Votre question

probleme rencontré avec le trojan beagle [ RESOLU]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Mars 2006 23:48:44

bonjour alors voila jai un probleme avec un trojans que jai recuperé en installant un patch. le nom est beagle..... je sais plus trop et je ne peux pas le redonner puisque norton a été désactivé. jai installé kaspersky, puis a², puis the cleaner mais rien n'y fait, je ne parvient pas à le supprimer. je sais aussi qu'il touche un fichier de c:\windows\system32\ldr64.dll. voila jaimerais obtenir de laide parce que ça fait deux jours que je marrache les cheveux. jaimerais vraiment sauver mes données et éviter le formatage. jattend avec impatience une reponse et vous remercie davance.

Autres pages sur : probleme rencontre trojan beagle resolu

5 Mars 2006 00:08:29

Bonsoir,

Télécharge le programme >>Hijackthis 1.99.1<<

Dézippe-le et mets-le dans un dossier specifique (exemple : ..\Bureau\Hijackthis\Hijackthis.exe )

Lance-le
Clique sur "Do a system scan and save a logfile" et poste le rapport avec copier/coller

on regardera quand on aura un moment...
5 Mars 2006 20:45:25

bonsoir voila le rapport,

Logfile of HijackThis v1.99.1
Scan saved at 20:42:35, on 05/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Messenger\MsgPlus.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SpeedRam2\Speedram.exe
C:\Program Files\Stoppub\StopPub.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)
O2 - BHO: (no name) - {969888D9-BB8F-9004-FF8B-BC983621DF11} - C:\DOCUME~1\user\APPLIC~1\ONEHEL~1\BodyGrid.exe (file missing)
O2 - BHO: (no name) - {CD5B7D7F-2651-945C-A9B2-A77EF2F447DD} - C:\DOCUME~1\user\APPLIC~1\ONEHEL~1\BodyGrid.exe (file missing)
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [City Media Meet Chic] C:\Documents and Settings\All Users\Application Data\User64citymedia\findsupport.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ping Axis Audio Mail] C:\Documents and Settings\All Users\Application Data\EXTRAREALPINGAXIS\BODYTIME.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NaturalPoint] c:\program files\naturalpoint\trackir\LaunchNP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IFSplash] ImmSplsh.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [UninstallAbility] "C:\Program Files\UninstallAbility\uability.exe" /AUTO
O4 - HKCU\..\Run: [anti hold] C:\DOCUME~1\user\APPLIC~1\gluedrv\ABOUT DASH.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: config.ini
O4 - Startup: IncMail.lnk = C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Startup: Speedram.lnk = C:\Program Files\SpeedRam2\Speedram.exe
O4 - Startup: StopPub.lnk = C:\Program Files\Stoppub\StopPub.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Stoppub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Stoppub\StopPub.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
O20 - Winlogon Notify: mloader32 - C:\WINDOWS\SYSTEM32\mloader32.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe

alors cest grave?
je te remercie de mavoir repondu aussi vite et attend encore avec impatience ta réponse.
Contenus similaires
5 Mars 2006 22:13:42

Bonsoir,

1/ Télécharge et installe CCleaner

2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.

3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)
O2 - BHO: (no name) - {969888D9-BB8F-9004-FF8B-BC983621DF11} - C:\DOCUME~1\user\APPLIC~1\ONEHEL~1\BodyGrid.exe (file missing)
O2 - BHO: (no name) - {CD5B7D7F-2651-945C-A9B2-A77EF2F447DD} - C:\DOCUME~1\user\APPLIC~1\ONEHEL~1\BodyGrid.exe (file missing)
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)

O4 - HKLM\..\Run: [City Media Meet Chic] C:\Documents and Settings\All Users\Application Data\User64citymedia\findsupport.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ping Axis Audio Mail] C:\Documents and Settings\All Users\Application Data\EXTRAREALPINGAXIS\BODYTIME.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IFSplash] ImmSplsh.exe
O4 - HKCU\..\Run: [anti hold] C:\DOCUME~1\user\APPLIC~1\gluedrv\ABOUT DASH.exe

O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
O20 - Winlogon Notify: mloader32 - C:\WINDOWS\SYSTEM32\mloader32.dll


4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)

5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :

C:\Program Files\QuickSearch\ --> le dossier
C:\Documents and Settings\user\Application Data\ONEHEL~1\ --> le dossier (il commence par Onehel...)
C:\Documents and Settings\All Users\Application Data\User64citymedia\ --> le dossier
C:\Documents and Settings\All Users\Application Data\EXTRAREALPINGAXIS\ --> le dossier
C:\Documents and Settings\user\Application Data\gluedrv\ --> le dossier

6/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage

7/ Relance HijackThis
Clique sur le bouton Open the Misc Tools Section
Clique sur Delete a file on reboot...
Dans "Nom du fichier :" colle C:\WINDOWS\SYSTEM32\mloader32.dll puis clique sur Ouvrir
À la question "Voulez-vous redémarrer maintenant ?" clique sur Oui

8/ Après redémarrage poste un nouveau rapport HijackThis.
6 Mars 2006 07:38:50

bonjour, alors voila jai réussi mais le probleme cest que je nai pas pu utilisé ccleaner en mode sans echec. du coup je lai fait en mode normal. voici le rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 07:35:09, on 06/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Messenger\MsgPlus.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SpeedRam2\Speedram.exe
C:\Program Files\Stoppub\StopPub.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\user\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NaturalPoint] c:\program files\naturalpoint\trackir\LaunchNP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [UninstallAbility] "C:\Program Files\UninstallAbility\uability.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: config.ini
O4 - Startup: IncMail.lnk = C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Startup: Speedram.lnk = C:\Program Files\SpeedRam2\Speedram.exe
O4 - Startup: StopPub.lnk = C:\Program Files\Stoppub\StopPub.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Stoppub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Stoppub\StopPub.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe

merci encore pour tes conseils. jespere quon pourra léliminer!!
6 Mars 2006 09:01:08

Bonjour,

Plus rien d'infectieux dans ce rapport.

as-tu encore des dysfonctionnements ?
6 Mars 2006 20:50:36

bonsoir,
tout dabord merci pour tout, jai bien limpression de ne plus rien avoir..enfin.... jai enfin pu réinstaller norton antivirus 2005 mais lactivation ne peut se faire..Tu peux maider?
merci encore pour tout
8 Mars 2006 19:40:11

bonsoir,
je voudrais savoir si tu penses que ça a un rapport avec mon trojan? dans tout les cas, peux-tu maider?
je te remercie davance
8 Mars 2006 23:19:03

Bonsoir,

Fais un scan en ligne chez kaspersky et poste le rapport.
9 Mars 2006 23:13:13

Initialize Kaspersky On-line Scanner
(downloading and installing Kaspersky On-line Scanner ActiveX from the server into your computer)




Update Kaspersky Anti-Virus Databases [100%]:
(downloading and installing the latest Kaspersky Anti-Virus Databases)




Please wait to update the virus definitions...
Downloading from url: http://eu2h.kaspersky-labs.com
Downloading remote file: master.xml
Downloading remote file: soft.xml
Downloading remote file: kavset.xml
Downloading remote file: updcfg.xml
Downloading remote file: avcmhk4.dll
Downloading remote file: avp.klb
Downloading remote file: avp.set
Downloading remote file: avp.vnd
Downloading remote file: avp_ext.set
Downloading remote file: avp_x.set
Downloading remote file: base005.avc
Downloading remote file: base006.avc
Downloading remote file: base007.avc
Downloading remote file: base061.avc
Downloading remote file: base062.avc
Downloading remote file: base063.avc
Downloading remote file: base064.avc
Downloading remote file: base065.avc
Downloading remote file: base066.avc
Downloading remote file: base067.avc
Downloading remote file: base068.avc
Downloading remote file: base069.avc
Downloading remote file: base070.avc
Downloading remote file: base071.avc
Downloading remote file: base072.avc
Downloading remote file: base073.avc
Downloading remote file: base074.avc
Downloading remote file: base075.avc
Downloading remote file: base076.avc
Downloading remote file: base077.avc
Downloading remote file: base078.avc
Downloading remote file: base079.avc
Downloading remote file: base080.avc
Downloading remote file: base081.avc
Downloading remote file: base082.avc
Downloading remote file: base083.avc
Downloading remote file: base084.avc
Downloading remote file: base085.avc
Downloading remote file: base086.avc
Downloading remote file: base087.avc
Downloading remote file: base088.avc
Downloading remote file: base089.avc
Downloading remote file: base090.avc
Downloading remote file: base091.avc
Downloading remote file: black.lst
Downloading remote file: ca.avc
Downloading remote file: daily.avc
Downloading remote file: daily-ex.avc
Downloading remote file: eicar.avc
Downloading remote file: engine.cfg
Downloading remote file: engine.dt
Downloading remote file: ext001.avc
Downloading remote file: ext002.avc
Downloading remote file: ext003.avc
Downloading remote file: ext004.avc
Downloading remote file: ext005.avc
Downloading remote file: ext006.avc
Downloading remote file: ext999.avc
Downloading remote file: fa.avc
Downloading remote file: gen001.avc
Downloading remote file: gen002.avc
Downloading remote file: gen003.avc
Downloading remote file: gen004.avc
Downloading remote file: gen999.avc
Downloading remote file: kernel.avc
Downloading remote file: krn001.avc
Downloading remote file: krndos.avc
Downloading remote file: krnengn.avc
Downloading remote file: krnexe.avc
Downloading remote file: krnexe32.avc
Downloading remote file: krnjava.avc
Downloading remote file: krnmacro.avc
Downloading remote file: krnunp.avc
Downloading remote file: mail.avc
Downloading remote file: ocr.avc
Downloading remote file: smart.avc
Downloading remote file: troj001.avc
Downloading remote file: troj003.avc
Downloading remote file: troj005.avc
Downloading remote file: troj007.avc
Downloading remote file: troj009.avc
Downloading remote file: troj011.avc
Downloading remote file: troj012.avc
Downloading remote file: troj013.avc
Downloading remote file: troj014.avc
Downloading remote file: troj015.avc
Downloading remote file: troj016.avc
Downloading remote file: troj017.avc
Downloading remote file: troj018.avc
Downloading remote file: troj019.avc
Downloading remote file: troj020.avc
Downloading remote file: troj021.avc
Downloading remote file: troj022.avc
Downloading remote file: unp000.avc
Downloading remote file: unp001.avc
Downloading remote file: unp002.avc
Downloading remote file: unp003.avc
Downloading remote file: unp004.avc
Downloading remote file: unp005.avc
Downloading remote file: unp006.avc
Downloading remote file: unp007.avc
Downloading remote file: unp008.avc
Downloading remote file: unp009.avc
Downloading remote file: unp010.avc
Downloading remote file: unp011.avc
Downloading remote file: unp012.avc
Downloading remote file: unp013.avc
Downloading remote file: unp014.avc
Downloading remote file: unp015.avc
Downloading remote file: unp016.avc
Downloading remote file: unp017.avc
Downloading remote file: unp018.avc
Downloading remote file: unp019.avc
Downloading remote file: unp020.avc
Downloading remote file: unp021.avc
Downloading remote file: unp022.avc
Downloading remote file: unp023.avc
Downloading remote file: unp024.avc
Downloading remote file: unp025.avc
Downloading remote file: unp026.avc
Downloading remote file: unp027.avc
Downloading remote file: unp028.avc
Downloading remote file: unp029.avc
Downloading remote file: unp030.avc
Downloading remote file: unp031.avc
Downloading remote file: unp032.avc
Downloading remote file: verdicts.ini
Downloading remote file: virus002.avc
Downloading remote file: virus003.avc
Downloading remote file: virus004.avc
Downloading remote file: virus005.avc
Downloading remote file: virus006.avc
Downloading remote file: virus007.avc
Downloading remote file: virus008.avc
Downloading remote file: virus009.avc
Downloading remote file: virus010.avc
Downloading remote file: virus011.avc
Downloading remote file: virus012.avc
Downloading remote file: virus013.avc
Downloading remote file: virus014.avc
Downloading remote file: virus015.avc
Downloading remote file: virus016.avc
Downloading remote file: virus017.avc
Downloading remote file: virus018.avc
Downloading remote file: virus019.avc
Downloading remote file: virus020.avc
Downloading remote file: worm001.avc
Downloading remote file: worm002.avc
Downloading remote file: worm003.avc
Downloading remote file: worm004.avc
Downloading remote file: worm999.avc
Update finished. Ready to scan.
Next
Please select a target to scan:
You can configure the scanning process by pressing "Scan Settings" button.



Critical Areas
scan critical areas of your hard disks
specified in %windir% and %tmp% system variables
My Computer
scan all your hard and mapped disks
My Email
scan all your hard and mapped disks only for the following extensions: *.PST; *.MSG; *.OST; *.MDB; *.DBX; *.EML; *.MBS
Folders...
scan selected folders
A File...
scan a one file





Warning: The Kaspersky On-line Scanner may not run successfully while any other Anti-Virus software is running. If you have Anti-Virus software installed, please disable your AV protection before running the Kaspersky On-line Scanner.
The scan is complete.
No malware has been detected. The sections that have been scanned are CLEAN.



Report is empty.
Please note: The free Kaspersky On-line Scanner does not provide comprehensive protection and cannot prevent future infections. It only detects malware that has already penetrated your storage devices. We strongly recommend that you use a fully-functional antivirus solution to protect your computer at all times.

Please wait, this process may take a long time depending on the selected target. If you want to continue browsing, open a new window.

Scan Progress [99%]:





Total number of scanned files: 82260
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 01:33:20

voila le rapport, jattend ta réponses avec impatience. merci beaucoup
10 Mars 2006 00:20:54

Bonsoir,

aucun virus ni trojan détecté
il semblerait donc que ton prob avec Norton ne soit pas lié à une infection...
je ne peux pas t'aider plus, désolé :-(

tu peux essayer un autre AV (après avoir désinstallé Norton) par ex :
--> Kaspersky ou nod32 en payants (version d'évaluation 1 mois sur les sites officiels)
--> avast! en gratuit
10 Mars 2006 08:26:14

ok merci du conseil.... je crois que je vais mettre avast en attendant parce que jai entendu plein de bonnes choses dessus. et jai de te dire hier que jai une mise a jour windows, la Windows XP (KB898461), qui ne veut pas sinstaller. je crois que ça peut venir du fait que je nai plus dantivirus valable. tu crois que jai raison ? merci encore une fois pour tout ! ! !
10 Mars 2006 08:29:31

Citation :
je crois que ça peut venir du fait que je nai plus dantivirus valable. tu crois que jai raison ?

non ça n'a pas de rapport.
10 Mars 2006 08:32:48

oki donc ça viendrait dou tu crois?

merci de ta réponse aussi rapide.
10 Mars 2006 08:46:42

je n'en sais rien :-?
10 Mars 2006 09:41:11

oki bha merci pour tout alors. je vais mettre résolu pour le probleme du trojan. je te remercie vraiment car sans toi jaurais certainement tout formater...bonne continuation.
25 Octobre 2007 23:29:08

bonsoir

j'ai exactement le méme probléme, voici le scan avec hijackthis ! je vous remercie énormément si vous pouvez m'aider

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS