Chargement en cours...
Connexion au forum informatique de Sur-la-Toile
La discussion « nfection par des trojan downloader et backdoor win32/Rbot! et win32/Sbot: » se trouve dans le forum « Virus, troyens, etc... »
Statut de la discussion » nfection par des trojan downloader et backdoor win32/Rbot! et win32/Sbot: « ( normale)

nfection par des trojan downloader et backdoor win32/Rbot! et win32/Sbot:

Le  7-04-2006 à 19:52 #

Je n'arrive plus a controler mon ordi apres une infection par des trojan downloader et backdoor win32/Rbot! et win32/Sbot:
-connections sur des sites des mise en reseau,
-connection à internet de tous les logiciels Office:word, excell, powerpoint, etc....,
J'utilise Kapersky Anti-Virus et le Kapersky Anti-Hacker .
Pour arriver à tout bloquer:
1- j'ai change de navigateur passant de internet explorer à Firefox par ce que j'avais l'impression que les commandes pirates utilisaient IE;
2- j'ai bloqué la connection de toutes les applications sauf kapersky, et Firefox.
Depuis les tentatives de connections pirates continuent mais sont bloquées.
Merci si quelqu'un pouvait m'aider.

Le  7-04-2006 à 19:56 #

Salut

Et Bienvenue Sur La Toile !

Pour te débarasser de c'est Virus !

Fait un scan avec ton antivirus !

Fait un scan avec des antispywares (Ad-Aware / Spybot)

Fait un log avec HiJackThis ! (tuto HiJackThis)

Poste ton log HiJAckThis, dans ton prochain message !

A++

Le  7-04-2006 à 20:02 #

Merci d'avoir repondu aussi vite,.
voilà le log:
Logfile of HijackThis v1.99.1
Scan saved at 17:56:04, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\CAP3RSK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
C:\Program Files\Aspire Arcade\PCMService.exe
C:\Program Files\CRW\shwicon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~2\OESpamTest.ExE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Moussa DIOP\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/Default.asp?Ath=t
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/Default.asp?Ath=t
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Démarrage
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.1.250:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;,127.0.0.1;portableDIOP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - "C:\WINDOWS\System32\smiehlp.dll (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll__PointstoneDisabled (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: SYSTRAN Personal 4.0 - {039036AA-7710-11D7-ACDA-00B0D094B576} - C:\Program Files\SYSTRAN\4_0\Personal\IEPlugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Aspire Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ShowIcon_Chander_CRW Series Driver v1.17r019] "C:\Program Files\CRW\shwicon.exe" -t"Chander\CRW Series Driver v1.17r019"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~2\OESpamTest.ExE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = gbm.net
O17 - HKLM\Software\..\Telephony: DomainName = gbm.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCAA16C6-C2C9-4D8C-914D-9016DCEADB84}: NameServer = 82.151.90.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = gbm.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = gbm.net
O18 - Protocol: bw+0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {17FC2A15-00E8-4F7F-B291-C1C6DE3C1330} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\mv28l9fu1.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe


Le  7-04-2006 à 20:07 #

Salut

Dans ton log HiJackThis tu peux supprimer les lignes :

- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Documents and Settings\NetworkService\Menu Démarrer\Programmes\Démarrage

- O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - "C:\WINDOWS\System32\smiehlp.dll (file missing)

- O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll__PointstoneDisabled (file missing)

Et tu en as d'autres qui sont éventuellement méchant !

Mais pour l'instant laissons les de côtés !

Par contre n'oublis pas de scanner ton PC
avec ton antivirus et avec les antispywares !

A++

Le  7-04-2006 à 20:22 #

Merci infiniment j'ai fais les delete maintenant je lance le viruscan!
Je vous tiens au courant

Le  7-04-2006 à 21:25 #

salut Gorgi, pendant que tu yest, vire aussi toutes les tool barres autres que celle de google

Le  8-04-2006 à 13:43 #

Probleme toujours pas resolu:
J'ai aussi lance look to me destroyer :
Relance HijackThis! pour deleter:

O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O20 - Winlogon Notify: IntlRun - C:\WINDOWS\system32\mv28l9fu1.dll (file missing)
relance un scan kapersky mode sans echec.

Toujours sans succes: word essaie toujours de se loguer à chaque fois que je l'ouvre

Le 24-01-2007 à 12:47 #

Bonjour à tout le monde :) Il y a longtemps que je ne vous avais pas rendu une visite mais aujourd'hui, comme j'ai un problème, je reviens ! Merci par avance - J'ai lu avant le forum, et voilà le copié/collé de mon Hajick (?)
Logfile of HijackThis v1.99.1
Scan saved at 12:35:02, on 24/01/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
F:\Téléchargements\SpyWareDoctor\Spyware Doctor\Spyware Doctor\sdhelp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINNT\system32\internat.exe
F:\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\WINNT\System32\cidaemon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
F:\Téléchargements\HijackThis\HijackThis.exe
C:\WINNT\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mozilla-europe.org/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Spybost\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\TLCHAR~1\SPYWAR~1\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - F:\MESDOC~1\TL-ENR~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\TLCHAR~1\SPYWAR~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EoEngine] "F:\Mes doc\Télé-enregistrements\eoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Life Personal Firewall] FirewallingV10.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybost\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "F:\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] F:\Téléchargements\HijackThis\registryboosterplib\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Spyware Doctor] "F:\Téléchargements\SpyWareDoctor\Spyware Doctor\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Action Manager 32.lnk = C:\Program Files\ScannerU\UNINSTAL\AM32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\TLCHAR~1\SPYWAR~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0461ab4b049425130405/netzip/RdxIE601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136314288484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136317075171
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\Téléchargements\SpyWareDoctor\Spyware Doctor\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

Je sais qu'il y a un Backdoor.RBot.Gen
REGISTRY = HKCU\Software\Obsidum (10 en tout) + HKU\DEFAULT\Software\Obsidium
c'est spyware Doctor (version evaluation) qui les a trouvés -
Il y avait aussi : C:\WINNT\system32\eraseme_81837.exe Je l'ai enlevé manuellement, mais ça n'a rien changé, puisqu'il reste les HKCU !!
Comment je peux les enlever s'il-vous-plaît ?? Merci :)


[ Ce message a été modifié par : : amachi le 24-01-2007 13:03 ]

Le 25-01-2007 à 18:24 #

Je ne sais pas si ça peut aider, mais dans un autre endroit j'ai trouvé ce conseil pour scanner mon ordinateur :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/trojan_et_spywares/help_backdoor_rbot_tenaces-411869/messages-1.html
Télécharge F-Secure Blacklight (800ko) https://europe.f-secure.com/exclude/blacklight/blbeta.exe
Place-le dans son propre répertoire, dans C:\
Lance-le en double-cliquant sur le fichier blbeta.exe
Accepte la licence, et clique enfin sur "Scan"
Si Blacklight détecte des éléments invisibles, il en affiche la liste et permet de les renommer
Ne renomme rien du tout. Copie le contenu du log qui sera généré dans le même dossier que blbeta, avec un nom qui ressemblera à fsbl-20060316011845.log


ce que j'ai fait : résultat = 0 infections !!
j'ai enlevé le programme Spyware Doctor qui m'avait alertée - Redémarrage - Problème pour relancer FireFox -
Recherche de ce qui pouvait "rester" (?) de Spyware Doctor et il restait un programme dans ZoneLab- (une icône avec dessin de window : nom "spyware" Impossible de l'enlever !!!
Comme j'avais des problèmes à cause de Zone Alarm, je l'ai enlevé aussi -
J'ai redémarré mon ordinateur -
maintenant, il a l'air de marcher normalement - Je ne sais pas si c'était ça la solution et si j'avais VRAIMENT un Backdoor.Rbot.Gen parceque Spubot n'avait rien trouvé - voilà - Je ne sais pas si ça peut aider
» Liste des Forums » Virus, troyens, etc...




Ces discussions pourraient vous intéresser également:


Backdoor.win32 rbot gen
backdoor.win32.rbot. bnb
Infection Trojan- Win32.KeyLogger.aa & Downloader.Win32.Age nt.Bq (Résolu)
trojan.downloader.wi n32.Zlob.fq
trojan downloader win32 swizzor.cb

Sujets Connexes

Arakien & WéWé


Forums

Navigation


Publicité

Connectés

Il y a actuellement 127 visiteurs et 3 toiliens en ligne.

Recherche

Concours


Sauf mention contraire, le contenu du blog et du forum est sous licence Creative Commons By-Sa. Vous avez le droit de le reproduire à condition de citer l'auteur, de faire un lien vers la page d'origine, et de partager vos travaux dérivés selon les mêmes conditions.

Conditions d'utilisation -

Partenaires: [Informatique Multimédia] [Portail du Maroc] [Actualité High Tech]
[Tutoriaux Photoshop] [éligibilité ADSL] [Astuces Windows]

Page générée en 278 millisecondes sur WWW1.