Sujet Précédent Sujet Suivant

Analyse micro-hijackthis

Fermé
sukky - 17 avril 2010 à 17:57
 Utilisateur anonyme - 18 avril 2010 à 09:48
Pouvez vous analyser le Hijackthis envoyé ci-dessous et me dire ce que je dois faire s'il vous plaît
Merci pour votre aide

sukky



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:58:03, on 04/02/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\AstSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\cfp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Real\RealOne Player\RealPlay.exe
C:\Program Files\Real\RealOne Player\RealPlay.exe
C:\Program Files\Real\RealOne Player\RealPlay.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Documents and Settings\Gantet\Bureau\HiJackThis_v2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\cfp.exe" -h
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\cfp.exe" -h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [cfohsfjeb] c:\windows\system32\cfohsfjeb.exe cfohsfjeb (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [wyonhoizi] c:\windows\system32\wyonhoizi.exe wyonhoizi (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [hqeoaplvcb] c:\windows\system32\hqeoaplvcb.exe hqeoaplvcb (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [Salestart] "C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe" dm=http://erreurchasseur.com; ad=http://erreurchasseur.com (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [msnmsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [cdoosoft] C:\DOCUME~1\Jonathan\LOCALS~1\Temp\herss.exe (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [Google Update] "C:\Documents and Settings\Jonathan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [xisdoy] "c:\documents and settings\jonathan\local settings\application data\xisdoy.exe" xisdoy (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\Run: [nod32] C:\DOCUME~1\Jonathan\LOCALS~1\Temp\nodqq.exe (User 'Jonathan')
O4 - HKUS\S-1-5-21-602162358-583907252-725345543-1012\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p (User 'Jonathan')
O4 - S-1-5-21-602162358-583907252-725345543-1012 Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User 'Jonathan')
O4 - S-1-5-21-602162358-583907252-725345543-1012 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Jonathan')
O4 - S-1-5-21-602162358-583907252-725345543-1012 User Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User 'Jonathan')
O4 - S-1-5-21-602162358-583907252-725345543-1012 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Jonathan')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\AstSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\cmdagent.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
A voir également:

2 réponses

Réponse 1 / 2
Utilisateur anonyme
17 avril 2010 à 18:06
Bonjour,

Commence par ceci stp,

Fais un scan avec cet antispyware :
Malwarebytes + tutoriel

Tu l'installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l'onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t'es demandé de redemarrer > click sur "oui".
A la fin un rapport va s'ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.

a+
0
sukky
18 avril 2010 à 07:41
Voicile rapport de malwarebytes.
merci pour ton aide

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 3930

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/02/2002 12:52:42
mbam-log-2002-02-05 (12-52-42).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 240162
Temps écoulé: 8 heure(s), 37 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 33

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FOPF (Rogue.AVSystemShield) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\bootstera (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\DADOU 1\Local Settings\Application Data\hbbvqk_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\DADOU 1\Local Settings\Application Data\hbbvqk_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\DADOU 1\Local Settings\Application Data\hbbvqk.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\DADOU 1\Local Settings\Application Data\hbbvqk.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gantet\Local Settings\Application Data\cocpcw_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gantet\Local Settings\Application Data\cocpcw_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gantet\Local Settings\Application Data\cocpcw.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Application Data\xisdoy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Application Data\xisdoy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Application Data\xisdoy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Application Data\xisdoy.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\1hqup.exe (Trojan.Valklik) -> Quarantined and deleted successfully.
C:\31lyx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\9d6tpg.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\ji83j.exe (PWS.Frethog) -> Quarantined and deleted successfully.
C:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\c2e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jean-Gabriel\Local Settings\Temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jean-Gabriel\Local Settings\Temp\cvasds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\AIS7NSIZ\gibsvc[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\8xcrbho6.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\cavscan.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\cavshell.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\cfp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Temp\cvasds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Temp\cvasds1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jonathan\Local Settings\Temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Damaris\Local Settings\Temp\WinAntiSpyware2006Setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 2 / 2
Utilisateur anonyme
18 avril 2010 à 09:48
Ok,

Relance MBAM, vas dans l'onglet "quarantaine" et supprime tout.

Pour vérifier s'il reste des traces de Navipromo :

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.exe pour le télécharger
Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valide.


Patiente jusqu'au message :
*** Analyse Terminée le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (C:\fixnavi.txt)
poste le rapport obtenu

Ensuite:


Télécharge RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l'analyse .
Utilise http://www.cijoint.fr/ pour joindre les rapports.
Les rapports sont dans le dossier ici C:\rsit

a+
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses
Echec analyse antivirus lors de téléchargement
mathelp_3935 -
Malekal_morte- -

19 réponses
Comment obtenir le caractère µ sur le clavier Androïd
marsupilami1947 -
Pierr10 -

3 réponses
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse