Virus dans services.Exe

Résolu/Fermé

Utilisateur anonyme - 25 oct. 2008 à 01:05
Utilisateur anonyme - 25 oct. 2008 à 02:22

Bonsoir

je vous explique mon probleme en deux mots, j'ai un virus qui se trouve dans mon processu services.exe, donc pour l'effacer je suis obliger de couper le processus, malheureusement je en me rapelle plus de la comande qui fo executer pour empecher l'ordi de s'eteindre, si vous la connaissez dites le moi merci

A voir également:

Virus dans services.Exe
Svchost.exe virus - Guide
Lien virus à envoyer - Forum Virus
Faux message virus iphone - Forum iPhone
Vérificateur de lien virus - Guide
Produkey virus ✓ - Forum Windows 10

1 réponse

Réponse 1 / 1

Utilisateur anonyme
25 oct. 2008 à 01:32

Utilisateur anonyme
25 oct. 2008 à 01:34

Logfile of Spyware Terminator v2.3.0.494 (db:2.010.023.000)
Scan Time: 25/10/2008 01:31:21 length: 110 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 40727 (Critical:2)
Filter: No System items, No Safe items, No Invalid items

Running Processes
BlueSoleilCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
BsMobileCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
NMSAccessU.exe : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
WLService.exe [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
WUSB54GC.exe [Linksys] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
BsHelpCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
services.exe : C:\WINDOWS\services.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = localhost
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

Toolbars
03 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run, DirectX For Microsoft® Windows : : C:\WINDOWS\system32\fservice.exe
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, GinaDLL : [Gemtek] : C:\WINDOWS\system32\GTGina.dll

Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll

Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - [Skype Technologies] : C:\WINDOWS\system32\skype4com.dll

Services
23 - [Andrea Electronics Corporation] : C:\WINDOWS\system32\drivers\aeaudio.sys
23 - [Meetinghouse Data Communications] : C:\WINDOWS\system32\DRIVERS\AegisP.sys
23 - [Pinnacle Systems GmbH] : C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\BtHidBus.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\IvtBtBus.sys
23 - : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
23 - [Ralink Technology, Corp.] : C:\WINDOWS\system32\DRIVERS\rt73.sys
23 - [Sensaura] : C:\WINDOWS\system32\drivers\senfilt.sys
23 - [Analog Devices, Inc.] : C:\WINDOWS\system32\drivers\smwdm.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\DRIVERS\VComm.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\VcommMgr.sys
23 - [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\GTNDIS5.SYS

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll

System Policies
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, HomePage : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ConnectionsTab : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, Proxy : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ResetWebSettings : :

Threat Files
<Trojan.Dloader.Agent.ZFG> : C:\WINDOWS\services.exe
<Backdoor.Prorat.bj> : C:\WINDOWS\system32\winkey.dll

Advanced Files Report
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [BlueSoleilCS Module] MD5=236308422E6773D7E939D721EF0A4131 SIZE=778240
%SYSDIR%\bstrace.dll [ivt] [ivt BsTrace] MD5=C09F55892B3D089AC4CE149568BE4112 SIZE=28760
%PROGRAMFILES%\IVT Corporation\BlueSoleil\setup.dll MD5=6ACC26C49EEBA9DF6578F106E8ED956E SIZE=102520
%SYSDIR%\BsHelpCSps.dll [IVT Corporation] [BlueSoleil] MD5=0AF6BFCE166E427B0215DFAE361D1966 SIZE=94314
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsMobileCS.exe [BsMobileCS Module] MD5=9C2600C566BA40953FDF4D886D47FB94 SIZE=143467
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\svrpack.dll [IVT Software Technology lnc.] [Svrpack] MD5=3E49F44E7A2E94AB5EEE79353FE9062A SIZE=176206
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\BaseLib.dll MD5=37EB8B79B8973192C837FB5216930494 SIZE=237568
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\ExtraLib.dll MD5=9613E9DC9C30F4319342FAD2814A9C3C SIZE=61440
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\cscvt.dll MD5=E8335D896DECD1C1B7AD583411EC9F5D SIZE=41472
%PROGRAMFILES%\ALO SOFT\ALO CD BURNER\NMSAccessU.exe MD5=FD306FBCCE7ADB1077B709742E7148E9 SIZE=71096
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [GEMTEKS] [GEMTEKS WLService] MD5=CCFDECD6060EA8EB0F8466782A97FF21 SIZE=53307
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe [Linksys] [WUSB54GC] MD5=FF6A6CBA6EAFE6A2FD3D50B2364D9194 SIZE=5247488
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll MD5=2DB998638EAE8055E5397C380D24EA62 SIZE=45056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ProcNICs.dll [GemTek] [GemTek ProcNICs] MD5=9F7E762DAE91A8D01D9B1EDD6F034BB6 SIZE=36864
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\resWUSB54GC_US.dll [Linksys] [WUSB54GC] MD5=7C8E26F7B5EC39C405A44D74029D1104 SIZE=966656
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\aviWUSB54GC.dll [Linksys] [Version 1.0] MD5=EFEB0215329B1EB6D1B4135774CF4674 SIZE=429056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL [WEP Dynamic Link Library] MD5=D59795CA678B7259917AE4EFE152C000 SIZE=110592
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Ralinktek.DLL [GemTK] [GemTK Dynamic Link Library] MD5=9FC62518F5EED0B37582B61EBD366DC7 SIZE=81920
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\RM_DEV_CODE.dll [GEMTEKS] [GEMTEKS RM_DEV_CODE] MD5=C825A2C2C2FDE8E4D21D13B70AE2FFEB SIZE=40960
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\SES.dll [Linksys] [Linksys SES] MD5=D89F25194AB44961D980F87CA568691B SIZE=77824
%SYSDIR%\GTW32N50.dll MD5=3FBEF477816CEE3E1B67C18727837BF9 SIZE=94208
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ez54g.dll [ez54g Dynamic Link Library] MD5=6831C35A1B65BCD3813C9AE4AAA742E5 SIZE=122880
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ses_cl.dll MD5=7149A4A6431304C60757A3A65B42F96F SIZE=102400
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\0004\AegisE5.dll [Meetinghouse Data Communications] [AEGIS Client API] MD5=B308A8D9AC375D87320133E101288132 SIZE=1417307
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsHelpCS.exe [BsHelpCS Module] MD5=76762D169FFC6727359FD58C8FC00487 SIZE=69735
%SYSDIR%\reginv.dll MD5=D4A3F90E159FFBCBC4F9740DE4B7F171 SIZE=36864
%PROGRAMFILES%\Analog Devices\SoundMAX\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=1A1446A35D0AB4D9CA462FCDF51CBF9D SIZE=266240
%PROGRAMFILES%\Opera\Opera.dll [Opera Software] [Opera Internet Browser] MD5=ED01B58CC963123D770701ECFC4A938E SIZE=3739648
deskpan.dll
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=461F66F25460703B0F9A766A54DA7836 SIZE=344064
%SYSDIR%\drivers\aeaudio.sys [Andrea Electronics Corporation] [Andrea Audio Driver] MD5=9F59AE2DE835641FBB0C6AFD80D8FA9B SIZE=127872
%SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.4.3.0] MD5=2F7F3E8DA380325866E566F5D5EC23D5 SIZE=20747
%SYSDIR%\Drivers\ASAPIW2K.sys [Pinnacle Systems GmbH] [asapi] MD5=4F9CBBF95E8F7A0D4C0EDCFE3B78102E SIZE=11264
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\Drivers\BtHidBus.sys [IVT Corporation.] [Bluetooth HID BUS Driver] MD5=FCF500C9E89E193E038DCFCDBA6AA032 SIZE=21512
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\ialmnt5.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=0ACEBB31989CBF9A5663FE4A33D28D21 SIZE=737874
%SYSDIR%\Drivers\IvtBtBus.sys [IVT Corporation.] [IVT Bluetooth Bus Device Driver] MD5=D53D7ED7D85A18B0CD4626B88B6DA52A SIZE=26248
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\rt73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=7436BFD3A542CF6FF55097200031B293 SIZE=245248
%SYSDIR%\drivers\senfilt.sys [Sensaura] MD5=BB596A578330AD794C6769B588AF6BB4 SIZE=392704
%SYSDIR%\drivers\smwdm.sys [Analog Devices, Inc.] [SoundMAX Digital Audio Driver] MD5=1319EA66A96250D59665D133C0FF7CD0 SIZE=220992
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\VComm.sys [IVT Corporation.] [Bluetooth Serial Port Driver] MD5=0955553090E0A88614E5B8A02AF9324C SIZE=14856
%SYSDIR%\Drivers\VcommMgr.sys [IVT Corporation.] [Bluetooth VcommMgr Driver] MD5=EBF022EC5B0E15B4C225F28031E4123A SIZE=29960
%SYSDIR%\GTNDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=FC80052194D5708254A346568F0E77C0 SIZE=15872
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%SYSDIR%\skype4com.dll [Skype Technologies] [Skype4COM] MD5=5FA82F81EE911AD73B358D0B03371635 SIZE=1717848
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\tabctl32.ocx [Microsoft Corporation] [TabCtl32 Object Library] MD5=DC925B6D77BA9ECB532E2F6750BE943B SIZE=224016

End of Report

Suppression:

Préparation…
Supprimer Trojan.Dloader.Agent.ZFG
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772

voila le rapport du scab

Utilisateur anonyme
25 oct. 2008 à 01:35

Utilisateur anonyme > Utilisateur anonyme
25 oct. 2008 à 02:22

ok s'es bon je men suis rapeller ses shutdown -a merci qua,d meme

Discussions similaires

Est ce que le site tlauncher est dangereux ?

Comment savoir si j'ai attrapé un virus sur mon téléphone ?

4 virus en raison d’un porno ????

Virus Altruistic

Supprimer notifications myavids.com sous Android.

Discussions similaires

Newsletters