Sujet Précédent Sujet Suivant

Log file

Fermé
amineouin - 31 déc. 2009 à 13:28
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 - 31 déc. 2009 à 14:10
Bonjour,Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3462
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/03/2009 12:16:16
mbam-log-2009-03-05 (12-16-16).txt

Type de recherche: Examen rapide
Eléments examinés: 113739
Temps écoulé: 25 minute(s), 8 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 29

Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LanguagePack.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LocalSettings.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Cl.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\ScheduleAP.txt (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Désinstaller Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3462
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/03/2009 12:16:16
mbam-log-2009-03-05 (12-16-16).txt

Type de recherche: Examen rapide
Eléments examinés: 113739
Temps écoulé: 25 minute(s), 8 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 29

Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\aqiuqaq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\icmocoq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LanguagePack.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LocalSettings.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Cl.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\ScheduleAP.txt (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Désinstaller Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
A voir également:

3 réponses

Réponse 1 / 3
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
31 déc. 2009 à 13:44
que veux tu?tu balances un rapport sans rien dire. tu pourrais etre plus explicite tout de meme.
0
Réponse 2 / 3
amineouin
31 déc. 2009 à 13:51
bonjour desolé j'ai mon pc qui rame merci
0
Réponse 3 / 3
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
31 déc. 2009 à 14:10
deja pas mal de choses d enlever. on va verifier.

on va analyser ton pc.

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0

Discussions similaires

TI college plus (calculatrice probleme)
help39 -
Whismeril -

3 réponses
no such file or directory
moise02 -
moise02 -

15 réponses