Tom's Guide > Forum > Sécurité - Virus > Win32:agent-re : j'ai un problème!

Win32:agent-re : j'ai un problème!

Forum Sécurité - Virus : Win32:agent-re : j'ai un problème!

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
Nicolas29   09-05-2006 à 19:56:33

Bonjour à tous, j'ai un problème avec le cheval de troie win32:agent-re et je vois que je ne suis pas le seul!
j'ai téléchargé CCleaner et Hijackthis mais n'étant pas informatitien averti, je ne sais pas trop comment m'y prendre pour enlever ce virus qui revient après chaque démmarage alors que avast me l'a détecté et mis en quarantaine!
Merci de votre aide.

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
bob_   09-05-2006 à 20:14:40
- 0 +

salut,

Poste un log HijackThis.

Télécharge le, puis met le dans un dossier dédié (exemple : ..\Bureau\Hijackthis\Hijackthis.exe ).
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan

www.infos-du-net.com/telecharger/HijackThis.html

Répondre à bob_
Nicolas29   09-05-2006 à 20:33:04
- 0 +

Merci de ta reponse rapide!
voici le resultat du scan:

Logfile of HijackThis v1.99.1
Scan saved at 20:29:32, on 09/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system32\ctijsfmd.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\TrayComm.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrsrv.exe
C:\PROGRA~1\SONYER~1\Mobile\MOBILE~1\EPMWOR~1.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Li [...] SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ctijsfmd] c:\windows\system32\ctijsfmd.exe ctijsfmd
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TrayComm] TrayComm.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Répondre à Nicolas29
Nicolas29   09-05-2006 à 20:40:03
- 0 +

En fait mon rapport est posté juste avant!désolé

Répondre à Nicolas29
Angeldark   09-05-2006 à 20:47:24
- 0 +

Bonsoir,

Installe Ewido
Décoche lors de l'installation les deux cases.

Lance Ewido puis mets le à jour.
Fais un Scan complet du système.
Sauvegarde puis colle le rappport.

Répondre à Angeldark
Nicolas29   09-05-2006 à 21:25:39
- 0 +

Voici mon rapport Ewido après scan complet du système (je ne savais pas quoi faire lors des infections signalées, je les ai ignoré):

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 21:21:51, 09/05/2006
+ Somme de contrôle: 6D34CE5A

+ Résultats du scan:

HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Ignoré
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports -> Adware.HotBar : Ignoré
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports\ShopperReports -> Adware.HotBar : Ignoré
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Ignoré
[1836] VM_04381000 -> Adware.NaviPromo : Ignoré
[2244] VM_10001000 -> Adware.NaviPromo : Ignoré
C:\Program Files\SpyBro\Quarantine\29A4FF24-AA21-4959-9D1A-62B169557662 -> Adware.NaviPromo : Ignoré
C:\Program Files\SpyBro\Quarantine\8E85AFC2-CEB8-4CB5-8E44-2B7F55152BE0 -> Adware.NaviPromo : Ignoré
C:\Program Files\SpyBro\Quarantine\AE430B07-8DA4-431A-A43D-1B3EC627CBFF -> Adware.NaviPromo : Ignoré
C:\Program Files\SpyBro\Quarantine\CB596252-5DED-4FBD-A522-9E3C4761C756 -> Adware.NaviPromo : Ignoré
C:\WINDOWS\system32\sysiasvc32.dll -> Dialer.EGroup.u : Ignoré
C:\Program Files\SpyBro\Quarantine\CF6BC00A-725C-41B1-8FF7-63BD41961AF8 -> Adware.NaviPromo : Nettoyer et sauvegarder


::Fin du rapport

Répondre à Nicolas29
Angeldark   09-05-2006 à 21:27:53
- 0 +

Refais le scan en faisant "Nettoye et sauvegarder" cette fois ci.

Répondre à Angeldark
Nicolas29   09-05-2006 à 21:54:24
- 0 +

Voici mon scan Ewido en ayant fait "supprimer" à chaque fois:

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 21:52:11, 09/05/2006
+ Somme de contrôle: 2E18321

+ Résultats du scan:

HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder
HKU\S-1-5-21-2479485325-590330446-2691577785-1008\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Nettoyer et sauvegarder
[1836] VM_04381000 -> Adware.NaviPromo : Erreur durant le nettoyage
[2244] VM_10001000 -> Adware.NaviPromo : Erreur durant le nettoyage
C:\Program Files\SpyBro\Quarantine\29A4FF24-AA21-4959-9D1A-62B169557662 -> Adware.NaviPromo : Nettoyer et sauvegarder
C:\Program Files\SpyBro\Quarantine\8E85AFC2-CEB8-4CB5-8E44-2B7F55152BE0 -> Adware.NaviPromo : Nettoyer et sauvegarder
C:\Program Files\SpyBro\Quarantine\AE430B07-8DA4-431A-A43D-1B3EC627CBFF -> Adware.NaviPromo : Nettoyer et sauvegarder
C:\Program Files\SpyBro\Quarantine\CB596252-5DED-4FBD-A522-9E3C4761C756 -> Adware.NaviPromo : Nettoyer et sauvegarder
C:\WINDOWS\system32\sysiasvc32.dll -> Dialer.EGroup.u : Nettoyer et sauvegarder


::Fin du rapport

Répondre à Nicolas29
Angeldark   10-05-2006 à 15:07:43
- 0 +

On continue

Télécharge Spyware Terminator : http://www.spywareterminator.com/dnl/landing.aspx
Suis le tuto de Malekal : http://www.malekal.com/tutorial_Sp [...] ator.html.

Je te recommande de mettre tous les éléments infectés en quarantaine pour l'instant.

Poste le rapport de Spyware Terminator:

Citation :

* L'onglet Scan Report affiche un rapport des éléments nettoyes sous forme de liste.
* Vous pouvez copier ce rapport dans le bloc-note ou sur un forum. Pour cela, cliquez sur le bouton en bas à gauche Copy To Clipboard puis dans le bloc-note ou dans un nouveau message du forum, faites un clic / droit puis coller



Puis fais un scan en ligne Panda (avec IE)
Sauvegarde, colle le rapport.

Reposte un log Hijackthis

Répondre à Angeldark
Nicolas29   10-05-2006 à 20:49:50
- 0 +

ok merci j'ai fait ce qui était demandé (avec spywareterminator)mais je ne peut pas coller le rapport car avec clic droit : rien à coller .pourtant j'ai fait copy to cipboard.puis-je le recuperé autrement?

Répondre à Nicolas29
Nicolas29   10-05-2006 à 23:15:55
- 0 +

voici le rapport spywareterminator fait en mode sans échec:

pyware Terminator Version: 1.3.00.599
Start time: 10/05/2006 21:18:23
System: Windows XP SP2
User: Limited

Processes Scan
C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL [ATI Technologies Inc.],
C:\WINDOWS\EXPLORER.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL [Autodesk], C:\PROGRAM FILES\FICHIERS COMMUNS\AUTODESK SHARED\ACSIGNCORE16.DLL [Autodesk],
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com]

Startup Scan

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"MSMSGS" = "C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE" [ Microsoft Corporation ]
"LogitechSoftwareUpdate" = "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" [ Logitech Inc. ]
"LDM" = "C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE" [ Logitech ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"SunJavaUpdateSched" = "C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\JUSCHED.EXE" [ Sun Microsystems, Inc. ]
"hpsysdrv" = "C:\WINDOWS\SYSTEM\HPSYSDRV.EXE" [ Hewlett-Packard Company ]
"Raccourci vers la page des propriétés de High Definition Audio" = "C:\WINDOWS\system32\HDAUDPROPSHORTCUT.EXE" [ Windows (R) Server 2003 DDK provider ]
"HPHUPD06" = "C:\PROGRAM FILES\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\HPHUPD06.EXE" [ Hewlett-Packard ]
"HPHmon06" = "C:\WINDOWS\SYSTEM32\HPHMON06.EXE" [ Hewlett-Packard ]
"KBD" = "C:\HP\KBD\KBD.EXE" [ Hewlett-Packard Company ]
"iTunesHelper" = "C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE" [ Apple Computer, Inc. ]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE" [ Empty ]
"ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
"SoundMan" = "C:\WINDOWS\SOUNDMAN.EXE" [ Realtek Semiconductor Corp. ]
"AlcWzrd" = "C:\WINDOWS\ALCWZRD.EXE" [ RealTek Semicoductor Corp. ]
"Alcmtr" = "C:\WINDOWS\ALCMTR.EXE" [ Realtek Semiconductor Corp. ]
"LSBWatcher" = "C:\HP\DRIVERS\HPLSBWATCHER\LSBURNWATCHER.EXE" [ Hewlett-Packard Company ]
"avast!" = "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [ Empty ]
"ctijsfmd" = "C:\WINDOWS\SYSTEM32\CTIJSFMD.EXE" [ Empty ]
"TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]
"TrayComm" = "C:\WINDOWS\TRAYCOMM.EXE" [ New Tier, Inc. ]
"LVCOMSX" = "C:\WINDOWS\SYSTEM32\LVCOMSX.EXE" [ Logitech Inc. ]
"LogitechVideoRepair" = "C:\PROGRAM FILES\LOGITECH\VIDEO\ISSTART.EXE" [ Logitech Inc. ]
"LogitechVideoTray" = "C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE" [ Logitech Inc. ]
"SweetIM" = "C:\PROGRAM FILES\MACROGAMING\SWEETIM\SWEETIM.EXE" [ MacroGaming LTD. ]
"Zone Labs Client" = "C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE" [ Zone Labs, LLC ]
"Windows Defender" = "C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE" [ Microsoft Corporation ]
"MSConfig" = "C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\MSCONFIG.EXE" [ Microsoft Corporation ]

Toolbars Scan
Vue HP {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPDTLK02.DLL [Hewlett-Packard Company]
Barre d'outils MSN {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [file not found]
&Google {2318C2B1-4965-11d4-9B18-009027A5CD4F} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
SweetIM For Internet Explorer {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} C:\PROGRAM FILES\MACROGAMING\SWEETIMBARFORIE\TOOLBAR.DLL [Macrogaming]
Yahoo! Toolbar {EF99BD32-C1FB-11D2-892F-0090271D4F88} C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL [Yahoo! Inc.]

Explorer Bars Scan
Shell Search Band {21569614-B795-46B1-85F4-E737A8DC09AD} C:\WINDOWS\SYSTEM32\BROWSEUI.DLL [Microsoft Corporation]

BHO Scan
Yahoo! Toolbar Helper {02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL [Yahoo! Inc.]
AcroIEHlprObj Class {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL [Adobe Systems Incorporated]
SWEETIE Class {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} C:\PROGRAM FILES\MACROGAMING\SWEETIMBARFORIE\TOOLBAR.DLL [Macrogaming]
SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL [Sun Microsystems, Inc.]
Google Toolbar Helper {AA58ED58-01DD-4d91-8333-CF10577473F7} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
Shell Search Band {21569614-B795-46B1-85F4-E737A8DC09AD} C:\WINDOWS\SYSTEM32\BROWSEUI.DLL [Microsoft Corporation]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [file not found]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [file not found]
{E2D4D26B-0180-43a4-B05F-462D6D54C789} [file not found]
{FB5F1910-F110-11d2-BB9E-00C04F795683} [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{30D02401-6A81-11d0-8274-00C04FD5AE38} = IE Search Band (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{EFA24E61-B078-11d0-89E4-00C04FC9E26E} = Favorites Band () [file not found]
{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} = Shell DocObject Viewer (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{FBF23B40-E3F0-101B-8488-00AA003E56F8} = InternetShortcut (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{3C374A40-BAE4-11CF-BF7D-00AA006946EE} = Microsoft Url History Service (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{FF393560-C2A7-11CF-BFF4-444553540000} = History (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{7BD29E00-76C1-11CF-9DD0-00A0C9034933} = Temporary Internet Files (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{7BD29E01-76C1-11CF-9DD0-00A0C9034933} = Temporary Internet Files (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} = Microsoft Url Search Hook (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} = The Internet (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{871C5380-42A0-1069-A2EA-08002B30309D} = Internet Name Space (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} = Autoplay for SlideShow (C:\WINDOWS\SYSTEM32\SHIMGVW.DLL) [Microsoft Corporation]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{cc86590a-b60a-48e6-996b-41d25ed39a1e} = Portable Media Devices Menu (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes (C:\PROGRAM FILES\ITUNES\ITUNESMINIPLAYER.DLL) [Apple Computer, Inc.]
{7F67036B-66F1-411A-AD85-759FB9C5B0DB} = SampleView (C:\WINDOWS\SYSTEM32\SHELLVRTF.DLL) [XSS]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
{A5110426-177D-4e08-AB3F-785F10B4439C} = Mes téléphones (C:\PROGRAM FILES\SONY ERICSSON\MOBILE\FILE MANAGER\FMGRGUI.DLL) [Sony Ericsson Mobile Communications AB]
{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} = Autodesk Drawing Preview (C:\PROGRAM FILES\FICHIERS COMMUNS\AUTODESK SHARED\THUMBNAIL\ACTHUMBNAIL16.DLL) [Autodesk]
{36A21736-36C2-4C11-8ACB-D4136F2B57BD} = Identificateur de superposition : icône Signatures numériques de AutoCAD (C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL) [Autodesk]
{472083B0-C522-11CF-8763-00608CC02F24} = avast (C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL) [ALWIL Software]
{21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band (C:\WINDOWS\SYSTEM32\BROWSEUI.DLL) [Microsoft Corporation]
{0D6D4F41-2994-4ba0-8FEF-620E43CD2812} = IE Microsoft Internet Toolbar (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{73CFD649-CD48-4fd8-A272-2070EA56526B} = IE BandProxy (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{07C45BB1-4A8C-4642-A1F5-237E7215FF66} = IE Microsoft BrowserBand (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{43886CD5-6529-41c4-A707-7B3C92C05E68} = IE Navigation Bar (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{C4EC38BD-4E9E-4b5e-935A-D1BFF237D980} = Explorer Travel Band (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{6D8BB3D3-9D87-4a91-AB56-4F30CFFEFE9F} = Explorer Search Band (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} = IE Registry Tree Options Utility (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{DE011590-0531-4804-9C9C-3FEDC7E6E5C8} = IE &Address (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{7E48925F-FF5C-47fa-A99A-F5912A10623B} = IE Address EditBox (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{3028902F-6374-48b2-8DC6-9725E775B926} = IE AutoComplete (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} = IE MRU AutoComplete List (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} = IE Custom MRU AutoCompleted List (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{6038EF75-ABFC-4e59-AB6F-12D397F6568D} = IE Microsoft History AutoComplete List (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} = IE Microsoft Shell Folder AutoComplete List (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{B31C5FAE-961F-415b-BAF0-E697A5178B94} = IE Microsoft Multiple AutoComplete List Container (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{E6EE9AAC-F76B-4947-8260-A9F136138E11} = IE Shell Band Site Menu (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} = IE Shell Rebar BandSite (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} = IE User Assist (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{F0353E1D-FEEC-474e-A984-1E5C6865E380} = IE Global Folder Settings (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{4B78D326-D922-44f9-AF2A-07805C2A3560} = IE Menu Band (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{6CF48EF8-44CD-45d2-8832-A16EA016311B} = IE IShellFolderBand (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{F2CF5485-4E02-4f68-819C-B92DE9277049} = &Links (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{1C1EDB47-CE22-4bbb-B608-77B48F83C823} = IE Fade Task (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} = IE Tracking Shell Menu (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{44C76ECD-F7FA-411c-9929-1B77BA77F524} = IE Menu Site (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{205D7A97-F16D-4691-86EF-F3075DCCA57D} = IE Menu Desk Bar (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{482A7CB3-2EDF-4595-A315-A5244F1E96E6} = IE Search Control (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} = Microsoft Browser Architecture (C:\WINDOWS\SYSTEM32\IEFRAME.DLL) [Microsoft Corporation]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension (C:\PROGRAM FILES\WINRAR\RAREXT.DLL) [Empty]
{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} = Mes photos Logitech (C:\PROGRAM FILES\LOGITECH\VIDEO\NAMESPC2.DLL) [Logitech Inc.]
{AB77609F-2178-4E6F-9C4B-44AC179D937A} = a² Context Menu Shell Extension () [file not found]
{B6122A50-EAB5-11D3-9E7F-EBF4F0595714} = Tauscan Menu () [file not found]

Winlogon Notify Scan
AtiExtEvent = Ati2evxx.dll (C:\WINDOWS\system32\ATI2EVXX.DLL) [ATI Technologies Inc.]

Services Scan
"Antispy" = C:\Program Files\SpyBro\Antispy.sys [file not found]
"aswUpdSv" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [Empty]
"Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [ATI Technologies Inc.]
"ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
"avast! Antivirus" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [Empty]
"avast! Mail Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software]
"avast! Web Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software]
"C-DillaCdaC11BA" = C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE [Macrovision]
"CdaC15BA" = C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS [Macrovision Europe Ltd]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"dmload" = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS [Microsoft Corp., Veritas Software.]
"E100B" = C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS [Intel Corporation]
"ewido security suite control" = C:\PROGRAM FILES\EWIDO ANTI-MALWARE\EWIDOCTRL.EXE [ewido networks]
"GEARAspiWDM" = C:\WINDOWS\SYSTEM32\DRIVERS\GEARASPIWDM.SYS [GEAR Software Inc.]
"HdAudAddService" = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDIO.SYS [Windows (R) Server 2003 DDK provider]
"HDAudBus" = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS [Windows (R) Server 2003 DDK provider]
"HPZid412" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZID412.SYS [HP]
"HPZipr12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIPR12.SYS [HP]
"HPZius12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIUS12.SYS [HP]
"IDriverT" = C:\PROGRAM FILES\FICHIERS COMMUNS\INSTALLSHIELD\DRIVER\1050\INTEL 32\IDRIVERT.EXE [Macrovision Corporation]
"IntcAzAudAddService" = C:\WINDOWS\SYSTEM32\DRIVERS\RTKHDAUD.SYS [Realtek Semiconductor Corp.]
"iPodService" = C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE [Apple Computer, Inc.]
"ltmodem5" = C:\WINDOWS\SYSTEM32\DRIVERS\LTMDMNT.SYS [LT]
"LVUSBSta" = C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSTA.SYS [Logitech Inc.]
"PcdrNdisuio" = C:\WINDOWS\SYSTEM32\DRIVERS\PCDRNDISUIO.SYS [Windows (R) 2000 DDK provider]
"PCIIde" = \SystemRoot\system32\DRIVERS\pciide.sys [file not found]
"Pml Driver HPZ12" = C:\WINDOWS\SYSTEM32\HPZIPM12.EXE [HP]
"Ps2" = C:\WINDOWS\SYSTEM32\DRIVERS\PS2.SYS [Hewlett-Packard Company]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
"QCMerced" = C:\WINDOWS\SYSTEM32\DRIVERS\LVCM.SYS [Empty]
"rtl8139" = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS [Realtek Semiconductor Corporation]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Empty]
"Sentinel" = C:\WINDOWS\SYSTEM32\DRIVERS\SENTINEL.SYS [Empty]
"SONYPVU1" = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS [Sony Corporation]
"sp_rsdrv2" = C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SPYWARE TERMINATOR\SP_RSDRV2.SYS [Crawler.com]
"v800bus" = C:\WINDOWS\SYSTEM32\DRIVERS\V800BUS.SYS [MCCI]
"v800mdfl" = C:\WINDOWS\SYSTEM32\DRIVERS\V800MDFL.SYS [MCCI]
"v800mdm" = C:\WINDOWS\SYSTEM32\DRIVERS\V800MDM.SYS [MCCI]
"v800mgmt" = C:\WINDOWS\SYSTEM32\DRIVERS\V800MGMT.SYS [MCCI]
"v800obex" = C:\WINDOWS\SYSTEM32\DRIVERS\V800OBEX.SYS [MCCI]
"ViaIde" = \SystemRoot\system32\DRIVERS\viaide.sys [file not found]
"vsdatant" = C:\WINDOWS\SYSTEM32\VSDATANT.SYS [Zone Labs, LLC]
"vsmon" = C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE [Zone Labs, LLC]

Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]

Hosts Scan
LOCALHOST mapping = 1

IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=7&ar=msnhome" or START_PAGE_URL="http://www.msn.com"
IERESET.INF missing SAFESITE_VALUE="http://home.microsoft.com/" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=7&ar=msnhome" or MS_START_PAGE_URL="http://www.msn.com"
URLSearchHook = {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} (C:\PROGRAM FILES\MACROGAMING\SWEETIMBARFORIE\TOOLBAR.DLL) [Macrogaming] HIJACK WARNING!
NavigationFailure = res://ieframe.dll/navcancl.htm HIJACK WARNING!
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm HIJACK WARNING!
NavigationCanceled = res://ieframe.dll/navcancl.htm HIJACK WARNING!
OfflineInformation = res://ieframe.dll/offcancl.htm HIJACK WARNING!
PostNotCached = res://ieframe.dll/repost.htm HIJACK WARNING!
NoAdd-ons = res://ieframe.dll/noaddon.htm HIJACK WARNING!
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm HIJACK WARNING!
SecurityRisk = res://ieframe.dll/securityatrisk.htm HIJACK WARNING!
Tabs = res://ieframe.dll/tabswelcome.htm HIJACK WARNING!

Répondre à Nicolas29
Nicolas29   10-05-2006 à 23:27:06
- 0 +

voici le log hijacthis ainsi que le rapport de panda fait avant :

Logfile of HijackThis v1.99.1
Scan saved at 23:23:41, on 10/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\TrayComm.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Li [...] SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TrayComm] TrayComm.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Panda:

ncident Statut Analyse

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\msclock32.dll
Adware:adware/navipromo No Désinfecté Registre Windows
Dialer:dialer.b No Désinfecté hkey_current_user\software\P2EClient

Je crois que le problème persiste et j'entend maintenant mon dique dur qui fait du bruit alors que cela n'arrivait jamais avant!
Je ne sais plus quoi faire!

Répondre à Nicolas29
Nicolas29   11-05-2006 à 18:37:48
- 0 +

Bonjour à tous!
En fait cela fait 2 jours que j'essai par tous les moyens d'enlever mon virus win32:agent-re mais sans résultat.
Est-ce que quelqu'un peut m'aider , je suis un peu désespéré...
A noter que j'ai changé d'antivirus, avant: avast et maintenant: anti-vir ,mais il ne detecte plus le troyen qui est pourtant là d'après scan Panda en ligne.Avast est mieux que anti-vir ?

Répondre à Nicolas29
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Win32:agent-re : j'ai un problème!
Aller à :

Il y a 2883 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,376 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens