Sujet Précédent Sujet Suivant

Infostealer (virus)

Résolu
greg35 Messages postés 185 Statut Membre -  
greg35 Messages postés 185 Statut Membre -
Bonjour,

Lors du sernier scan effectué par Norton, il est ressorti que j'étais infecté par un virus appelé "Infostealer".

Le message à la fin du scan était le suivant : "Infostealer ne peut pas être supprimé d'un fichier non pris en charge".

Sur ce, j'ai effectué la manipulation qui semblait possible ( j'ai juste cliqué à un endroit, en fait) et Norton m'a dit que le virus était supprimé.

Par prudence, je viens de faire un nouveau scan...et j'ai eu le même message, avec à nouveau la possibilité de supprimer le virus, ce que j'ai fait après quoi Norton m'a dit que tout était OK ... !

Mais tout est-il vraiment OK ??

Je consulte souvent mon compte en banque sur internet et ça m'inquiète un peu !

Quelqu'un peut-il me dire ce que je devrais faire pour être sûr d'être débarassé définitivement de ce virus ?

Merci beaucoup !
A voir également:

44 réponses

Réponse 1 / 44
raptor789 Messages postés 835 Statut Membre 25
 
pour vérifier et faire un petit nettoyage,

Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre-le sur ton Bureau à partir de ce lien :

https://www.commentcamarche.net/telecharger/ 34055379 malwarebyte s anti malware

A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

Redémarre ton ordinateur en mode sans échec

Relance MBAM grâce au raccourci présent sur ton bureau.

Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

Ferme MBAM en cliquant sur Quitter.

Poste le rapport dans ta réponse
1
Réponse 2 / 44
raptor789 Messages postés 835 Statut Membre 25
 
je ne sais pas s'il te reste des infections désolé...je laisse l'avis à une personne confirmée.

bonne soirée
1
Réponse 3 / 44
greg35 Messages postés 185 Statut Membre 2
 
Sniff ! Personne pour m'aider ?
0
Réponse 4 / 44
raptor789 Messages postés 835 Statut Membre 25
 
télécharge malwarebytes anti-malware : http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware

voici le tuto : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

met le à jour avant de le lancer, puis fais un scan complet de ton ordinateur et envoie le log.

pour le mettre en français, ouvre malwarebytes, clique sur l'onglet "setting" et choisit la langue française.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 44
greg35 Messages postés 185 Statut Membre 2
 
Bonsoir Raptor789 et merci pour ton aide.

J'ai utilisé le logiciel que tu m'as indiqué mais j'ai eu quelques soucis avec .

A de nombreuses reprises pendant le scan ( plus d'une heure !), j'ai eu le même message d'erreur ( Error code 731 (0,9) ) me demandant d'envoyer un message au support de malwarebytes anti-malware...

A chaque fois j'ai cliqué OK ( parfois j'ai du m'y reprendre à plusieurs fois pour que le scan redémarre).

A la fin, je n'ai pas eu de log. La page est restée désespérément vide ( toute la nuit !).

Bref, je ne suis pas plus avancé qu'hier.

Une idée ?

Merci !!
0
Réponse 6 / 44
raptor789 Messages postés 835 Statut Membre 25
 
bien, on va cherché avant d'où vient l'infection,

postes un rapport hijackthis

HijackThis est un outil développé par merijn, capable de détecter les composants ajoutés à votre navigateur, les programmes lancés au démarrage du système, etc. Le programme vous permet de consulter tous les éléments et éventuellement de les retirer de l'ordinateur. HijackThis est, par exemple, en mesure de forcer le changement de la page d'accueil. Cette fonction est particulièrement utile lorsque votre navigateur ne vous permet plus de modifier la page d'accueil car un site se l'est appropriée ! Le logiciel peut également enregistrer des paramètres par défaut et ignorer certains éléments définis.

télécharge Hijackthis : http://www.trendsecure.com/portal/en-US/tools/security_tools­/hijackthis

.cliques sur download
.cliques sur download Hijackthis installer
.enregistres le sur le bureau
.Tu fermes tout les programmes ouverts y compris le navigateur. sauf ton anti-virus et pare-feux
.installes le , il va s'installer par défaut dans C:\Program Files\Trend Micro\HijackThis
.Cliques sur "Do a system scan and save the logfile"
.Cela va t'ouvrir un bloc note à la fin du scan.
.Copie son contenu et poste le dans ton prochain message. sinon le rapport est dans C:\Program Files\Trend Micro\HijackThis\ hijackthis "document texte"

des expliquations en images : http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm

si besion d'aide :https://www.androidworld.fr/
0
Réponse 7 / 44
greg35 Messages postés 185 Statut Membre 2
 
Re-salut !

Voici le log de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:00:03, on 01/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\Eggiz\Meteo Fusion\Meteo Fusion.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gwenaël\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CF93TNB0\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [Meteo Fusion] "C:\Program Files\Eggiz\Meteo Fusion\Meteo Fusion.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O18 - Protocol: bw+0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
0
Réponse 8 / 44
greg35 Messages postés 185 Statut Membre 2
 
Bonsoir ...

Dois-je faire quelquechose ?

En plus, raptor789 a disparu ... :-(
0
Réponse 9 / 44
raptor789 Messages postés 835 Statut Membre 25
 
re,

désinstalle norton antivirus : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

ensuite installe antivir : http://www.commentcamarche.net/telecharger/telecharger 55 antivir personal

voici un tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/

ensuite, met le à jour et fais un scan de ton ordinateur. s'il détecte des infections, met les en quarantaines pour le moment et postes le rapport.
0
Réponse 10 / 44
greg35 Messages postés 185 Statut Membre 2
 
Bonjour raptor789,

Merci pour ta réponse.

Désinstaller Norton m'ennuie car je n'ai pas de CD d'installation, je l'ai téléchargé. J'ai bien vu qu'on pouvait le re-télécharger, mais je ne sais pas pourquoi, mon numéro de commande et/ou mot de passe ne sont pas reconnus, donc je risque de galérer. C'est bizarre car j'ai acheté le produit en avril, donc ça devrait marcher ... J'ai aussi le numéro de série dans le mail que j'avais reçu suite à ma commande. Et puis le site de Symantec est un vrai labyrinthe ! Je n'ai pas réussi à trouver sur quelle page je pouvais re-télécharger Norton Internet Security 2008... Je ne vois que la version 2009. Bref, je ne sais pas comment je vais me dépatouiller ! Et je n'ai pas trop envie de payer à nouveau !!

Pourtant, j'ai envie d'essayer de faire ce que tu me proposes, car lors d'un nouveau scan, j'ai toujours Infostealer qui apparaît.

Souhaite-moi bonne chance !

Merci.
0
Réponse 11 / 44
greg35 Messages postés 185 Statut Membre 2
 
Re !

J'ai donc désinstallé Norton... à contre-coeur.. puis téléchargé, installé et fait un scan avec Avira.

En voici le log :

Avira AntiVir Personal
Report file date: samedi 4 octobre 2008 13:31

Scanning for 1657668 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-DE-GWENAËL

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 26/09/2008 11:26:50
ANTIVIR3.VDF : 7.0.6.242 169984 Bytes 03/10/2008 11:26:51
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 04/10/2008 11:27:01
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 04/10/2008 11:27:00
AEPACK.DLL : 8.1.2.3 364918 Bytes 04/10/2008 11:26:58
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 04/10/2008 11:26:57
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 04/10/2008 11:26:56
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 04/10/2008 11:26:54
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 04/10/2008 11:26:52
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 04/10/2008 11:26:51
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 4 octobre 2008 13:31

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'HPHC_Service.exe' - '1' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'conime.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Scan process 'WrtProc.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'HPAdvisor.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'HpqSRmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'WrtMon.exe' - '1' Module(s) have been scanned
Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Scan process 'schtasks.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'OSD.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'DQLWinService.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
77 processes with 77 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).

Starting the file scan:

Begin scan in 'C:\' <HP>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\24-FR\24-FR.scr
[DETECTION] Is the TR/Drop.Agent.sdf Trojan
[WARNING] The file was ignored!
C:\ProgramData\Spybot - Search & Destroy\Recovery\RegCleanr.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored!
C:\ProgramData\Spybot - Search & Destroy\Recovery\RegCleanr1.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored!
C:\Users\All Users\Spybot - Search & Destroy\Recovery\RegCleanr.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored!
C:\Users\All Users\Spybot - Search & Destroy\Recovery\RegCleanr1.zip
[DETECTION] Contains suspicious code GEN/PwdZIP
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored!
C:\Users\Gwenaël\Downloads\écran de veille 24-fr.exe
[0] Archive type: RAR SFX (self extracting)
--> 24-FR.exe
[DETECTION] Contains recognition pattern of the DR/Drop.Agent.sdf dropper
--> 24-FR.scr
[DETECTION] Is the TR/Drop.Agent.sdf Trojan
[DETECTION] Is the TR/Agent.1348229 Trojan
[WARNING] The file was ignored!
C:\WINDOWS\System32\24-FR.scr
[DETECTION] Is the TR/Drop.Agent.sdf Trojan
[WARNING] The file was ignored!
Begin scan in 'D:\' <FACTORY_IMAGE>

End of the scan: samedi 4 octobre 2008 14:58
Used time: 1:26:52 Hour(s)

The scan has been done completely.

20266 Scanning directories
533321 Files were scanned
5 viruses and/or unwanted programs were found
4 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
533310 Files not concerned
5945 Archives were scanned
13 Warnings
4 Notes

Vois-tu quelquechose de problématique ?

J'ai cliqué sur "ignore" pour certaines choses, car je pense qu'ils ne posent pas de problème car ce sont des programmes que je connais bien : Spybot et l'écran de veille "24 heures chrono" :-)

J'attends tes instructions pour la suite !

Est-ce que je peux tenter de ré-installer Norton... ?

Merci pour tout!
0
Réponse 12 / 44
greg35 Messages postés 185 Statut Membre 2
 
Bonsoir raptor789 !

Merci encore pour ton aide.

J'ai fait ce que tu m'as indiqué et je poste le log ci-dessous.

Ce qui me surprend, c'est que Evidence Eliminator soit visé comme indésirable . C'est un programe qui est censé nettoyer toutes traces de surf sur la toile ( des fois qu'il nous arrive de nous ballader sur des sites un peu "hots", tu vois ce que je veux dire ?...). C'est un logiciel que j'ai acheté et dont j'ai un CD d'installation. Un programme virus irait-il jusqu'à sortir un CD ??? Bizarre, je trouve !

Bref: voici le log! :

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1234
Windows 6.0.6001 Service Pack 1

06/10/2008 19:33:29
mbam-log-2008-10-06 (19-33-29).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 235174
Temps écoulé: 56 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 141

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\eeshellx.shellext (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0e6117e2-c367-4be3-8045-52669e71b5df} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f272845d-cec2-4f95-92ee-6d08fdfbd471} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7c6e906-b0b8-4810-ae82-71809ed409eb} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Evidence Eliminator Safe Recycle (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Quick Mode (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Restart (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Shutdown (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{a7c6e906-b0b8-4810-ae82-71809ed409eb} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Help (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Users\Gwenaël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\System32\Eeshellx.dll (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Ee.exe (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\INSTALL.LOG (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\License.txt (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\ReadMe.txt (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\UNWISE.EXE (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\UNWISE.INI (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Config.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Drives.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Files.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\FilesContents.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Folders.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\FolderScans.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\IECookiesKeep.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\IEDownloadedKeep.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\NSN4CookiesKeep.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\OE5ChoiceList.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\PlugInSelections.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\ScanMasks.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\TBChoiceList.dat (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\AbsoluteFTP.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\ACDSEE Photo Viewer v3.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adaptec Easy CD Creator v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v3.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v3.1.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v5.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v5.1.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v6.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat Reader v7.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Acrobat v6.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v5.0 LE.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v5.5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v6.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v7.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v8.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Adobe Photoshop v9.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\ASPack.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Avant Browser.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Cabinet Manager.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Copernic 2000 Pro.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Copernic 2000.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Copernic Agent.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Corel Paintshop Pro v10.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Cute FTP v3.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Cute FTP v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Cute FTP v7.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Delphi v3.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Delphi v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Delphi v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\DiskKeeper v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\DivXPlayer.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Download Accelerator.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Eudora Mail.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\EventLog.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\FTP Explorer.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\GetRight ExplorerBar.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\GetRight v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\GoogleBar.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\GoogleNavigation.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\GoZilla.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Helios TextPad v3.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Helios TextPad v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\HelpWriter.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Icon Extractor.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\ICQ 2000a.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\InstallShield Express.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\J2 Messenger.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\JASC Paintshop Pro v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\JASC Paintshop Pro v6.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\JASC Paintshop Pro v7.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\JASC Paintshop Pro v8.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Jet PhotoShell v1.2.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Kazaa.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Limewire v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Macromedia Flash v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\MasterSplitter v2.1.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\McAfee Virus Scan v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microangelo 98.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Micrografx Picture Publisher v7.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Micrografx Picture Publisher v8.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft FrontPage Express.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft FrontPage.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Help Workshop.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft HTML Help.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Office.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Publisher 2000.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Send-To Extensions.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Windows Paint.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Microsoft Windows WordPad.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\My Network Places.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Napster Music Community.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\NEATO Labels.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\NeoPlanet v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton AntiVirus 2000 (v6).eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton Antivirus 2003.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton File Manager.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton Internet Security 2004.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton Personal Firewall.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Norton Utilities 2000.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\NoteTab Pro.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Opera Browser.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\PackageForTheWeb.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Personal Ancestral File.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Quicktime.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Real Audio Player v6 v7 v8.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Real Download v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Real Player v10.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\RealOne Player.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\RemoteDesktop.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Roxio Easy CD Creator v6.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\SureThing CD Labeler.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Telnet.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead Gif Animator v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead Photo Explorer v4.2.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead Photo Viewer v4.0.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead PhotoImpact v10.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead PhotoImpact v5.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Ulead PhotoImpact Viewer v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\UltraEdit v4.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\UltraEdit v7.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Web Ferret v3.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinOnCD.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinRar v2.6.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinRar v2.70.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinRar v3.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinZip v7.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\WinZip v8.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Wise Installer.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Yahoo Player.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\YahooMessenger.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\ZipMagic 2000.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Data\Plug-Ins\Zone Alarm.eep (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\Evidence Eliminator\Help\ee.chm (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Help.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator License Agreement.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Read Me.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Users\IUSR_NMPR\Desktop\Evidence Eliminator.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Users\Gwenaël\Desktop\Evidence Eliminator.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

En attendant tes commentaires, merci !
0
Réponse 13 / 44
greg35 Messages postés 185 Statut Membre 2
 
Raptor789, s'il-te-plaît, ne m'abandonne pas !! :-))
0
Réponse 14 / 44
raptor789 Messages postés 835 Statut Membre 25
 
bien, comment va l'ordinateur maintenant ?
0
Réponse 15 / 44
greg35 Messages postés 185 Statut Membre 2
 
bonjour,

Ben il va bien l'ordinateur , il allait bien d'ailleurs, c'est seulement Norton qui détectait "infostealer"...

Je fais quoi maintenant ? Je ré-installe Norton ? Enfin si j'y arrive ... Y a plus de problème d'après toi ?

Merci.
0
Réponse 16 / 44
greg35 Messages postés 185 Statut Membre 2
 
Au fait, tu ne m'as pas dit ce que tu pensais de ce que je t'ai dit sur Evidence Eliminator un peu plus haut... si tu connais.

a+
0
Réponse 17 / 44
raptor789 Messages postés 835 Statut Membre 25
 
peux-tu reposter un rapport hijackthis ?
0
Réponse 18 / 44
greg35 Messages postés 185 Statut Membre 2
 
Re-salut :

Voici le rapport de HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:46, on 09/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\RtHDVCpl.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\Eggiz\Meteo Fusion\Meteo Fusion.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gwenaël\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [Meteo Fusion] "C:\Program Files\Eggiz\Meteo Fusion\Meteo Fusion.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O18 - Protocol: bw+0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B25F93DE-EDAC-421D-B1AA-C2254BE47F77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
0
Réponse 19 / 44
greg35 Messages postés 185 Statut Membre 2
 
Bonsoir,

Suivant le conseil de raptor789, je cherche quelqu'un de "confirmé" pour me dire si je suis bien débarassé de ce virus ou pas ...

Merci ...
0
Réponse 20 / 44
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt je passe mais peu de temps actuellement...

vire ce qui est dans la sauvegarde de spybot, vire ce qui est en quarantaine dans antivir et malwarebyte
___________

télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Program Files\Evidence Eliminator

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_________________

rescan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

_______________

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
___________________

recolle un rapport hijakchits et dis tes soucis

_______________________

tu veux garder antivir ou remettre norton antivirus? (il ne faut en mettre qu'un)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses