Sujet Précédent Sujet Suivant

Rapport log

amineouin -  
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3462
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/03/2009 12:16:16
mbam-log-2009-03-05 (12-16-16).txt

Type de recherche: Examen rapide
Eléments examinés: 113739
Temps écoulé: 25 minute(s), 8 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 29

Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LanguagePack.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LocalSettings.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Cl.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\ScheduleAP.txt (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Désinstaller Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

3 réponses

Réponse 1 / 3
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Bonjour

Il y avait beaucoup de choses dont du navipromo

On va vérifier que tout est nettoyé :

Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Double clique sur le raccourci Navilog1 présent sur le bureau.

Laisse-toi guider. Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.

< Ne fais pas le choix 2 >

Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.

Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.

PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
0
Réponse 2 / 3
amineouin
 
merci
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3462
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/03/2009 12:16:16
mbam-log-2009-03-05 (12-16-16).txt

Type de recherche: Examen rapide
Eléments examinés: 113739
Temps écoulé: 25 minute(s), 8 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 29

Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LanguagePack.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LocalSettings.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Cl.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\ScheduleAP.txt (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Désinstaller Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
0
Réponse 3 / 3
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Non, ça c'est le rapport de MBAM après suppression :-)
Fais quand même navilog et poste le rapport stp.
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
TI college plus (calculatrice probleme)
help39 -
Utilisateur anonyme -

3 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses