scarface_80

salut Jack_Burton c'est bon j'ai fait tout ce que tu ma dit voila le rapport ewido et hijackthis --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 16:49:45, 02/03/2006 + Somme de contrôle: DF3FB35 + Résultats du scan: :mozilla.6:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder :mozilla.27:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.28:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.29:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.30:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.31:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.32:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.36:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.37:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.38:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.40:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder :mozilla.87:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.91:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.92:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder :mozilla.93:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder :mozilla.104:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.112:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.113:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.114:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.115:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.116:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.123:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Nettoyer et sauvegarder :mozilla.124:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder :mozilla.125:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder :mozilla.126:C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\ScarFace\Cookies\scarface@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Program Files\Softwin\BitDefender9\Quarantine\rdriv.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder C:\System Volume Information\_restore{A813EC79-BF44-4BFD-9C01-790F5FE0A74D}\RP1\A0000003.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder C:\System Volume Information\_restore{A813EC79-BF44-4BFD-9C01-790F5FE0A74D}\RP1\A0004010.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder C:\System Volume Information\_restore{A813EC79-BF44-4BFD-9C01-790F5FE0A74D}\RP1\A0004028.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder C:\System Volume Information\_restore{A813EC79-BF44-4BFD-9C01-790F5FE0A74D}\RP1\A0004082.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder C:\WINDOWS\system32\rdriv.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder I:\Documents and Settings\scarface_ab\Cookies\scarface_ab@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 17:02:57, on 02/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\PROGRA~1\Softwin\BitDefender9\bdmcon.exe C:\PROGRA~1\Softwin\BitDefender9\bdnagent.exe C:\PROGRA~1\Softwin\BitDefender9\bdswitch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BitDefender9\bdmcon.exe O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\Softwin\BitDefender9\bdswitch.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) aparement le virus est viré merci les gars pour votre disponibilité et votre rapidité tchao a bientot

salut did71 ! voici le rapport de Panda Incident Statut Analyse Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@advertising[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@as1.falkag[1].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@bluestreak[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@doubleclick[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@xiti[1].txt Spyware:Cookie/GoStats No Désinfecté C:\Documents and Settings\ScarFace\Application Data\Mozilla\Firefox\Profiles\uiyhg1ue.default\cookies.txt[] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@advertising[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@as1.falkag[1].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@bluestreak[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@doubleclick[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\ScarFace\Cookies\scarface@xiti[1].txt il na pas détecté le fichier rdriv.sys bizarre ??

bonjour bitdefender me détecte le trojan rootkit.L impossible de l'eradiquer j'ai chercher pendant 3 jours sur les forums et sur google j'ai tenter differentes solution qui n'ont pas abouti j'ai suivit votre methode je poste mon rapport HijacLogfile of HijackThis v1.99.1 Scan saved at 19:59:49, on 01/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\msnmgr.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\PROGRA~1\Softwin\BitDefender9\bdnagent.exe C:\PROGRA~1\Softwin\BitDefender9\bdswitch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BitDefender9\bdmcon.exe O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\Softwin\BitDefender9\bdswitch.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Windows XP Manager (Manager) - Unknown owner - C:\WINDOWS\msnmgr.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)