Virus avec Installer
Termit7
Messages postés
20
Statut
Membre
-
Termit7 Messages postés 20 Statut Membre -
Termit7 Messages postés 20 Statut Membre -
Bonjour,
Bitdefender m'a trouvé quelques virus impossibles à désinfecter et à déplacer. Voici le rapport de l'AV :
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Déplacement impossible
Voici le log d'hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29:42, on 11/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Softwin\BitDefender Professional Edition\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender Professional Edition\vsserv.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ALAL\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tamtaminfo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BDMCon] C:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender Professional Edition\bdswitch.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Norton System Doctor.LNK.disabled
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/activex/TmHcmsX.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender Professional Edition\vsserv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Bitdefender m'a trouvé quelques virus impossibles à désinfecter et à déplacer. Voici le rapport de l'AV :
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Déplacement impossible
Voici le log d'hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29:42, on 11/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Softwin\BitDefender Professional Edition\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender Professional Edition\vsserv.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ALAL\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tamtaminfo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BDMCon] C:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender Professional Edition\bdswitch.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Norton System Doctor.LNK.disabled
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/activex/TmHcmsX.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender Professional Edition\vsserv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
A voir également:
- Virus avec Installer
- Installer clavier arabe - Télécharger - Divers Web & Internet
- Installer windows 10 sans compte microsoft - Guide
- Installer chromecast sur tv - Guide
- Virus mcafee - Accueil - Piratage
- Installer windows 10 gratuitement - Accueil - Mise à jour
2 réponses
Bonsoir,
télécharge malwarebyte-s-anti-malware, fait un scan complet puis à la fin afficher rapport, supprimer et faire un copier coller du contenu et le poster ici, voici le (https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ tuto malwarebyte-s-anti-malware]
télécharge malwarebyte-s-anti-malware, fait un scan complet puis à la fin afficher rapport, supprimer et faire un copier coller du contenu et le poster ici, voici le (https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ tuto malwarebyte-s-anti-malware]
alors est ce que c'est mieux comme ça.
Bonjour,
Toujours quelques petits soucis. Après avoir scanné avec malware bytes en mode sans échec, il n'y avais pas d'infection. C'est revenu après, en mode normal : infection sur mon défragmenteur Diskeeper.
Je pense que je vais supprimer ce logiciel en mode sans échec si possible. Voici le log du scan :
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Déplacement impossible
Merci encore.
Toujours quelques petits soucis. Après avoir scanné avec malware bytes en mode sans échec, il n'y avais pas d'infection. C'est revenu après, en mode normal : infection sur mon défragmenteur Diskeeper.
Je pense que je vais supprimer ce logiciel en mode sans échec si possible. Voici le log du scan :
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>ESI_Config_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkClient_XPSP2.bat Déplacement impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Infectés avec BehavesLike:Trojan.FirewallBypass
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Désinfection impossible
C:\WINDOWS\Installer\{CA3098D4-DA28-44C8-86DB-6FE90369B2E1}\Diskeeper 2007 Administrator.msi=>(Embedded CAB)=>DkAdmin_XPSP2.bat Déplacement impossible
Merci encore.
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1490
Windows 5.1.2600 Service Pack 3
12/12/2008 01:23:31
mbam-log-2008-12-12 (01-23-31).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 107471
Temps écoulé: 2 hour(s), 41 minute(s), 2 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page\Start Page (Hijack.Homepage) -> Bad: (https://andrewmelcher.com/ Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)