clagger.C This is small Trojan downloader that downloads files and lowers security settings. It is spreading as an email attachment.
Spyware C:\WINDOWS\scarddlg.dll Spyware.007SpySoftware Program designed to monitor user activity. May be used with or without consent.
Worm autorun Win32.Peacomm.dam A Trojan Downloader that is spread as an attachment to emails with news headlines as the subject lines which downloads additional security threats.
Worm C:\WINDOWS\smbinst.exe Win32.Miewer.a A Trojan Downloader that masquerades as a legitimate system file. Associated processes connect to the Internet to download additional malicious files
Trojan C:\WINDOWS\toolhelp.dll Trojan.MailGrabber.s Trojan horse that gets access to e-mail accounts on the infected computer.
Worm C:\WINDOWS\usrdtea.dll Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\vbsfr.dll Win32.Clagger.C This is small Trojan downloader that downloads files and lowers security settings. It is spreading as an email attachment.
Worm C:\WINDOWS\vdmdbg.dll Worm.Bagle.CP This is a ""Bagle"" mass-mailer which demonstrates typical ""Bagle"" behavior: it has a .ZIP file attachment.
Spyware autorun Spyware.IMMonitor program that can be used to monitor and record conversations in popular instant messaging applications.
Dialer C:\WINDOWS\wifeman.dll Dialer.Trafficjam.a Dialer.Trafficjam.a is a premium-rate phone dialer that automatically invokes paid access to various porn-related Web sites.
Trojan C:\WINDOWS\wldap32.dll Trojan.Poison.J Trojan.Poison.J is a key-logging Trojan for the Windows platform.
Adware autorun Zlob.PornAdvertiser.ba Adware that displays pop-up/pop-under advertisements of pornographic or online gambling Web sites.
Worm C:\WINDOWS\yayVlkHy.dll Win32.Delbot.AI Win32.Delbot.AI is a worm and IRC backdoor that exploits system and software vulnerabilities in order to provide remote access to the host PC.
Je semble avoir plein de virus mais je ne peux pas exécuter ni antivirus ni aucunes applications. Le rapport suivant vient de WinAntivirusPro mais pour détruire les virus, il faut payer avant. À date, j'ai essayé plusieurs antivirus mais dès que je veux détruire, l'application ne fonctionne pas. J'ai sois un message que rundll32.exe n'existe pas ou on me demande quel programme utilisé pour ouvrir le fichier. J'ai essayé de copier un autre rundll32.exe mais cela n'a pas fonctionné. J'ai vraiment besoin d'aide. Je ne sais pas si je devrais essayer WinAntivirusPro car j'ai peur de payer pour rien.
WinAntivirusPro system scan report.
Report generated 30-05-08 18:09:34
Type Run type Name Details
Worm C:\WINDOWS\fxsst.dll Win32.Sdbot.ADN A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\iassvcs.dll Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Rogue C:\WINDOWS\igfxext.exe SecurePCCleaner Rogue Security Software: fake Security software that uses deceptive means for installation and purpose.
Worm C:\WINDOWS\igfxtray.exe Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\kbdbr.dll Trojan.Win32.Agent.ado Trojan downloader that is spread as an attachment to a spam email and tries to download a password stealer.
Trojan C:\WINDOWS\kbdhept.dll Trojan.Alg.t Trojan program that can compromise your private information stored on the hard drive.
Trojan C:\WINDOWS\licwmi.dll Win32.Spamta.KG.worm A multi-component mass-mailing worm that downloads and executes files from the Internet.
Trojan C:\WINDOWS\mscdexnt.exe Trojan-Downloader.VBS.Small.dc This Trojan downloads other files via the FTP protocol and launches them for execution on the victim machine without the user’s knowledge.
Trojan C:\WINDOWS\msconf.dll Trojan.BAT.Adduser.t This Trojan has a malicious payload. It is a BAT file. It is 1129 bytes in size.
Spyware autorun Win32.PerFiler Win32.PerFiler is designed to retrieve and install files when executed. Win32.PerFiler is configured to download from either a designated web or FTP site.
Worm autorun Win32.Peacomm.dam A Trojan Downloader that is spread as an attachment to emails with news headlines as the subject lines which downloads additional security threats.
Trojan C:\WINDOWS\mshtmler.dll Trojan.IRCBot.d a worm that opens an IRC back door on the compromised host.
Dialer C:\WINDOWS\msvcp50.dll Dialer.Trafficjam.a Dialer.Trafficjam.a is a premium-rate phone dialer that automatically invokes paid access to various porn-related Web sites.
Spyware C:\WINDOWS\msvcp70.dll Spyware.IEMonster.d "Steals passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Trojan C:\WINDOWS\msvcr71.dll Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Trojan C:\WINDOWS\msvcrt.dll Win32.Outsbot.u A backdoor Trojan that is remotely controlled via Internet Relay Chat (IRC).
Spyware autorun Spyware.KnownBadSites Uses the Windows hosts file to redirect your browser to a malicious site when you try to access a valid site.
Worm C:\WINDOWS\msxml4r.dll Win32.Sdbot.ADN A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\netdde.exe Trojan-Dropper.Win32.Agent.bot This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user.
Trojan C:\WINDOWS\npptools.dll Trojan.Dropper.MSWord.j A Microsoft Word macro virus that drops a trojan onto the infected host.
Adware C:\WINDOWS\ntdll.dll Adware.eXact.BargainBuddy A browser helper object that monitors internet browsing sessions in an attempt to redirect search queries and distribute unsolicited advertisements.
Trojan autorun Infostealer.Banker.E Steals sensitive information from the infected computer (e.g. logins and passwords from online banking sessions).
Trojan C:\WINDOWS\qappsrv.exe Trojan.Dropper.MSWord.j A Microsoft Word macro virus that drops a trojan onto the infected host.
Worm C:\WINDOWS\qdv.dll Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\racpldlg.dll Trojan.Clicker.EC Trojan.Clicker.EC is an information stealing Trojan that masquerades as a legitimate system file so as to avoid detection and subsequent removal.
Spyware autorun Win32.PerFiler Win32.PerFiler is designed to retrieve and install files when executed. Win32.PerFiler is configured to download from either a designated web or FTP site.
Spyware C:\WINDOWS\rsvpperf.dll Spyware.007SpySoftware Program designed to monitor user activity. May be used with or without consent.
Trojan C:\WINDOWS\safrslv.dll Win32.Clagger.C This is small Trojan downloader that downloads files and lowers security settings. It is spreading as an email attachment.
Spyware C:\WINDOWS\scarddlg.dll Spyware.007SpySoftware Program designed to monitor user activity. May be used with or without consent.
Worm autorun Win32.Peacomm.dam A Trojan Downloader that is spread as an attachment to emails with news headlines as the subject lines which downloads additional security threats.
Worm C:\WINDOWS\smbinst.exe Win32.Miewer.a A Trojan Downloader that masquerades as a legitimate system file. Associated processes connect to the Internet to download additional malicious files
Trojan C:\WINDOWS\toolhelp.dll Trojan.MailGrabber.s Trojan horse that gets access to e-mail accounts on the infected computer.
Worm C:\WINDOWS\usrdtea.dll Win32.Rbot.CBX A worm and IRC backdoor that exploits system and software vulnerabilities in order to provide unmitigated remote access to the host machine.
Trojan C:\WINDOWS\vbsfr.dll Win32.Clagger.C This is small Trojan downloader that downloads files and lowers security settings. It is spreading as an email attachment.
Worm C:\WINDOWS\vdmdbg.dll Worm.Bagle.CP This is a ""Bagle"" mass-mailer which demonstrates typical ""Bagle"" behavior: it has a .ZIP file attachment.
Spyware autorun Spyware.IMMonitor program that can be used to monitor and record conversations in popular instant messaging applications.
Dialer C:\WINDOWS\wifeman.dll Dialer.Trafficjam.a Dialer.Trafficjam.a is a premium-rate phone dialer that automatically invokes paid access to various porn-related Web sites.
Trojan C:\WINDOWS\wldap32.dll Trojan.Poison.J Trojan.Poison.J is a key-logging Trojan for the Windows platform.
Adware autorun Zlob.PornAdvertiser.ba Adware that displays pop-up/pop-under advertisements of pornographic or online gambling Web sites.
Worm C:\WINDOWS\yayVlkHy.dll Win32.Delbot.AI Win32.Delbot.AI is a worm and IRC backdoor that exploits system and software vulnerabilities in order to provide remote access to the host PC.
A voir également:
- Au secours, plein de virus
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
23 réponses
salut lilisam
bon refait un dernier scan only (hijackthis)
coche les deux lignes suivantes
O20 Winlogon Notify: cbXOHYqr cbXOHYqr.dll (file missing)
O20 Winlogon Notify: __c0056690 C:\WINDOWS\system32\__c0056690.dat (file missing)
ensuite fix checked
et voila tu redemarre et dis nous comment va le pc
logiquement il doit etre propre desormais et tu ne devrai plus avoir trop de probleme
bon refait un dernier scan only (hijackthis)
coche les deux lignes suivantes
O20 Winlogon Notify: cbXOHYqr cbXOHYqr.dll (file missing)
O20 Winlogon Notify: __c0056690 C:\WINDOWS\system32\__c0056690.dat (file missing)
ensuite fix checked
et voila tu redemarre et dis nous comment va le pc
logiquement il doit etre propre desormais et tu ne devrai plus avoir trop de probleme
Je devrais pouvoir te poster le rapport en fin de journée car ma mère est partie travailller.
À plus tard !
Voici le rapport Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21:54, on 02 06 08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\HijackThis\HijackThis.exe
R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 BHO: MSNToolBandBHO {BDBD1DAD C946 4A17 ADC1 64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr ca\msntb.dll
O3 Toolbar: MSN {BDAD1DAD C946 4A17 ADC1 64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr ca\msntb.dll
O4 HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 HKUS\S 1 5 19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 HKUS\S 1 5 20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 Startup: Outil de détection de support de Cyber shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O4 Global Startup: Compagnon d'AOL.lnk = C:\Program Files\AOL Companion\companion.exe
O4 Global Startup: Mini icône d'AOL 8.0.lnk = C:\Program Files\AOL 8.0\aoltray.exe
O9 Extra button: Messenger {FB5F1910 F110 11d2 BB9E 00C04F795683} C:\Program Files\Messenger\msmsgs.exe
O9 Extra 'Tools' menuitem: Windows Messenger {FB5F1910 F110 11d2 BB9E 00C04F795683} C:\Program Files\Messenger\msmsgs.exe
O18 Protocol: intu ir2007 {52BAEC6B 9405 46F9 A131 6D50720A3CC4} C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O20 Winlogon Notify: cbXOHYqr cbXOHYqr.dll (file missing)
O20 Winlogon Notify: __c0056690 C:\WINDOWS\system32\__c0056690.dat (file missing)
O23 Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) Avira GmbH C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) Avira GmbH C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 Service: TrueVector Internet Monitor (vsmon) Zone Labs, LLC C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 Service: WAN Miniport (ATW) Service (WANMiniportService) America Online, Inc. C:\WINDOWS\wanmpsvc.exe
End of file 3689 bytes