LeBello

Merci, je viens de resoudre mais probleme. A bientot Olivier

Bonjour, J'ai des petits ennuis qui génére certaines difficultés J'ai réussi à virer Virtumundo mais il me reste encore des problèmes. J ai fait le rapport bitdefender : BitDefender Online Scanner Scan report generated at: Tue, Sep 19, 2006 - 14:48:06 Scan path: C:\;D:\;C:\Documents and Settings\opellet\Mes documents; Statistics Time 01:07:33 Files 397868 Folders 3431 Boot Sectors 4 Archives 3687 Packed Files 36401 Results Identified Viruses 7 Infected Files 12 Suspect Files 0 Warnings 0 Disinfected 0 Deleted Files 7 Engines Info Virus Definitions 454858 Engine build AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38) Scan plugins 13 Archive plugins 38 Unpack plugins 6 E-mail plugins 6 System plugins 1 Scan Settings First Action Disinfect Second Action Delete Heuristics Yes Enable Warnings Yes Scanned Extensions *; Exclude Extensions Scan Emails Yes Scan Archives Yes Scan Packed Yes Scan Files Yes Scan Boot Yes Scanned File Status C:\Program Files\Safety Bar\SafetyBar.dll Infected with: Trojan.Agent.Zlob.M C:\Program Files\Safety Bar\SafetyBar.dll Disinfection failed C:\Program Files\Safety Bar\SafetyBar.dll Delete failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003139.dll Infected with: Trojan.FakeAlert.CX C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003139.dll Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003139.dll Deleted C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003140.dll Infected with: Trojan.FakeAlert.CX C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003140.dll Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003140.dll Deleted C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003141.exe Infected with: Trojan.Dialer.ADI C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003141.exe Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003141.exe Deleted C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003142.dll Infected with: Trojan.Downloader.Zlob.AIU C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003142.dll Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003142.dll Deleted C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003143.dll Infected with: Trojan.Downloader.Zlob.AIU C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003143.dll Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003143.dll Deleted C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003144.dll Infected with: Trojan.Downloader.Zlob.AIU C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003144.dll Disinfection failed C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP17\A0003144.dll Deleted C:\WINDOWS\system32\ishost.exe Infected with: Trojan.Zlob.BY C:\WINDOWS\system32\ishost.exe Disinfection failed C:\WINDOWS\system32\ishost.exe Delete failed C:\WINDOWS\system32\ismini.exe Infected with: Trojan.Zlob.BY C:\WINDOWS\system32\ismini.exe Disinfection failed C:\WINDOWS\system32\ismini.exe Delete failed C:\WINDOWS\system32\isnotify.exe Infected with: Trojan.Agent.Zlob.L C:\WINDOWS\system32\isnotify.exe Disinfection failed C:\WINDOWS\system32\isnotify.exe Delete failed C:\WINDOWS\system32\ixt3.dll Infected with: Trojan.Downloader.Zlob.AIU C:\WINDOWS\system32\ixt3.dll Disinfection failed C:\WINDOWS\system32\ixt3.dll Delete failed D:\Dossiers Personnels Outlook\Texera 01_2005.pst=>[subject: pach activation winXP SP2pro][From: Yann CERESUELA]=>Windows2003&XPAntiProductActivationCrack1[1].8Beta2.rar=>WPA_Kill.exe Infected with: Virtool.Wpakill.M D:\Dossiers Personnels Outlook\Texera 01_2005.pst=>[subject: pach activation winXP SP2pro][From: Yann CERESUELA]=>Windows2003&XPAntiProductActivationCrack1[1].8Beta2.rar=>WPA_Kill.exe Disinfection failed D:\Dossiers Personnels Outlook\Texera 01_2005.pst=>[subject: pach activation winXP SP2pro][From: Yann CERESUELA]=>Windows2003&XPAntiProductActivationCrack1[1].8Beta2.rar=>WPA_Kill.exe Deleted D:\Dossiers Personnels Outlook\Texera 01_2005.pst=>[subject: pach activation winXP SP2pro][From: Yann CERESUELA]=>Windows2003&XPAntiProductActivationCrack1[1].8Beta2.rar Update failed puis rapport hijack : Logfile of HijackThis v1.99.1 Scan saved at 15:13:36, on 19/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe C:\Program Files\Sophos\AutoUpdate\ALsvc.exe C:\Program Files\Sophos\Remote Management System\RouterNT.exe C:\Program Files\RealVNC\WinVNC\WinVNC.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ishost.exe C:\WINDOWS\system32\isnotify.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\ismini.exe C:\WINDOWS\stsystra.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\PROGRA~1\PRINTV~1\pvmodule.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Sophos\AutoUpdate\ALMon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....;l=fr&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=fr&s=gen R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par SCOPELEC R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3CCF464E-CE56-4BF1-9CA7-5A69AF6E6D44} - C:\WINDOWS\system32\jkklj.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt3.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\SafetyBar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [052d5858.exe] C:\WINDOWS\system32\052d5858.exe O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [052d5858.exe] C:\Documents and Settings\opellet\Local Settings\Application Data\052d5858.exe O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = scopelec.fr O17 - HKLM\Software\..\Telephony: DomainName = scopelec.fr O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = scopelec.fr O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing) O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Créateur de rapports d'état Sophos Anti-Virus (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe O23 - Service: Sophos Cleanup Service (SAVCleanupService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVCleanupService.exe O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe O23 - Service: Sophos Agent - Unknown owner - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe" -service -name Agent (file missing) O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe O23 - Service: Sophos Message Router - Unknown owner - C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194 (file missing) O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing) O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -service (file missing) O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe Merci pour votre aide Olivier