Processus I.E. encombrants

Résolu
Melody_1 Messages postés 154 Statut Membre -  
lance_yien Messages postés 2771 Date d'inscription   Statut Contributeur -
Bonjour, je sais très bien qu'Internet Explorer est un composant indissociable de Windows, y a t-il un moyen de le mettre en sommeil ?
Celui ci m'ouvre des fichiers processus dans le gestionnaire des taches qui utlisent de la mémoire vive.
Dans la mesure ou je n'utilise que FireFox, qu'elle est la manipulation si elle existe pour bloquer I.E et ne le débloquer que si c'est nécessaire.
Merci d'avoir pris la peine de me lire et peut être d'apporter une solution.
Melody_1.
Configuration: Windows XP
Firefox 1.5.0.11

6 réponses

  1. lance_yien Messages postés 2771 Date d'inscription   Statut Contributeur 257
     
    bonjour melody,

    IE est indispensable surtout pour les mises à jour
    d'autre part si tu trouves qu'il tourne un peu trop c'est parce qu'il y a des procesus qui l'activent (et souvent pas des plus sympathique pour ton système) mais on peut le contrôler:
    clic sur mon nom en haut de ce message puis sur le lien du site perso,
    dans la fenêtre qui s'ouvre choisis "utilitaires" pour installer "hijackthis" et poster un rapport de scan

    a+ ;)
    0
    1. Melody_1 Messages postés 154 Statut Membre 8
       
      Bonsoir, je te remercie de ton aide Lance_yen, je me suis rendu sur ton site et j'ai téléchargé Hijackthis.
      Malheureusement j'ai arrété les processus IE avec le gestionnaire des taches et ils ne sont donc plus visibles sur le rapport Hijackthis.
      Voici dessous:

      Logfile of HijackThis v1.99.1
      Scan saved at 22:38:06, on 29/03/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16414)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      C:\Program Files\Wanadoo\taskbaricon.exe
      C:\WINDOWS\system32\winsys2.exe
      C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
      C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\DOCUME~1\admin\LOCALS~1\Temp\86exgmail50g2.0.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O3 - Toolbar: (no name) - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - (no file)
      O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
      O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
      O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
      O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
      O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
      O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
      O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
      O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe" autostart
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - Startup: Big Ben.lnk = C:\Program Files\BIG BEN\Big Ben.exe
      O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
      O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
      O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
      O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
      O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
      O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
      O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
      O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1117708801090
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O17 - HKLM\System\CCS\Services\Tcpip\..\{77B5C3C0-2D66-4149-A23C-5938EEEFC0EA}: NameServer = 192.168.1.1
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
      0
  2. lance_yien Messages postés 2771 Date d'inscription   Statut Contributeur 257
     
    bonjour,

    ton pc est infecté:

    clic sur mon nom en haut de ce message puis sur le lien du site perso,
    dans la fenêtre qui s'ouvre choisis:

    1°) "désinfection-nettoyage" et fais la procédure complète

    2°) "utilitaires" pour faire le "scan avec bitdefender", enregistre le rapport généré sur ton bureau pour le poster avec un nouveau hijackthis

    a+ ;)
    0
    1. Melody_1 Messages postés 154 Statut Membre 8
       
      Bonsoir lance_yien j'ai suivi la procédure de nettoyage et désinfection comme tu m'as indiqué jusqu'au scan de Hijackthis, le voici collé, pour Bitdefender je n'ai pas pu faire le scan car il me demande de l'acheter, j'ai déjà acheter Kapersky cette année et il est à jour.
      Merci de ton aide sympa.
      @+

      Logfile of HijackThis v1.99.1
      Scan saved at 21:09:25, on 30/03/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16414)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      C:\Program Files\Wanadoo\taskbaricon.exe
      C:\WINDOWS\system32\winsys2.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\DOCUME~1\admin\LOCALS~1\Temp\89exym50_2.5.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\DOCUME~1\admin\LOCALS~1\Temp\78exgmail50g2.0.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\DOCUME~1\admin\LOCALS~1\Temp\76exinjs.a3.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
      O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
      O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
      O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
      O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
      O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
      O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
      O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe" autostart
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - Startup: Big Ben.lnk = C:\Program Files\BIG BEN\Big Ben.exe
      O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
      O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
      O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
      O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
      O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
      O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
      O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
      O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1117708801090
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O17 - HKLM\System\CCS\Services\Tcpip\..\{77B5C3C0-2D66-4149-A23C-5938EEEFC0EA}: NameServer = 192.168.1.1
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH -
      0
    2. kenitax Messages postés 367 Date d'inscription   Statut Membre Dernière intervention   92
       
      Salut et excusez-moi d'intervenir au milieu de vos logs.
      Mais juste une question melody.
      Quand tu dis que internet explorer lance des "fichiers processus dans le gestionnaire des taches" es-tu sûr de ne pas confondre avec le processus "explorer" ?
      Celui ci est indispensable à Windows et n'a rien à voir avec IE et il ne faut pas le confondre avec "iexplorer" qui lui est bien lancé par internet explorer.

      Sur ce, je vous laisse entre vous régler le problème de virus.

      @+
      0
    3. Melody_1 Messages postés 154 Statut Membre 8
       
      Bonsoir kenitax, je suis absolument sûr le processus explorer.exe je le connais, les autres sont des processus iexplore.exe, la difference est distincte par l'appellation.
      0
  3. lance_yien Messages postés 2771 Date d'inscription   Statut Contributeur 257
     
    bonjour vous deux,

    melody,

    1°) réfères-toi au lien de téléchargement de hijackthis pour "fixer" ces lignes:

    ATTENTION: si l'adresse aux lignes R1 est installée sciemment il ne faut pas les cocher

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
    O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe


    après redémarrage supprimes ces fichiers (en gras):

    C:\WINDOWS\system32\winsys2.exe
    C:\WINDOWS\system\smss.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\DOCUME~1\admin\LOCALS~1\Temp\89exym50_2.5.exe
    C:\DOCUME~1\admin\LOCALS~1\Temp\78exgmail50g2.0.exe
    C:\DOCUME~1\admin\LOCALS~1\Temp\76exinjs.a3.exe

    ((si dificultés de suppression passer en mode sans échec pour le faire))

    2°) redémarres ton pc et au retour vérifies qu'il n'y aie pas d'anomalie
    si tout est ok vides ta corbeille

    3°) il faut absolument arriver à faire le "scan avec bitdefender"
    jusqu'à hier soir (où j'ai eu rapport d'un internaute à qui on n'a pas demandé de faire un achat)
    qd tu cliques sur le lien indiqué une fenêtre s'ouvre et dans laquelle il faut cliquer sur "I agree" pour accepter l'installation d'un activeX (une barre jaune peut se manifester en haut de ton navigateur et sur laquelle il faut cliquer et choisir installer l'activex),
    dans la 2eme fenêtre il faut presser "click her to scan"
    0
  4. Melody_1 Messages postés 154 Statut Membre 8
     
    Bonsoir lance_yien, ma difficulté à me connecter à Bitdefender était qu'il fallait I.E, affaire donc faite, voici les deux rapports.
    Je te suis extrèmement reconnaissant pour ton aide.
    Melody.

    Logfile of HijackThis v1.99.1
    Scan saved at 21:20:43, on 31/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\Wanadoo\taskbaricon.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
    O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
    O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Big Ben.lnk = C:\Program Files\BIG BEN\Big Ben.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1117708801090
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{77B5C3C0-2D66-4149-A23C-5938EEEFC0EA}: NameServer = 192.168.1.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH -

    BitDefender Online Scanner

    Scan report generated at: Sat, Mar 31, 2007 - 21:03:38

    Scan path: C:\;D:\;E:\;

    Statistics

    Time

    01:09:28

    Files

    475366

    Folders

    3946

    Boot Sectors

    3

    Archives

    2545

    Packed Files

    51340

    Results

    Identified Viruses

    4

    Infected Files

    30

    Suspect Files

    36

    Warnings

    0

    Disinfected

    0

    Deleted Files

    66

    Engines Info

    Virus Definitions

    409468

    Engine build

    AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

    Scan plugins

    14

    Archive plugins

    38

    Unpack plugins

    6

    E-mail plugins

    6

    System plugins

    1

    Scan Settings

    First Action

    Disinfect

    Second Action

    Delete

    Heuristics

    Yes

    Enable Warnings

    Yes

    Scanned Extensions

    *;

    Exclude Extensions

    Scan Emails

    Yes

    Scan Archives

    Yes

    Scan Packed

    Yes

    Scan Files

    Yes

    Scan Boot

    Yes

    Scanned File

    Status

    C:\Documents and Settings\admin\Local Settings\Temp\0exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\0exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\0exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\0exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\0exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\0exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\10exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\10exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\10exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\11exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\11exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\11exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\12exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\12exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\12exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\18exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\18exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\18exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\19exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\19exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\19exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\20exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\20exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\20exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\21exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\21exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\21exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\21exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\21exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\21exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\26exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\26exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\26exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\26exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\26exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\26exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\27exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\27exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\27exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\29exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\29exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\29exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\31exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\31exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\31exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\31exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\31exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\31exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\32exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\32exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\32exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\33exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\33exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\33exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\34exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\34exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\34exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\34exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\34exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\34exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\35exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\35exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\35exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\35exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\35exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\35exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\38exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\38exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\38exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\38exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\38exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\38exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\39exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\39exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\39exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\39exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\39exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\39exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\42exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\42exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\42exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\48exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\48exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\48exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\4exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\4exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\4exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\51exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\51exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\51exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\55exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\55exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\55exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\56exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\56exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\56exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\57exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\57exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\57exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\58exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\58exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\58exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\59exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\59exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\59exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\5exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\5exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\5exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\60exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\60exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\60exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\60exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\60exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\60exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\62exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\62exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\62exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\63exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\63exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\63exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\65exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\65exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\65exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\66exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\67exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\67exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\67exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\71exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\71exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\71exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\71exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\71exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\71exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\74exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\74exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\74exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\74exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\74exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\74exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\7exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\7exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\7exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\80exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\80exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\80exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\82exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\82exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\82exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\82exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\82exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\82exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\83exhdda.5.exe

    Infected with: BehavesLike:Win32.ExplorerHijack

    C:\Documents and Settings\admin\Local Settings\Temp\83exhdda.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\83exhdda.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\87exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\87exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\87exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\87exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\87exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\87exyp.3.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\89exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\89exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\89exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\91exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\91exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\91exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\92exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\92exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\92exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\95exgmi.5.exe

    Infected with: Trojan.Medbod.B

    C:\Documents and Settings\admin\Local Settings\Temp\95exgmi.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\95exgmi.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\97exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\97exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\97exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\98exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\98exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\98exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\98exssd32a.5.exe

    Infected with: Generic.Spammer.06E30839

    C:\Documents and Settings\admin\Local Settings\Temp\98exssd32a.5.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\98exssd32a.5.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\99exgmail50g2.0.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\Documents and Settings\admin\Local Settings\Temp\99exgmail50g2.0.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\99exgmail50g2.0.exe

    Deleted

    C:\Documents and Settings\admin\Local Settings\Temp\9exyp.3.exe

    Suspected of: Generic.Malware.Yd.F95C8483

    C:\Documents and Settings\admin\Local Settings\Temp\9exyp.3.exe

    Disinfection failed

    C:\Documents and Settings\admin\Local Settings\Temp\9exyp.3.exe

    Deleted

    C:\System Volume Information\_restore{09A565A2-2CBC-497E-84D5-8FD1D90B6A75}\RP696\A0139634.exe

    Suspected of: Generic.Malware.Yd.B8E905AA

    C:\System Volume Information\_restore{09A565A2-2CBC-497E-84D5-8FD1D90B6A75}\RP696\A0139634.exe

    Disinfection failed

    C:\System Volume Information\_restore{09A565A2-2CBC-497E-84D5-8FD1D90B6A75}\RP696\A0139634.exe

    Deleted

    C:\WINDOWS\system\smss.exe

    Infected with: DeepScan:Generic.Horst.8C03C9CE

    C:\WINDOWS\system\smss.exe

    Disinfection failed

    C:\WINDOWS\system\smss.exe

    Deleted
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Melody_1 Messages postés 154 Statut Membre 8
     
    Bonjour, je reste sur une impression plutôt positive et optimiste quand à la résolution de mon problème, néanmoins j'observe par modestie une certaine retenue sur toutes certitudes.
    Personnellement, je peux dire que c'est résolu, les rapports parlent d'eux mêmes. Je n'ai plus de processus indésirables qui tournent à mon insu, le gestionnaire des taches atteste maintenant depuis une douzaine d'heures cet état.
    Un clin d'oeil à lance_yien qui à su m'assisté tout au long de mon parcours et à qui je lève respectueusement mon chapeau.
    Un ami te donne un poisson, un bon ami t'append à le pêcher.
    Melody
    0
  7. lance_yien Messages postés 2771 Date d'inscription   Statut Contributeur 257
     
    bonjour melody,

    bien content de t'avoir aidé efficacement et surtout bravo à toi pour avoir persévérer
    0