analyse rapport hijackthis récalcitrant

mili · le 25 novembre 2006

'soir,

demain repas de famille alors c'est ce soir ou... le week end prochain!

pas trop le choix...

je dormirai à table demain!

+++ (merci de prendre soin de notre santé, pas que de celle de nos gentils appareils électriques)

mili · le 25 novembre 2006

'soir,

demain repas de famille alors c'est ce soir ou... le week end prochain!

pas trop le choix...

je dormirai à table demain!

+++ (merci de prendre soin de notre santé, pas que de celle de nos gentils appareils électriques)

mili · le 25 novembre 2006

'soir,

demain repas de famille alors c'est ce soir ou... le week end prochain!

pas trop le choix...

je dormirai à table demain!

+++ (merci de prendre soin de notre santé, pas que de celle de nos gentils appareils électriques)

mili · le 26 novembre 2006

bonjour,

Je n'arrive plus à demarrer en mode sans echec, dès que je le lance l'ordinateur redémarre, me redemande et ainsi de suite. e qui est bizarre c'est qu'il fonctionne en mode normal!

Je n'ai donc pas pu suivre toutes les étapes, BUF effectué en mode normal (semble sans effet, dure 1 seconde) (easy cleaner et effacage des messages OK)

Escan dont voici le rapport

SDFix ne fonctionne pas en mode normal

Je vais quand même refaire un scan en ligne pour voir si on a prograssé

Voilà le résultat du scan avec eScan:

File C:\WINDOWS\System32\dllcache\msagent.exe infected by "Backdoor.Win32.IRCBot.wd" Virus. Action Taken: File Renamed.

File C:\WINDOWS\userinit.exe infected by "Trojan.Win32.Pakes" Virus. Action Taken: File Deleted.

File C:\WINDOWS\System32\00120_netapi.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\06658_netapi.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\28220_netapi.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\40787_netapi.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\52074_netapi.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\a.exe infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\btxejmag.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\WINDOWS\System32\ctfmon32.dll infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\ctfmon32.exe infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\cuvvtlsy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\WINDOWS\System32\i infected by "Trojan-Downloader.BAT.Ftp.ab" Virus. Action Taken: File Deleted.

File C:\WINDOWS\System32\ldrmsvbvm06.dll infected by "Backdoor.Win32.Optix.b" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\msvbvm06.dll infected by "Backdoor.Win32.Optix.b" Virus. Action Taken: File Renamed.

File C:\WINDOWS\System32\nc.exe tagged as not-a-virus:RemoteAdmin.Win32.NetCat. No Action Taken.

File C:\WINDOWS\System32\rypwmdbp.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\WINDOWS\System32\svch5qi.dll infected by "Trojan-Downloader.Win32.Small.cyn" Virus. Action Taken: File Deleted.

File C:\WINDOWS\System32\turk.exe infected by "Backdoor.Win32.Cakl.b" Virus. Action Taken: File Renamed.

File C:\deskbar_e55.exe tagged as not-a-virus:AdWare.Win32.Softomate.r. No Action Taken.

File C:\Documents and Settings\Emilie\Bureau\backups\backup-20061111-205702-345.dll tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\Documents and Settings\Emilie\Bureau\backups\backup-20061113-170502-473.dll tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\Documents and Settings\Emilie\Local Settings\Temporary Internet Files\Content.IE5\GQ9J2LME\cytifolmo[1].txt infected by "Trojan-PSW.Win32.Sinowal.bh" Virus. Action Taken: File Deleted.

File C:\drsmartload.ex0 infected by "Trojan-Downloader.Win32.Adload.ht" Virus. Action Taken: File Deleted.

File C:\kbcvy.exe infected by "Trojan-Downloader.Win32.Small.ctf" Virus. Action Taken: File Deleted.

File C:\mc44a46.exe infected by "Trojan-Downloader.Win32.Adload.fu" Virus. Action Taken: File Deleted.

File C:\mc44a47.exe infected by "Trojan-Downloader.Win32.Adload.fu" Virus. Action Taken: File Deleted.

File C:\mc44a48.exe infected by "Trojan-Downloader.Win32.Adload.fu" Virus. Action Taken: File Deleted.

File C:\mc44a49.exe infected by "Trojan-Downloader.Win32.Adload.fu" Virus. Action Taken: File Deleted.

File C:\mc44a52.exe infected by "Trojan-Downloader.Win32.Adload.fu" Virus. Action Taken: File Deleted.

File C:\nwnmff_e46.exe_tobedeleted infected by "Trojan-Downloader.Win32.Adload.hy" Virus. Action Taken: File Deleted.

File C:\nwnmff_e52.exe_tobedeleted infected by "Trojan-Downloader.Win32.Adload.ic" Virus. Action Taken: File Deleted.

File C:\Program Files\Fichiers communs\{307F2A6B-070F-1036-0309-050408160021}\888Bar.dll tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\Program Files\Fichiers communs\{307F2A6B-070F-1036-0309-050408160021}\Uninst.exe tagged as not-a-virus:RiskTool.Win32.PsKill.q. No Action Taken.

File C:\Program Files\Fichiers communs\{307F2A6B-0710-1036-0309-050408160021}\888Bar.dll tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\Program Files\Fichiers communs\{E07F2A6B-070F-1036-0309-050408160021}\services.dll tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\Program Files\Fichiers communs\{E07F2A6B-070F-1036-0309-050408160021}\Update.exe tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\Program Files\Fichiers communs\{E07F2A6B-0710-1036-0309-050408160021}\services.dll tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\Program Files\Fichiers communs\{E07F2A6B-0710-1036-0309-050408160021}\Update.exe tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.

File C:\psoe.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.591. No Action Taken.

File C:\RECYCLER\S-1-5-21-606747145-1580818891-839522115-1004\Dc65.exe tagged as not-a-virus:AdWare.Win32.DownloadWare.a. No Action Taken.

File C:\sauvegardes\Documents and Settings\David\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-17005c27.zip.0.AVB infected by "Trojan-Downloader.Java.OpenStream.w" Virus. Action Taken: File Deleted.

File C:\sauvegardes\Documents and Settings\David\Local Settings\Temp\D1396\tbon.exe tagged as not-a-virus:AdWare.Win32.Bestofer.b. No Action Taken.

File C:\sauvegardes\Documents and Settings\Emilie\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-582ebdcd.zip.0.AVB infected by "Trojan-Downloader.Java.OpenStream.w" Virus. Action Taken: File Deleted.

File C:\sauvegardes\Documents and Settings\Emilie\Local Settings\Temporary Internet Files\Content.IE5\YT67HUE8\SystemDoctor2006FreeInstall_fr[1].exe tagged as not-a-virus:Downloader.Win32.WinFixer.l. No Action Taken.

File C:\sauvegardes\Program Files\Need2Find\bar\5.bin\N2PLUGIN.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.l. No Action Taken.

File C:\sauvegardes\Program Files\Save\ACM.dll tagged as not-a-virus:AdTool.Win32.WhenU.i. No Action Taken.

File C:\sauvegardes\Program Files\Shareaza\Downloads\01 - momo 07.wma infected by "Trojan-Downloader.WMA.Wimad.d" Virus. Action Taken: File Deleted.

File C:\sauvegardes\Program Files\Shareaza\Downloads\FallenAngles presents rap francais 02.zip tagged as not-a-virus:AdWare.Win32.AdvertMen.a. No Action Taken.

File C:\sauvegardes\Program Files\TBONBin\TBONWnd.EXE tagged as not-a-virus:AdWare.Win32.BetterInternet.bf. No Action Taken.

File C:\VundoFix Backups\khfeeba.dll.bad tagged as not-a-virus:AdWare.Win32.Virtumonde.ep. No Action Taken.

File C:\VundoFix Backups\qomkifd.dll.bad tagged as not-a-virus:AdWare.Win32.Virtumonde.ep. No Action Taken.

File C:\VundoFix Backups\yayywwx.dll.bad tagged as not-a-virus:AdWare.Win32.Virtumonde.ep. No Action Taken.

File C:\WINDOWS\biooos\one.exe tagged as not-a-virus:RiskTool.Win32.Hideout. No Action Taken.

File C:\WINDOWS\system32\btxejmag.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6DU1A16T\75801_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6DU1A16T\deskbar_e[1].exe tagged as not-a-virus:AdWare.Win32.Softomate.r. No Action Taken.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6DU1A16T\mc[1].jpg infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6DU1A16T\pl[1].jpg infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U1WRWB65\84785_redworld[1].exe infected by "Backdoor.Win32.IRCBot.wd" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U1WRWB65\84785_redworld[2].exe infected by "Backdoor.Win32.IRCBot.wd" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U1WRWB65\duckdown[1].exe tagged as not-a-virus:Client-IRC.Win32.mIRC.591. No Action Taken.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U1WRWB65\kybrdff_e[1].exe infected by "Trojan-Downloader.Win32.Adload.hy" Virus. Action Taken: File Deleted.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U92RAP01\27607_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U92RAP01\58180_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U92RAP01\63833_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U92RAP01\deskbar_e[1].exe tagged as not-a-virus:AdWare.Win32.Softomate.r. No Action Taken.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\YX4LWV4J\25033_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\YX4LWV4J\76516_netapi[1].exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\YX4LWV4J\84785_redworld[1].exe infected by "Backdoor.Win32.IRCBot.wo" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\cuvvtlsy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\WINDOWS\system32\dllcache\msiupdate32.exe infected by "Backdoor.Win32.IRCBot.wo" Virus. Action Taken: File Renamed.

File C:\WINDOWS\system32\nc.exe tagged as not-a-virus:RemoteAdmin.Win32.NetCat. No Action Taken.

File C:\WINDOWS\system32\rypwmdbp.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

File C:\windows.exe infected by "Trojan-Downloader.Win32.Adload.hw" Virus. Action Taken: File Deleted.

File C:\yz02.exe tagged as not-a-virus:AdWare.Win32.NewDotNet. No Action Taken.

bruce lee · le 26 novembre 2006

bonjour mili

Je ne pense pas que le rapport de e scan soit complet, poste la suite. Réessaye de demarrer en mode sans echec si ca marche, suis la procedure que je t'ai mise

@+

mili · le 26 novembre 2006

Bonsoir,

Après de multiples essais le demarrage en mode sans échec est toujours impossible.

Je n'arrive pas non plus à réactiver la restauration du système: il me dit de redemarrer, je redemarre et ça ne marche toujours pas...

Je commence à desepérer...

++

bruce lee · le 27 novembre 2006

bonjour mili,

Je commence à desepérer...

Tu vas tout de meme pas me dire que les bestioles vont remportés la victoire contre nous! Allez courage Ue désinfection c'est basé en grande partie sur de la patience et vu ton infection il va falloir etre tres patient.

Crois moi, quand ton PC sera clean tu seras fier de toi et du travail que tu as fournis

pour le mode sanns echec

regarde ici:

http://forum.telecharger.01net.com/telecha...messages-1.html

et applique la methode 2.

@+

Connexion

Pas encore inscrit ?

analyse rapport hijackthis récalcitrant

Messages recommandés

mili

Lien vers le commentaire

Partager sur d’autres sites

mili

Lien vers le commentaire

Partager sur d’autres sites

mili

Lien vers le commentaire

Partager sur d’autres sites

mili

Lien vers le commentaire

Partager sur d’autres sites

bruce lee

Lien vers le commentaire

Partager sur d’autres sites

mili

Lien vers le commentaire

Partager sur d’autres sites

bruce lee

Lien vers le commentaire

Partager sur d’autres sites

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer