RDV+DIAL chat illimit� dans ta r�g!
no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
Rapport Desinfection
FULL38, le jeu. 24 juil. 2008 à 16:10:42
Bonjour,

J'avais des virus sur mon pc et j'ai voulu le desinfecter en suivant ce tuto:
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr

Et a la fin c'est ecrit de poster ses trois rapport je les poste donc pour que qqun puisse me dire si mon pc est encore infecté:


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:58:11 24/07/2008

+ Résultat de l'analyse:



C:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP110\A0045552.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\Program Files\GTA SA - Tuning Édition\hlm-intro.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP100\A0041338.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP82\A0036874.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP87\A0038410.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP123\A0053130.exe -> Not-A-Virus.BadJoke.MSIL.Agent.s : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.55:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.61:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.54:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.59:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.44:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.56:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.35:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.37:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.38:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.43:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.46:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport




BitDefender Online Scanner
Scan report generated at: Thu, Jul 24, 2008 - 16:00:06

Scan path: C:\;D:\;E:\;F:\;G:\;

Statistics
Time 01:58:52
Files 637170
Folders 11543
Boot Sectors 6
Archives 12751
Packed Files 30144

Results
Identified Viruses 7
Infected Files 13
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 12

Engines Info
Virus Definitions 1385230
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 43
Unpack plugins 7
E-mail plugins 6
System plugins 5

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes


Scanned File Status
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Infected with: Trojan.Generic.366267
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Deleted
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Detected with: Adware.Generic.29279
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Disinfection failed
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Delete failed
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Detected with: Adware.Shopper.N
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Deleted




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:45, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: adzgalore - {0844d43f-9196-4c14-25a6-e1888cf96117} - D:\WINDOWS\system32\nsn21A.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: DNSEred - {4e3da8a6-8067-af5b-81ab-423acbca22c3} - D:\WINDOWS\system32\iednser.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sXe Injected] D:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Program Files\WinPcap\rpcapd.exe

--
End of file - 6812 bytesConfiguration: Windows XP
Firefox 3.0.1


Chiquitine29
juil. 08
Suivant
REPONSES
Chiquitine29
juil. 08
FULL38
juil. 08
Chiquitine29
juil. 08
FULL38
juil. 08
Chiquitine29
juil. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save