Il y a actuellement 416 visiteurs
Lundi 23 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Impossible de mettre en quarantaine un virus avec avast

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Impossible de mettre en quarantaine un virus avec avast

Message le 08 Avr 2009 18:39

Bonjour,

J'ai fait deux analyses avec Avast. Résultats : 9 chevaux de troie qu'il m'a été impossible de placer en quarantaine.
A la fin, le résultat indiquait le message " une erreur est survenue lors du déplacement".
Je suis ennuyée car je n'ai pas encore trouvé de réponse en cherchant sur google.
Pouvez-vous m'aider :o
Je précise que mes connaissances en langage informatique sont assez limitées :x
Merci.
Nougat
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 


Message le 08 Avr 2009 18:53

Bonjour.

1_ Tu suis ce tutorial et tu nous postes le rapport généré.


2_ Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.

Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.

Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.

_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.

_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.

Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.
Avatar de l'utilisateur
DouDou9455
PC-Infopraticien
PC-Infopraticien
 
Messages: 9541
Inscription: 03 Nov 2007 17:50
Localisation: In Your Brain
 

Résultats

Message le 08 Avr 2009 21:30

Bonsoir,

Voilà le résultat.
J'ai suivi les consignes. Je ne sais pas si tout est en quarantaine mais je te laisse le détail.
J'ai utilisé avant Hisjack que je connaissais mais rien de suspect n'a été détecté donc je n'ai pas copié l'évaluation.
Pour l'avenir, j'ai compris qu'il fallait que j'utilise plus régulièrement mon antispyware mais quid d'avast ??? dans la mesure où celà a été un échec .
Puis-je enfin garder "malwarebytes/anti-malware avec les antipsyware et antivirus ???
Je te remercie pour ton aide et te souhaire une bonne soirée.

Nougat

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1952
Windows 5.1.2600 Service Pack 2

08/04/2009 21:57:43
mbam-log-2009-04-08 (21-57-43).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 199559
Temps écoulé: 1 hour(s), 7 minute(s), 52 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 46
Fichier(s) infecté(s): 94

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOTInterface{a7f9e9f8-7a20-4e56-9507-515a0922bad3} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{5a445f80-dab5-4cd9-8a05-cd09ac145aa2} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTAppID{9998f676-23e3-4380-84f0-739c19cbd312} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTAppIDTorrentManager.DLL (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTBitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTorrent101 (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWARESystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREEoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:Program FilesSystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor FreeData (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataSystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique Pl.Application DataSystemDoctor FreeLogs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsJean-Louis PlApplication DataSystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsJean-Louis PlApplication DataSystemDoctor FreeLogs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Program FilesStarware354 (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesStarware354in (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesStarware354icons (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354 (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttons (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354 (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Games (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Gamesimages (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Gamesimagesactive (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Gamesimagesdefault (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Moviesimages (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Moviesimagesactive (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Moviesimagesdefault (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RecipeSearch_Foreign (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Recipes_Foreign (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerimages (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerimagesactive (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerimagesdefault (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:WINDOWSsystem32UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:Program FilesTorrent101 (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Skins (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Support (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101M (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadSkins (Trojan.Lop) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:Program FilesBitDownloadTorrentManager.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesSystemDoctor Freest.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor FreeDataAbbr (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor FreeDataActivationCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor FreeDataHOURS (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataSystemDoctor FreeDataProductCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataSystemDoctor FreeLogsupdate.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Documents and SettingsJean-Louis PlApplication DataSystemDoctor FreeLogsupdate.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:Program FilesStarware354rand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesStarware354Starware354Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesStarware354Starware354Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesStarware354iconsstar_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsFindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsFindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsfindithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsfinditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsHighlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsHighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonshighlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonshighlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttons ecipes.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttons ecipes.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttons ecipes_foreign_feed.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttons ecipes_foreign_feed.png (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354uttonsstarware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354contextserror.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354contexts elated.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354contextsTravel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateSimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateSimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateTimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsAll UsersApplication DataStarware354SimpleUpdateTimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354BrowserSearchBrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354BrowserSearchBrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ConfiguratorConfigurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ConfiguratorConfigurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ErrorSearchErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ErrorSearchErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354GamesGamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354GamesGamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354GamesimagesactiveGames0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354LayoutsToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354LayoutsToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ManagerManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ManagerManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354MoviesMoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354MoviesMoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354MoviesimagesactiveMovies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RecipeSearch_ForeignRecipeSearch_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RecipeSearch_ForeignRecipeSearch_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Recipes_ForeignRecipes_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354Recipes_ForeignRecipes_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RelatedSearchRelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354RelatedSearchRelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ScreensaversMarketingSitePagerimagesactiveScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarTBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarTBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarLogoToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarLogoToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarSearchToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354ToolbarSearchToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354TravelSearchTravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:Documents and SettingsDominique PlApplication DataStarware354TravelSearchTravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:Program FilesTorrent101settings.ini (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101settings.stp (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101SkinCrafterDll.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Torrent101.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Torrent101.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101TorrentManager.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101unins000.dat (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101unins000.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Skinsorg.skf (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Supportdefault.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Supportdots.gif (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesTorrent101Supportlogo.jpg (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadBitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadsettings.ini (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadsettings.stp (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadSkinCrafterDll.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadstate.dht (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadunins000.dat (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadunins000.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:Program FilesBitDownloadSkinsStylish.skf (Trojan.Lop) -> Quarantined and deleted successfully.
C:WINDOWSsystem32ubbupkr_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32wijsdnwyqz_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32zhhqmduol_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32ubbupkr_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32wijsdnwyqz_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32zhhqmduol_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:Program FilesEoRezo (Rogue.Eorezo) -> Delete on reboot.
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 

Message le 08 Avr 2009 21:57

Bonjour.

On peut dire que tu es quand même "infectée". Fais le scan HiJackThis et poste le rapport.

Tu relances aussi Mbam jusqu'à ce qu'il ne trouve plus rien à supprimer.

Mbam est à garder comme seul anti-malware, pas la peine de rajouter Ad-Aware ou quoi que ce soit, il est polyvalent et travaille bien.

Avast est un bon antivirus mais il ne remplace pas l'utilisateur, un peu de bon sens dans ton surf et tout se passera bien: on installe seulement ce qu'on connait, on ne clique pas n'importe où, on évite les sites sensibles...
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 08 Avr 2009 22:33

Bonsoir,
Voilà le résultat de hisjack
mais à ma connaissance l'évaluation est bonne.

Bon demain je relance Mbam car après avoir posté j'ai revu le rapport et il me semble effectivement qu'il reste des fichiers non "nettoyés".
Merci et bonne soirée.
Nougat

PS.: Pour info, fils et mari utilisent le même ordi :o que moi

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://portail.free.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay
O4 - HKLM..Run: [Muscbrigade] c:MusicbrigadeMusicbrigade.exe check
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_09injusched.exe"
O4 - HKLM..Run: [HerculesCamService] C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1isuspm.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Magentic] C:PROGRA~1MagenticinMagentic.exe /c
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon
O4 - HKCU..Run: [I.R.I.S. Desktop Search] "C:Program FilesIRIS Desktop SearchIRISDesktopSearch.exe" /tray
O4 - HKCU..Run: [MSMSGS] "c:PROGRA~1MESSEN~1Msmsgs.exe" /background
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsP PlMenu DémarrerProgrammesIMVURun IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1FICHIE~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Google Update Service (gupdate1c95cc316877908) (gupdate1c95cc316877908) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 

Message le 08 Avr 2009 22:41

_ Via HiJackThis, tu supprimes les lignes:

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon
O4 - HKCU..Run: [MSMSGS] "c:PROGRA~1MESSEN~1Msmsgs.exe" /background
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe



_ Tu as des restes de Norton. Tu vas sur ce fil pour récupérer le désinstallateur que tu lances ensuite.


_ Serait-il possible d'avoir le rapport en entier? Il manque toute la premire partie...


Pour ce qui est du nombre d'utilisateurs, autant créer une session limitée pour tout le monde histoire que personne n'installe ni ait aucun privilège d'administrateur. Tu seras sure d'éviter les ennuis. L'inconscience se paiera bientôt cher sur internet, autant commencer l'apprentissage maintenant.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 09 Avr 2009 19:28

Bonsoir,
Voilà la dernière mouture hijack.
Je n'ai encore rien supprimé mais je m'y met et je relance l'antipsyware.
Merci et bonne soirée.
Nougat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:30, on 09/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesJavajre1.5.0_09injusched.exe
C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
C:Program FilesQuickTimeqttask.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe
C:PROGRA~1MESSEN~1Msmsgs.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesMagenticinmgapp.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesYahoo!Messengerymsgr_tray.exe
C:Program FilesJavajre1.5.0_09injucheck.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://portail.free.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay
O4 - HKLM..Run: [Muscbrigade] c:MusicbrigadeMusicbrigade.exe check
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_09injusched.exe"
O4 - HKLM..Run: [HerculesCamService] C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1isuspm.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Magentic] C:PROGRA~1MagenticinMagentic.exe /c
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon
O4 - HKCU..Run: [I.R.I.S. Desktop Search] "C:Program FilesIRIS Desktop SearchIRISDesktopSearch.exe" /tray
O4 - HKCU..Run: [MSMSGS] "c:PROGRA~1MESSEN~1Msmsgs.exe" /background
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsP PlMenu DémarrerProgrammesIMVURun IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1FICHIE~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Google Update Service (gupdate1c95cc316877908) (gupdate1c95cc316877908) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 

Message le 09 Avr 2009 19:55

Bonjour.


Ok.

Ta version d'Internet Explorer n'est pas à jour, tu installes la version 7 ici.

Fais les suppressions HiJackThis, lance Mbam, passe le désinstallateur Norton puis refais un scan HiJackThis.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 11 Avr 2009 09:04

Bonjour,
Voila, j'ai exécuté les tâches préconisées tant par doudou que par toi; cependant je n'ai pas réussi à télécharger les mises à jour internet explorer 7 ( échec à la fin ) et à l'analyse avec l'antipsyware, il reste un fichier infecté impossible à mettre en quarantaine ( je ne retrouve pas lequel ) . Il a été détectée lors de la dernière analyse "après opération".
Les autres préconisations sont OK ( norton.... )
Je pense que les problèmes sont éliminés à 99% non ?
En tout cas je te remercie
Nougat

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesJavajre1.5.0_09injusched.exe
C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe
C:Program FilesMagenticinmgapp.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesJavajre1.5.0_09injucheck.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://portail.free.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay
O4 - HKLM..Run: [Muscbrigade] c:MusicbrigadeMusicbrigade.exe check
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_09injusched.exe"
O4 - HKLM..Run: [HerculesCamService] C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1isuspm.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Magentic] C:PROGRA~1MagenticinMagentic.exe /c
O4 - HKCU..Run: [I.R.I.S. Desktop Search] "C:Program FilesIRIS Desktop SearchIRISDesktopSearch.exe" /tray
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsPierre-Olivier PluviMenu DémarrerProgrammesIMVURun IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1FICHIE~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Google Update Service (gupdate1c95cc316877908) (gupdate1c95cc316877908) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision C
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 

Message le 11 Avr 2009 09:16

Bonjour.


_ Le rapport HiJackThis n'est pas complet :roll:


_ Tu supprimes les lignes suivantes:

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon



_ Pour le rapport Mbam, tu lances l'utilitaire puis tu vas sur l'onglet Rapports/Logs et tu trouveras le rapport. Tu récupères le nom & l'emplacement du fichier posant problème.


_ A propos de ton Windows, c'est une version légale? Tu as des soucis avec les mises à jour d'habitude?
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 11 Avr 2009 10:08

Re(bonjour)
Voilà le résultat complet d'hijack ; en fait je n'ai pas l'impression d'avoir supprimé des éléments sauf les lignes ci-dessous.

Je vais aller supprimer les fichiers inutiles après.

Le fichier impossible à mettre en quarantaine avec l'antispy est C:Program FilesEoRezo (Rogue.Eorezo) -> Delete on reboot.

Enfin ma version Windows est tout à fait légale; en voulant installer les mises à jour j'ai pris soin de désactiver Avast; par le passé je n'avais jamais utilisé la fonction mise à jour. Oui, je sais, il faudrait un permis pour internet.....
Merciiiii.
Nougat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:41, on 11/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesJavajre1.5.0_09injusched.exe
C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe
C:Program FilesMagenticinmgapp.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesJavajre1.5.0_09injucheck.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
c:Program FilesMicrosoft WorksWksWP.exe
c:Program FilesMicrosoft WorksWkDStore.exe
C:Program FilesMicrosoft Workswkgdcach.exe
c:Program FilesMicrosoft WorksWksWP.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://portail.free.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_3_19_0.dll
O3 - Toolbar: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay
O4 - HKLM..Run: [Muscbrigade] c:MusicbrigadeMusicbrigade.exe check
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_09injusched.exe"
O4 - HKLM..Run: [HerculesCamService] C:Program FilesHerculesHercules DualPix HD WebcamCamService.exe
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1isuspm.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Magentic] C:PROGRA~1MagenticinMagentic.exe /c
O4 - HKCU..Run: [I.R.I.S. Desktop Search] "C:Program FilesIRIS Desktop SearchIRISDesktopSearch.exe" /tray
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07inssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:Program FilesGoogleGoogle GearsInternet Explorer.5.4.2gears.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsPierre-Olivier PluviMenu DémarrerProgrammesIMVURun IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @c:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:Program FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1FICHIE~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Google Update Service (gupdate1c95cc316877908) (gupdate1c95cc316877908) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver1150Intel 32IDriverT.exe

--
End of file - 9907 bytes :roll: :o
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 

Message le 11 Avr 2009 11:34

Alors:


_ EoRezo est un rogue, une sal*p*r*e de première!

Lance Mbam qui le supprimera en demandant surement un redémarrage pour l'effectuer.


_ Tu fais les même suppressions que précédemment, rien n'a été supprimé.

Tu coches toutes les lignes sus-nommées puis tu cliques sur Fix checked.


_ Tu télécharges Dia-a-fix en format .ZIP que tu décompresses ensuite sur le Bureau.

Tu lances l'utilitaire en double-cliquant dessus.

Tu cliques sur le double V en vert qui permet de cocher toutes les entrées.

Tu valides le nettoyage en cliquant sur Go.

Tu redémarres et tu verras si les mises-à-jour sont opérationnelles ou non.

Tu tentes alors la mise à jour d'Internet Explorer.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Bon, ce soir j'arrête

Message le 11 Avr 2009 17:33

Bonsoir,

Je te rend compte de ce que j'ai gfait ou tenté de faire.

- lancement de Mbam : j'ai trouvé le même EoRezo et je ne sais pas s'il est supprimé :o . il apparait tjrs dans une liste

- j'ai supprimé les lignes inutiles , là c'est :D

- j'ai enregistré dia-a-fix puis ouvert avec beaucoup de difficultés; après GO, j'ai cliqueé sur flush software distribution ( j'avais cherché un complément d'info sur le net pour me débrouiller seule !!!! ). je n'ai pas compris les infos en anglais et je n'ai jamais pu redémarrer l'ordi; il ne se fermait plus également .
J'ai fermé l'alimentation.

- La mise à jour internet a échoué.

Bon je reprendrai ultérieurement car j'ai peur de tout "planter".

Merci et bon week-end.

Nougat
Nougat
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 31 Juil 2008 09:14
 



Sujets similaires

Message verification et réparation du disque C impossible
Bonjour j'ai un PC dell sous Windows 11j'ai un souci au niveau du disque C , en effet au démarrage , il tente de faire une analyse et réparation du lecteur (C), mais rien ne se passe le pc redémarre normalement sans analyse ni réparationJ'ai tenté la réparation manuellement sous l'invite de commande ...
Réponses: 4

Message Installation malveillante AVAST
BonjourMon père s'est fait prendre la main sur son PC pour installer AVAST.Suite à cette opération à 220 euros, je lui ai fait mettre opposition sur sa carte, 5 tentatives de prélévement ont bien été faites.On vient de passer FRST.Quelqu'un peut m'aider si nécessaire ?Merci de votre aidehttps://pjjo ...
Réponses: 2

Message impossible à recharger ma tablette samsung
Bonjour , je me suis acheté l'année dernière la tab s8 ultra que j'ai redonnée à mon fils et je me suis procuré la tab s9 ultra ensuite . A savoir que si j'ai acheté une tablette c'est pour mes vacances , donc hors maison , où j'ai mon pc de bureau . Donc en voyageant pas mal sous les tropiques ...
Réponses: 4

Message impossible de supprimer un dossier
Salut tout le monde depuis quelques jours bizarrement lorsque je veut renommer ou supprimer un dossier lambda de plus créer par moi-même le système me le refuse soi-disant dossier en cours d'utilisation alors que je n'ai laissé absolument rien d'ouvert du moins en apparence sur mon pc voici un exemp ...
Réponses: 4

Message [Réglé] choix anti virus
bonjour a tous, je viens de changer mon pc et j'aimerai vos avis sur le choix de l anti virus.
Réponses: 8

Message Mise a jour impossible
Bonjour J'ai 71 mises à jour à faire, j'ai la petite bulle orange sur mon icône de gestionnaire de mise à jour, si je clique sur installer les mises à jour, ça tourne dix secondes, puis l'icône disparait, je suis obligé d'aller dans le menu, pour cliquer dessus et le faire réapparaître dans ma barre ...
Réponses: 14

Message HELP je pense avoir un virus
Bonsoir,Première fois que ce genre de chose m'arrive, j'ai d'abord été hackée sur Instagram, pensant que ca s'arrêterait làEnsuite ca a été au tour de STEAM malgré le steam guard ( identification à 2 facteurs) puis Linkedin !! Je n'ai eu aucune alerte de connexion, que ce soit par sms ou email !! J' ...
Réponses: 12


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 8 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.
cron