Sujet Précédent Sujet Suivant

Infection par Vista internet security 2010

Résolu/Fermé
lapaumeedupc1 Messages postés 394 Date d'inscription lundi 29 octobre 2007 Statut Membre Dernière intervention 10 mars 2014 - 18 févr. 2010 à 15:58
lapaumeedupc1 Messages postés 394 Date d'inscription lundi 29 octobre 2007 Statut Membre Dernière intervention 10 mars 2014 - 18 févr. 2010 à 17:22
Bonjour,

J'essaie de donner un coup de main à une copine.......
Apparemment, son pc portable sous vista serait infectée par Vista Internet Security. Au démarrage, il n'y a que des alertes indiquant une infection per des virus, vers, trojans,.....
Je suis donc passée par le mode sans échec avec prise en charge du réseau et ai installé pour le moment SpyBot. Elle n'a que Antivir et pour le moment plus de parefeu !!!
En cherchant des infos, j'ai lu qu'il fallait une désinfection plus poussée d'où mon appel envers la communauté de CCM :))

J'ai fait un Hijackthis dont voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:45:38, on 18/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Users\sophie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sophie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sophie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sophie\Documents\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {01952906-A616-451C-86E2-1AB236F30BE3} - C:\Windows\System32\DDACLSys32.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: seekgadget search enhancer - {1985C5D3-063C-EBA8-6D0F-6D58ABEE71C8} - C:\Windows\system32\fxklgthqwvqizfusv.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: profitharbor browser enhancer - {5B8AA290-670B-2E74-3AB5-9401FD345974} - C:\Windows\system32\xnmcfnvvqoa.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [geyujbxvrbaldnjph] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\xnmcfnvvqoa.dll"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4543] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5737] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7654] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1112] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7551] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2237] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9194] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7093] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3356] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST"
O4 - HKLM\..\RunOnce: [SpybotDeletingC686] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3087] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4649] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8992] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7430] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5592] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5724] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\cool lite iso.04eahi"
O4 - HKCU\..\Run: [Google Update] "C:\Users\sophie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB3585] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6412] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6803] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4664] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9166] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8911] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7008] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9034] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4859] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1829] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5247] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6041] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4926] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9935] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5449] command.com /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5161] cmd.exe /c del "C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\sophie\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\Windows\System32\dmutil32.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:

2 réponses

Réponse 1 / 2
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
18 févr. 2010 à 15:59
Salut

Télécharger sur le bureau

Malwarebyte's Anti-Malware

= double-clic sur [b]mbam-setup[/b] pour lancer l'installation
= Installer simplement sans rien modifier
= Quand le programme lancé ==> cocher [b]Exécuter un examen complet [/b]
= Clic [b] Rechercher[/b]
= Eventuellement décocher les disque à ne pas analyser
= Clic [b]Lancer l'examen [/b]
= En fin de scan ( 1h environ), si infection trouvée
==> Clic [b] Afficher résultat[/b]
= Fermer vos applications en cours
= Vérifier si tout est coché et clic [b]Supprimer la sélection[/b]

un rapport s'ouvre le copier et le coller dans la réponse
0
Réponse 2 / 2
lapaumeedupc1 Messages postés 394 Date d'inscription lundi 29 octobre 2007 Statut Membre Dernière intervention 10 mars 2014 211
18 févr. 2010 à 17:22
Merci de ta rapidité
Voici le rapport:

' Anti-Malware 1.44
Version de la base de données: 3755
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18882

18/02/2010 17:18:52
mbam-log-2010-02-18 (17-18-52).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 316019
Temps écoulé: 59 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\plxrffdpxc (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5b8aa290-670b-2e74-3ab5-9401fd345974} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b8aa290-670b-2e74-3ab5-9401fd345974} (Adware.AdRotator) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\geyujbxvrbaldnjph (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\dmutil32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\dmutil32.dll -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\sophie\AppData\Local\Temp\cv42A5A.tmp (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Users\sophie\AppData\Local\Temp\cv471C6.tmp (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Users\sophie\AppData\Local\Temp\cv49655.tmp (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\System32\cmcfg3232.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\dmutil32.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\plxrffdpxc.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Users\sophie\AppData\Local\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Users\sophie\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully.
C:\Windows\System32\xnmcfnvvqoa.dll (Trojan.Agent) -> Quarantined and deleted successfully.
0

Discussions similaires

Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses
Formaté mais pas de connexion Internet ?
VissErale -
VissErale -

4 réponses
Code de réinitialisation mdp facebook sans le demander
Colonel_El_Moustachat -
Colonel_El_Moustachat -

4 réponses
Security boot fail lors du démarrage
Steu -
NBK -

4 réponses
SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses