| après scan et suppression, virus toujours présent | |
|
|
Auteur | Message |
---|
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: après scan et suppression, virus toujours présent Mer 4 Mar - 19:08:20 | |
| Bonjour à tous, je précise je suis sous xp familale pack 2 et je suis tout nouveau ici et je voudrais avoir votre aide car depuis hier, j'ai eu un genre de virus c'est à dire que j'ai pleins de fenêtres qui s'ouvre et la connexion est devenue très lente ainsi que la restauration des dates antérieures est supprimé pourtant j'en avais fait il y a quelques jours avant t je les avait bien sauvegardés. Je pense que ce virus les a supprimé ou j'espère pas et que je pourrais y restaurer à une date mais je ne sais pas s'il est devenu trop tard car d'arès un forum, il fallait désactiver puis réactiver la restauration et c'est ce que j'ai fait mais je n'ai toujours aucune date disponible. Ainsi, après avoir fait un scan avec panda, rien trouvé. Puis avec A2 free, j'ai eu 42 objets détecté dont certains sont des trojans et malwares, rootkit... Je les aient supprimé mais ils sont toujours présent car e reçois encore des fenêtres mais cette fois-ci c'est des fenêtres blancs (erreur connexion...). Merci de bien vouloir me trouver une solution svpppp | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 0:37:46 | |
| Bonsoir can et Ton sujet n'est pas rédigé au bon endroit... Il va être déplacé dans le forum Virus/sécurité. C'est normal que tu n'ai plus de points de restauration, le fait de désactiver et réactiver la restauration du système va supprimer tous les points de restauration.. En général, nous faisons cela en fin de désinfection pour supprimer tous les points de restaurations succeptibles d'être infecté pour en créer ensuite un nouveau tout propre.. Mais tout ça une fois que le PC est sain, donc en fin de désinfection.. Fais ceci stp :Fais un rapport hijackthis pour que je puisse vérifier les infections de ton pc stp
- Télécharge hijackthis sur mon site web.
- Tout est expliqué pour bien l installer et savoir l'utiliser.
Comment copier/coller le rapport :Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier". Ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport. Une explication des raccourcis clavier sont illustrés sur mon site web à cette adresse : http://forum-aide-contre-virus.be/divers.html | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 1:58:57 | |
| je n'arrive pas à envoyuer | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 1:59:45 | |
| Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:40:13, on 4/03/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\\WINDOWS\\System32\\smss.exe C:\\WINDOWS\\SYSTEM32\\winlogon.exe C:\\WINDOWS\\system32\\services.exe C:\\WINDOWS\\system32\\lsass.exe C:\\WINDOWS\\system32\\svchost.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\pavsrv51.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\AVENGINE.EXE C:\\WINDOWS\\System32\\svchost.exe C:\\WINDOWS\\system32\\spoolsv.exe C:\\WINDOWS\\Explorer.EXE C:\\Program Files\\Fichiers communs\\ArcSoft\\Connection Service\\Bin\\ACService.exe C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe C:\\Program Files\\Java\\jre6\\bin\\jqs.exe C:\\WINDOWS\\system32\\oodag.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\PsCtrls.exe C:\\Program Files\\Fichiers communs\\Panda Software\\PavShld\\pavprsrv.exe C:\\WINDOWS\\system32\\HPZipm12.exe C:\\WINDOWS\\system32\\PSIService.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\psimsvc.exe C:\\Program Files\\SolidDocuments\\SolidConverterPDF\\SCPDF\\SolidPdfService.exe C:\\WINDOWS\\system32\\slserv.exe C:\\Program Files\\Spyware Terminator\\sp_rsser.exe C:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe C:\\WINDOWS\\system32\\svchost.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\ApvxdWin.exe C:\\WINDOWS\\system32\\ctfmon.exe c:\\program files\\panda software\\panda antivirus 2007\\WebProxy.exe C:\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe C:\\WINDOWS\\System32\\svchost.exe C:\\Program Files\\Java\\jre6\\bin\\jusched.exe C:\\Apps\\Powercinema\\PCMService.exe C:\\apps\\ABoard\\ABoard.exe C:\\WINDOWS\\system32\\LVCOMSX.EXE C:\\apps\\ABoard\\AOSD.exe C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe C:\\Program Files\\Microsoft IntelliPoint\\point32.exe C:\\WINDOWS\\system32\\rundll32.exe C:\\Program Files\\D-Link\\AirPlus XtremeG\\AirPlusCFG.exe C:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe C:\\Program Files\\QuickTime\\qttask.exe C:\\Program Files\\Fichiers communs\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe C:\\Program Files\\DAEMON Tools\\daemon.exe C:\\Program Files\\DNA\\btdna.exe C:\\PROGRA~1\\Druide\\Antidote\\Antidote\\Gestionnaire Antidote.exe C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe C:\\Program Files\\Panasonic\\PHOTOfunSTUDIO -viewer-\\PhAutoRun.exe C:\\Program Files\\MSN Messenger\\msnmsgr.exe C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE C:\\Program Files\\Internet Explorer\\iexplore.exe C:\\DOCUME~1\\Cihan\\LOCALS~1\\Temp\\Google Toolbar\\gtb4.tmp.exe C:\\WINDOWS\\system32\\rundll32.exe C:\\Program Files\\a-squared Anti-Malware\\a2scan.exe C:\\PROGRAM FILES\\A-SQUARED ANTI-MALWARE\\a2service.exe C:\\PROGRAM FILES\\A-SQUARED ANTI-MALWARE\\a2wizard.exe C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01 R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.7sur7.be/ R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\WINDOWS\\pchealth\\helpctr\\System\\panels\\blank.htm R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\WINDOWS\\pchealth\\helpctr\\System\\panels\\blank.htm R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Window Title = Packard Bell R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = localhost R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Liens O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\MSN Apps\\MSN Toolbar\\01.02.5000.1021\\fr-be\\msntb.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 2:00:17 | |
| Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:40:13, on 4/03/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\\WINDOWS\\System32\\smss.exe C:\\WINDOWS\\SYSTEM32\\winlogon.exe C:\\WINDOWS\\system32\\services.exe C:\\WINDOWS\\system32\\lsass.exe C:\\WINDOWS\\system32\\svchost.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\pavsrv51.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\AVENGINE.EXE C:\\WINDOWS\\System32\\svchost.exe C:\\WINDOWS\\system32\\spoolsv.exe C:\\WINDOWS\\Explorer.EXE C:\\Program Files\\Fichiers communs\\ArcSoft\\Connection Service\\Bin\\ACService.exe C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe C:\\Program Files\\Java\\jre6\\bin\\jqs.exe C:\\WINDOWS\\system32\\oodag.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\PsCtrls.exe C:\\Program Files\\Fichiers communs\\Panda Software\\PavShld\\pavprsrv.exe C:\\WINDOWS\\system32\\HPZipm12.exe C:\\WINDOWS\\system32\\PSIService.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\psimsvc.exe C:\\Program Files\\SolidDocuments\\SolidConverterPDF\\SCPDF\\SolidPdfService.exe C:\\WINDOWS\\system32\\slserv.exe C:\\Program Files\\Spyware Terminator\\sp_rsser.exe C:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe C:\\WINDOWS\\system32\\svchost.exe C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\ApvxdWin.exe C:\\WINDOWS\\system32\\ctfmon.exe c:\\program files\\panda software\\panda antivirus 2007\\WebProxy.exe C:\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe C:\\WINDOWS\\System32\\svchost.exe C:\\Program Files\\Java\\jre6\\bin\\jusched.exe C:\\Apps\\Powercinema\\PCMService.exe C:\\apps\\ABoard\\ABoard.exe C:\\WINDOWS\\system32\\LVCOMSX.EXE C:\\apps\\ABoard\\AOSD.exe C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe C:\\Program Files\\Microsoft IntelliPoint\\point32.exe C:\\WINDOWS\\system32\\rundll32.exe C:\\Program Files\\D-Link\\AirPlus XtremeG\\AirPlusCFG.exe C:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe C:\\Program Files\\QuickTime\\qttask.exe C:\\Program Files\\Fichiers communs\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe C:\\Program Files\\DAEMON Tools\\daemon.exe C:\\Program Files\\DNA\\btdna.exe C:\\PROGRA~1\\Druide\\Antidote\\Antidote\\Gestionnaire Antidote.exe C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe C:\\Program Files\\Panasonic\\PHOTOfunSTUDIO -viewer-\\PhAutoRun.exe C:\\Program Files\\MSN Messenger\\msnmsgr.exe C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE C:\\Program Files\\Internet Explorer\\iexplore.exe C:\\DOCUME~1\\Cihan\\LOCALS~1\\Temp\\Google Toolbar\\gtb4.tmp.exe C:\\WINDOWS\\system32\\rundll32.exe C:\\Program Files\\a-squared Anti-Malware\\a2scan.exe C:\\PROGRAM FILES\\A-SQUARED ANTI-MALWARE\\a2service.exe C:\\PROGRAM FILES\\A-SQUARED ANTI-MALWARE\\a2wizard.exe C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01 R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.7sur7.be/ R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\WINDOWS\\pchealth\\helpctr\\System\\panels\\blank.htm R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\WINDOWS\\pchealth\\helpctr\\System\\panels\\blank.htm R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Window Title = Packard Bell R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = localhost R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Liens O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\MSN Apps\\MSN Toolbar\\01.02.5000.1021\\fr-be\\msntb.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\\Program Files\\Siber Systems\\AI RoboForm\\roboform.dll | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 2:00:48 | |
| O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [50367a88] rundll32.exe "C:\WINDOWS\system32\jfsibxyi.dll",b O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) - http://www.voice4web.com/vs.cab O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall_fr.cab O16 - DPF: {C9A703E2-3145-11D8-813C-005022E14DE2} (Installer Class) - http://img.lnm.eu/qtid.com/client/GayIdClientInstaller.cab O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - AppInit_DLLs: irxmzg.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\psimsvc.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
-- End of file - 15228 bytes | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 5 Mar - 2:01:16 | |
| | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 2:28:11 | |
| | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 2:42:33 | |
| Bonsoir can, Dsl pour le retard...
- Télécharge sur le bureau Navilog1
(c est le numéro 1 en bas de la page) :
- Si ton antivirus s'affole , le désactiver
- sous vista : Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisis "Exécuter en tant qu'administrateur
- sous XP : double-clic dessus pour l'installer et le lancer
- taper F
- Appuyer sur une touche jusqu' arriver aux options
- Choisir Recherche ( = taper 1 )
ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes
- un rapport : fixnavi.txt dans ==> C :
- le copier et le coller dans la réponse
| |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 13:24:34 | |
| Search Navipromo version 3.7.5 commencé le ven. 06/03/2009 à 11:08:14,85
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 26.02.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz ) BIOS : Award Medallion BIOS v6.00PG USER : Cihan ( Administrator ) BOOT : Normal boot
Antivirus : a-squared Anti-Malware 4 (Not Activated)
C:\ (Local Disk) - NTFS - Total:178 Go (Free:19 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB)
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cihan\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cihan\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cihan\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Cihan\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !!
*** Module de Recherche complémentaire *** (Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Cihan\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le ven. 06/03/2009 à 11:23:15,85 *** | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 13:26:49 | |
| Aussi, j'ai entendu parler de Acronis true image 2009 d'où je peux sauvegarder mes fichiers même si je reformate mon pc, me le conseille-tu ? Car je désire aussi reformater mais biensûre mes réglages ainsi que logiciels. | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 16:12:23 | |
| Bonjour, je ne connais pas ce logiciel mais en regardant sa fiche technique il n'a pas l'air mal...
- Télécharge Malwarebytes
- Tu auras un tutoriel à ta disposition sur mon site web pour l'installer et l'utiliser correctement.
- Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
- Lance une analyse complète en cliquant sur "Exécuter un examen complet"
- Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
- L'analyse peut durer un bon moment.....
- Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
- Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
- Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 18:12:02 | |
| Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1820 Windows 5.1.2600 Service Pack 2
5/03/2009 23:46:24 mbam-log-2009-03-05 (23-46-24).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|H:\|I:\|J:\|K:\|) Eléments examinés: 232986 Temps écoulé: 3 hour(s), 49 minute(s), 48 second(s)
Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 3 Clé(s) du Registre infectée(s): 13 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 212
Processus mémoire infecté(s): (Aucun élément nuisible détecté)
Module(s) mémoire infecté(s): C:\WINDOWS\system32\bqaagprx.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\jkkKbaWp.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\urijcf.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ba034e1-dd8f-4c79-8c3a-644d66b90b6f} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2ba034e1-dd8f-4c79-8c3a-644d66b90b6f} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{656236c7-4ace-4409-98c4-8eb6118a842b} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{656236c7-4ace-4409-98c4-8eb6118a842b} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ba034e1-dd8f-4c79-8c3a-644d66b90b6f} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{656236c7-4ace-4409-98c4-8eb6118a842b} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\50367a88 (Trojan.Vundo.H) -> Delete on reboot.
Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkkkbawp -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkkkbawp -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s): C:\Documents and Settings\Cihan\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s): C:\WINDOWS\system32\urijcf.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\jkkKbaWp.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\pWabKkkj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pWabKkkj.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bqaagprx.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\xrpgaaqb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Local Settings\Temporary Internet Files\Content.IE5\GC21P35H\qw[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Local Settings\Temporary Internet Files\Content.IE5\XB3SHXKC\index[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Ulku\Local Settings\Temp\Install_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\Logitech\QuickCamWebInstall\Drivers\Bin\InstMed.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\InstMed.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\euwdaxxb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllcache\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\007 MP3 Agent 2.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\123 Html to Image Converter 2.10.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\1893 A World's Fair Mystery 2.5d.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\3D Independence Teddy Bear 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\4_Ewido.Anti-Spyware.4.0.0.172.Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\5 Spots II 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\7tools Partition Imager 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\A Simple Guide To Creating Your Own e-Books 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AB Transfer 1.8.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ABC Windows Mail Backup 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Active SMART Monitor 1.11 Build 142 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AdIeFiltr 2.6.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Adobe GoLive CS.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Advanced Registry Fix 3.0 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AKVIS Enhancer 7.0.273-r Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Alldj DVD To iPod Ripper 2.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AntiVir.PersonalEdition.Premium.v7.+.VDF.v6.34.00.48.+.Lizenz.Key.updated-fixed.10-2006.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Antivirus.NOD32.2.51.26.español.+.crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Aspose.Total 1.4.0.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AtomicLog 2.301.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AutoPlay me for Word 2.02.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Avangardo ShapeView 2.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\AVI Splitter 2.11.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Barcode .Net 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Basics.bas 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Baytex Party 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\BBC Radio 1 Player 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Bible Analyzer 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\bitBomb Google Desktop Search Sidebar plugin 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\BlackLining for Adobe InDesign KeyGen.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Bookaboo 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Canada Map Locator 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\CAT Management System 3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\CD3WD Soil and Water 3.8.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Chronograph Lite 5.5.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\cineSync 1.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Class Register Creator 2.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\CLIMOGRAM 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ClockWatch Star Sync 3.1.2 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\CMJ News Feed 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Color Capture 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Color Capture 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Connected Kids Coloring Books 2 3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ContourCube ActiveX 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Cool Find 1.17.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Corsair Rage 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Credit Repair 7.7.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Crystal Cave Gold 1.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Currency 1.0.1 (Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Cybervizion 1.2 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Dateline NBC 7.06.16.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\DNS2P V1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\DoGEnglish 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\DOSBox 0.71.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Eclarsys PopGrabber 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\EiT Clock & CPU usage 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Elecard StreamEye Tools 2.9.1.61206.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Encrypt HTML Pro 2.6.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Eraser 1.2 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ErgoCoach 5.02.05.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Excalibur CodeLib Professional Edition 3.0 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Excel Dialer Pro 7.4.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Expense Book Plus 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Expired Domain Finder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\EZTwain Pro Toolkit 3.08.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Fairies3D 1.0 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 18:12:49 | |
| C:\Documents and Settings\Cihan\Application Data\m\shared\Fast Form Filler 2.0.0 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\FinalBuilder 5 [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\FirePuddle Alpha 0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\First NTFS Recovery 2.1 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Fix Registry Errors 3.0.0 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Flash Retriever 1.01 [With Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Flash2X Screensaver Builder 2.1.0 (Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Flashcard Suite (Educator Edition) 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\FlexiMusic Orchestra 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Floppy Drive Disabler 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Font Fitting Room 2.9.5.5 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\FotoBalloon Pro 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Fresh Killed Beats 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\FTP password recovery 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\GameDentity 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Gertrudis PS 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\gins.+.sandra.+.spybot=K22.Full.pack.updated-fixed.Release.01-2007.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Glion Fute 1.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Go Game Life and Death for Windows Mobile 2003 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Google Link 1.7.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\GymDiary 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Handy Address Book Server 3.2 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Hoyle Casino 3D 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\HP0-680 Free Test Exam Questions 10.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Html Image Map 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\iByte 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Illuminati 1.05.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\IXSF Search 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\J&L Retirement Planner 11.6.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Jane's USAF demo.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Kaspersky.6.0.0.3.Fr.+.Clé.2007.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\kaspersky.internet.security.6.0.1.411.Keys.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Kazi Video Converter 2.20.zip (Trojan.Agent) -> Quarantined and deleted successfully. C | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 18:13:26 | |
| :\Documents and Settings\Cihan\Application Data\m\shared\Lalim VCD Player 2.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Land of the Dead Road to Fiddler's Green demo.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Lazy Mail 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Learn to play Guitar - GCHGA Unit 2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Limouzik 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Korean 4.0.22 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\LingvoSoft Picture Dictionary 2007 Italian - Polish 1.1.18 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\LiteWeb 2.7.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Loan And Mortgage 2.15 (Key).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Lock It Down 2.0 [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Mazag Toolbar 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Microsoft PowerToys XP.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Million Dollars Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\MindSoft Defrag 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\MiniBrowser 1.1.72a.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\MLDonkey 2.9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Monidir 2000 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Motamo 2.4.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\MPEG Mediator 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\MPM Player 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\My Checkbook Lite 1.8.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\NC Import for IntelliCAD 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Nevron Diagram for .NET Professional Q2 2006.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\newObjects Active Label ActiveX 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\NJStar Japanese Word Processor 5.20.61018.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Northern Arizona Screensaver.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Online Live TV 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\OptixSurf 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\OpusFlow CRM for Outlook 5.6.98.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PAD THAI 1.0 Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Passware Encryption Analyzer 1.0 beta build 224.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PcBoost 3.8.13.2007a (Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PDF Transformer 1.0 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PeepWin 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PhoTags 3.0.55.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Pinao 1.11.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Ping Plotter 2.60 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Pocket Mahjongg (Pocket PC) 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Pod Manager 2.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\POP3Filter 1.11 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Porn Movie Grabber 1.0.4 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Port Scanner 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PowerTOC 1.2 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PresentaVid 1.4.0.2470.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Prime Minister Forever - Canada 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Private Post Reader 4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Process Guard 3.410 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\PushPin 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\RAM Idle Standard v5.0 Beta [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\RezOvation Desktop 7.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\River Past Animated GIF Booster Pack 2.5 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Rocade Bordeaux 2007 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\RRD Editor 0.5.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\RSS Reader 1.3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Rubies 1.9.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ScreensaverWizard Corporate 1.1.700.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SecureRDP 3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Service Hawk 2.2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Shortcut Wizard 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Simple What's New 0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SimpleGrid 1.0r24.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SimplySMS 1.0 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Slawdog AquiView 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SmartDraw 8.16 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SmartVMD 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Sothink Video Encoder for Adobe Flash 2.2 Build 70406.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SoundTap Streaming Audio Recorder 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Spyware Remover 7.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SQL-RD 5.0 Build 20070404.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\StarMule 1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SWF Scanner 2.6.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\SystemSound Extension 5.0u.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Tango DropBox 2.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Tao.Tao-Les.histoires.de.Pandi-Panda(Vol8.da.fr-épisode.1.à .4).dvd.rip.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\TargetKiller 0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Thang Online 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\TimePuter 3.1 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.C:\Documents and Settings\Cihan\Application Data\m\shared\TinyResMeter 0.95a.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Tortuga Island Animated Screensavers 3.11.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Travel and Holiday 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Tropical Nights (PocketPC, SH3) 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\UBI2BMP 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Ultimate Bid Whist 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Unreal Tournament 2003 - Linadri 2003 final beta deathmatch map.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Unreal Tournament 2003 - Redmoon Falls Mappers Edition.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\VidBox 6.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Vocal Magic 5 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Whizlabs MCSD .NET (70-315) Kit 6.0.1 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\WineLogPocket 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\WinPass 1.35 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\WinXp Style Menu 1.0 [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Wondershare DemoCreator 1.1.5 [Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\XCBA Route Planner 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\Xilisoft Audio Maker Suite 3.0.40.0730 (Key).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\ZOC Terminal 5.07.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Cihan\Application Data\m\shared\[CRACK].BitDefender.Profesional.Plus.9.09-keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully. | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Ven 6 Mar - 20:01:36 | |
| Bonjour !! Apparement tu es un fou des cracks Est-ce que tu connais les risques que tu prends en téléchargeant des cracks ?? A lire :Le danger des cracksBagle/BeagleEst-ce que tu as bien redémarré le PC pour terminer la suppression quand Malwarebytes te l'as demandé ?? | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 18:55:58 | |
| Bonjour, oui j'ai bien redémarrer après la suppression. Que faire miantenant ? | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 18:58:34 | |
| Bonjour,
ok maintenant refais un nouveau rapport hijackthis stp | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 18:59:42 | |
| Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:59:09, on 11/03/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\oodag.exe C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\apps\ABoard\ABoard.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Panda Software\Panda Antivirus 2007\psimsvc.exe C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) - http://www.voice4web.com/vs.cab O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C9A703E2-3145-11D8-813C-005022E14DE2} (Installer Class) - http://img.lnm.eu/qtid.com/client/GayIdClientInstaller.cab O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - AppInit_DLLs: urijcf.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\psimsvc.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
-- End of file - 14614 bytes | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 19:00:43 | |
| sur un site j'ai entendu parler de Sdfix, est-ce super pour désinfecter ? alors que dois-je faire après ? | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 19:04:12 | |
|
- Télécharge et enregistre Combofix (de sUBs) sur ton bureau
(c est le numéro 5 en bas de la page) :
- Je te conseille d'installer la console de récupération !!
- désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix ensuite envois le rapport et refais un nouveau rapport hijackthis stpSi le rapport ne passe pas en une fois, envoi-le en plusieurs fois | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 19:04:47 | |
| Nous verrons plus tard si SDfix est nécessaire | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 19:05:54 | |
| j'ai déjà scan avec Combofix, findykill, lopsd, elibagla | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Mer 11 Mar - 19:14:17 | |
| alors ya quoi d'autres ? je n'ai pas encore désinfecter totalement ? | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 12 Mar - 17:23:08 | |
| Bonjour,
==> Télécharger et enregistre sur ton bureau SDfix (créé par AndyManchesta)
(c est le numéro 8 en bas de la page) :
==> Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:. /!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..
==> Choisir son compte, pas celui de l'Administrateur ou autre.
==> Dérouler la liste des instructions ci-dessous : • Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. • Appuyer sur Y pour commencer le processus de nettoyage. • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. • Appuyer sur une touche pour redémarrer le PC. • Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. • Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau. • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. • Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
et ensuite refais un nouveau rapport hijackthis stp | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 12 Mar - 21:07:54 | |
| file copied: C:\WINDOWS\system32\upnpui.dll -> C:\WINDOWS\temp\SDFix_Filecheck\upnpui.dll ( 240128 bytes ) file copied: C:\WINDOWS\explorer.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\explorer.exe ( 1037312 bytes ) file copied: C:\WINDOWS\system32\lsass.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\lsass.exe ( 13312 bytes ) file copied: C:\WINDOWS\system32\services.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\services.exe ( 108544 bytes ) file copied: C:\WINDOWS\system32\spoolsv.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\spoolsv.exe ( 57856 bytes ) file copied: C:\WINDOWS\system32\svchost.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\svchost.exe ( 14336 bytes ) file copied: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\temp\SDFix_Filecheck\SF\winlogon.exe ( 506368 bytes ) | |
|
| |
Can Membre
Nombre de messages : 21 Age : 37 Localisation : Belgique Date d'inscription : 04/03/2009
| Sujet: Re: après scan et suppression, virus toujours présent Jeu 12 Mar - 21:09:10 | |
| C'est ce que j'ai obtenu comme rapport avec SDfix. Mais maintenant je voudrais supprimer ce logiciel mais il est impossible car il est protégé ou en lecture. Comment faire ?? Ca à l'air d'un virus ... | |
|
| |
Contenu sponsorisé
| Sujet: Re: après scan et suppression, virus toujours présent | |
| |
|
| |
| après scan et suppression, virus toujours présent | |
|