sos virus WIN32 Zlober [Drp]
Ce virus revient rituellement , est bloqué par avast mais pas détruit
Que faire ??
QQun peu t' il interprété ce scan fait par HijacckThis
Merci
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:04:18, on 29/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Documents and Settings\jEAN CLAUDDE\Bureau\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/25.24/uploader2.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
 
--
End of file - 6126 bytes

bonsoir
 
et si tu remplaçais Avast! par Antivir, qui lui est un vrai antivirus, tu fais un scan avec et tu postes le rapport.    
 
 
Désinstalle correctement Avast!
 
 
Pour le remplacer par Antivir.
 
-->Tuto<--
 
 
Pourquoi changer ? : Avast! vs Antivir

Voici le scan Antivir
0 bytes size received / Se ha recibido un archivo vacio
Avira AntiVir PersonalEdition Classic
*************************************
 
Copyright © 2007 Avira GmbH.
All rights reserved.
 
 
Inhalt
******
 
0 Important information
1 System requirements
2 Important requirements for an installation
3 Incompatibilities with other programs
4 Support service
5 Contact address
 
 
0 Important information
***********************
 
Users who  have up  to now  installed an  ANSI version  of the  Avira
AntiVir PersonalEdition Classic software pack on a Microsoft  Windows
NT, Microsoft Windows 2000 or Microsoft Windows XP operating  system,
receive update information when attempting to update.
 
When updating, please proceed as follows:
 
1. Deinstall   the   installed   version   of   the   Avira   AntiVir
   PersonalEdition Classic.
2. Download a current software pack  from the downoad section of  the
   Avira  AntiVir  PersonalEdition  Classic  website  
   http://www.free-av.com.
3. Install this software pack on your computer.
 
1 System requirements
*********************
 
In order for Avira AntiVir PersonalEdition Classic to run properly,
the computer system must fulfill the following requirements:
 
- Computer: Pentium or higher, at least 133 MHz
 
- Operating system
  - Microsoft Windows Vista or
  - Microsoft Windows XP Home or Professional, or
  - Microsoft Windows 2000, SP 4 recommended
   
Avira AntiVir PersonalEdition Classic also supports Microsoft Windows
XP x64 Edition.
   
The display of the program  interfaces can differ, depending on  the
operating system used.
 
- 30 MB free memory on the hard disk (more if quarantine is used)
 
- Min. 100 MB temporary memory on the hard disk
 
- Min. 25 MB of free main memory
 
- For all installations: Internet Explorer 5.0 or higher
 
- For the installation of Avira AntiVir PersonalEdition Classic:  
  administrator rights
 
Note
----
 
- If there is no Internet  Explorer 5.0 or higher available  on your
  system, you can download it under the following address:
 
  http://www.microsoft.com/windows/i [...] fault.mspx
 
 
2 Important requirements for an installation
********************************************
 
Ensure that the following  requirements are fulfilled so  that Avira
AntiVir PersonalEdition Classic works properly on your computer:
 
- System requirements fulfilled
- No other on-access scanner (also called Guard) installed
- Installer has administrator rights
- Internet/Intranet connection available
- All running programs on the computer exited
 
 
3 Incompatibilities with other programs
***************************************
 
Cygwin
 
If the Avira AntiVir PersonalEdition Classic runs on a system  where
the product Cygwin is  installed, you might encounter  problems with
updating the Avira AntiVir PersonalEdition Classic. In a worst  case
scenario  you  might  not  be  able  to  update  the  Avira  AntiVir
PersonalEdition Classic at all.  Background to this behavior  is the
fact  that the  cygwin process  "cygrun.srv.exe" together  with the
Microsoft Client/Server runtime server subsystem ("csrss.exe) causes
a complete load of the system  once the update process of the  Avira
AntiVir PersonalEdition Classic is started. It is therefore strongly
recommended   to   deinstall  Cygwin   before   the  Avira   AntiVir
PersonalEdition Classic is installed.  
 
 
4 Support service
*****************
 
If  you  have  problems  please try  first to  solve them  using the
integrated  help   system  and   the  user   manual  (Download   at:
http://www.free-av.com).  For harder  problem, please  feel free  to
post a message  to  our bulletin  board at http://forum.avira.de  or
to call our Support-Hotline.
 
Please also feel free to post bug reports, hints,  feature  requests
and  anything  else  related  to  the Avira  AntiVir PersonalEdition
Classic to this Bulletin Board.
 
Please note that technical inquiries can only be anserwered via  our
Support-Forum or our Support-Hotline.
 
 
Support-Forum
-------------
 
...our forum is available for you at any time!
 
The forum, which is subdivided into clear categories offers you  the
possibility to  exchange yourself  online with  other users  and our
employees  of  the  customer  support.  An  up-to-date,   electronic
bulletin board that is  coordinated by our moderators  is available.
Our  experience multiplies  with the  experience from  the users  of
AntiVir  all  over  the  world. Have  a  look  on  it  without   any
obligation...  
 
http://forum.avira.de
 
 
Support-Hotline
---------------
 
Germany: 0900 10 11 333 (1,99 Euro/Min*)
Austria: 0900 51 03 61 121 (2,16 Euro/Min*)
Switzerland: 0900 51 03 61 (4,23 CHF/Min*)
 
* Prices are subject to change.
 
Mo - Fr between 10 a.m. and 7 p.m.
 
 
5 Contact
*********
 
 Avira GmbH
 Lindauer Str. 21
 D-88069 Tettnang
 Germany
 
 Internet: http://www.free-av.com

bonjour
 
relis ma procédure, je t'ai demandé de changer d'antivirus
clique sur les liens (en couleur)

Bonjour le remplacement d' aast par Antivir a ete tres efficasse le viru s a été mis en quarantaine + 2 autres cochonnerie
Merci pour le bon tuyau
Est il en français qqe par  
A+

bonjour
évite le sms    
 
non, il n'y a pas de version française, mais je t'ai donné un tuto.
 
~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.