Analyse hijackthis et messages antivirus 2009

jeanba -  
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonsoir, je viens de tenter de vous envoyer un message qui était incomplet.

l'ordinateur d'ou je vous ecris me balance sans cesse des messages d'alerte parlant d'antivirus 2009.
je suis venu sur le forum et ai telechargé hijackthis (voir infos bloc note en fin de message).

avant tout cela, j'ai lancé 2 fois avast et mis en quarantaine qq mauvaises surprises, mais cela ne suffit apparemment pas. j'ai de plus utilisé advance spyware remover qui m'a permis d'ecarter qq bricoles.
cet ordinateur n'est pas mien et je suppose qu'il est plein de conflits.

merci d'avance pour votre disponibilité
jeanba



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:35:46, on 21/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\printer.exe
C:\Program Files\IEPro\MiniDM.exe
C:\Program Files\Advanced Spyware Remover\AD Defender.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\log detecteur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {B31A91DF-1991-43FA-93D0-884D644F929B} - C:\WINDOWS\system32\avifil3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\system32\printer.exe
O4 - HKLM\..\Run: [NI.UGA6PV_0001_N122M0907] "C:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M0907NetInstaller.exe"
O4 - HKLM\..\RunOnce: [overinstall] "C:\Program Files\VirusGarde\pgs.exe" /empty
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\system32\spoolvs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: findfast.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: autorun.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DC92530-3CA5-4DC5-B2F4-9DF3658AC4D0}: NameServer = 80.10.246.130 81.253.149.10
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://webmail16d.orange.fr/webmail/fr_FR/download/Download.html?IDMSG=358&PJRANG=2&NAME=__PJ_FULL_NAME_ENCODED__&FOLDER=INBOX&STREAM_TYPE=IMAGE&EMBEDDED=true
A voir également:

31 réponses

Précédent
  • 1
  • 2
Réponse 21 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, ton dossier sur le bureau est la sauvegarde d'hijackthis que l'on utilise si pas malheurs on fixer des lignes et que le pc disfonctionne après on peux remettre les lignes en place normalement ce dossier est dans c / programm files/ trend micro /hijackthis mais comme ton hijackthis n'est pas installé convenablement puisqu'il est sur le bureau, je mérite une baffe car j'aurais du te le faire réinstallé mais bon pas si grave quand tu auras fini le nettoyage du pc tu pourras le supprimer , pour l'instant peux tu me remettres un hijackthis merci
0
jeanba
 
salut, voici la derniere en date
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:17:50, on 05/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\log detecteur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {B31A91DF-1991-43FA-93D0-884D644F929B} - C:\WINDOWS\system32\avifil3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
jeanba > jeanba
 
par contre, je n'ai pas reussi a faire le test de vulnerabilite.
qd je le lance, il y a 1 pb au chargement de "java applet browser", et ça me depasse 1peu.
0
Réponse 22 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
pour moi c'est bon plus rien à redire hijackthis tu peux supprimer tout les outils avec toolscleaner et passer ccleaner comme dit dans le message 55 pour le scan de vulnérabilité quand tu es sur cette page tu cliques sur start scanner et puis sur la page suivante sur start
0
jeanba
 
[ Rapport ToolsCleaner version 2.2.5 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\SmitFraudFix.exe: trouvé !
C:\SDFIX: trouvé !
C:\SmitFraudfix: trouvé !
C:\Documents and Settings\HP_Propriétaire\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\HP_Propriétaire\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\SdFix.exe: trouvé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\HijackThis.exe: trouvé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\SmitFraudFix.exe: trouvé !


Corbeille vidée!
Fichiers temporaires nettoyés !
---------------------------------
-->- Suppression:
C:\SmitFraudFix.exe: supprimé !
C:\Documents and Settings\HP_Propriétaire\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\SdFix.exe: supprimé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\HijackThis.exe: supprimé !
C:\Documents and Settings\HP_Propriétaire\Mes documents\My Downloads\SmitFraudFix.exe: supprimé !
C:\Documents and Settings\HP_Propriétaire\Bureau\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\SmitFraudfix: supprimé !


pour le scan g bien essayé ms cela ne fait pas a cause de java !?
0
jeanba > jeanba
 
salut, c ok pour le nettoyage, par contre hijackthis sur le bureau ne se desinstalle pas.
il n'apparait ni avec ccleaner, ni avec panneau de configuration et qd je le lance il a l'air de fonctionner.
pour les conseils, je les relaye au proprietaire du PC.

merçi encore pour toute votre patience et votre temps accordé.
jeanba
0
Réponse 23 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, si tu as un souci pour désinstaller hijackthis du bureau tu le dis je te donnerais un outil que tu utilises en mode chasseur et il te supprime à partir de l'icône du bureau tout ce qui le conserne même les clés de registre
0
jeanba
 
salut, c ok pour la desinstallation d'hijackthis.
merci pr ts les conseils, bonne route a vous tous.
et je le redis, "c'est genial de pouvoir consulter vos conseils en ligne"
voili voilou fasse que la vie vous comble de plein de belles choses.
jeanba
0
Réponse 24 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, si un jour tu veux désinstaller quelque chose en profondeur utilises revo uninstaller http://www.6ma.fr/tuto/revo-uninstaller-pour-desinstaller-des-programmes/
et si c'est juste un programme récalcitrant qui a un processus actif perso j'utilise unlocker https://www.tutomaker.com/tutoriaux/informatique/unlocker-effacer-fichier,recalcitrant,15.html
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 31
toptitbal Messages postés 25719 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Ton rapport n'est pas complet.
-1
jeanba
 
oups, je pensais avoir tout copié...
voici l'integral


SmitFraudFix v2.366

Rapport fait à 10:50:55,57, 22/10/2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\shell.exe supprimé
C:\WINDOWS\system32\printer.exe supprimé
C:\WINDOWS\system32\spoolvs.exe supprimé
C:\DOCUME~1\HP_PRO~1\MENUDM~1\PROGRA~1\DMARRA~1\findfast.exe supprimé
C:\Program Files\altcmd\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix



»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS



»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 26 / 31
toptitbal Messages postés 25719 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
OK, refais un Hijackthis stp.
-1
jeanba
 
voila, celui ci devrai etre complet !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:17, on 22/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\log detecteur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {B31A91DF-1991-43FA-93D0-884D644F929B} - C:\WINDOWS\system32\avifil3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\system32\printer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\system32\spoolvs.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: findfast.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: autorun.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DC92530-3CA5-4DC5-B2F4-9DF3658AC4D0}: NameServer = 81.253.149.1 80.10.246.3
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 27 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, si vous me permettez cette intrusion dans la procédure , jeanba si tu pouvais mettre le rapport de malwarebyte quitte à le mettre en plusieurs fois tu repaires bien ou tu t'arrêtes pour repartir sur la ligne suivante dans ton prochain copier/coller ça permetterais de voir ce qu'il a trouvé et ou et ce qu'il en a fait , merci
-1
jeanba
 
avec plaisir, je dirai meme "cool", je n'osai pas surcharger avec une multitude de messages.

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1306
Windows 5.1.2600 Service Pack 3

23/10/2008 08:59:24
mbam-log-2008-10-23 (08-59-20).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 203084
Temps écoulé: 3 hour(s), 47 minute(s), 33 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 68
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 834
Fichier(s) infecté(s): 1375

Processus mémoire infecté(s):
C:\WINDOWS\shell.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\WinAntiSpyware 2006\shellext.dll (Rogue.WinAntiSpyware) -> Delete on reboot.
C:\Program Files\WinAntiSpyware 2006\msvcp71.dll (Rogue.WinAntiSpyware) -> Delete on reboot.
C:\Program Files\WinAntiSpyware 2006\msvcr71.dll (Rogue.WinAntiSpyware) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\asapcom.asapclass (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapclass.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapenvelope (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapenvelope.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\washellext.shellhook (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4567ab12-7dfc-4c46-bd8f-41259d169a0d} (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4567ab12-b980-44a5-b259-9b09ebea6331} (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4567ab12-eded-4675-af10-ba15eddb4d7a} (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\washellext.shellhook.1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\washellext.wascontextmenu (Rogue.AntiMalwareSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\washellext.wascontextmenu.1 (Rogue.AntiMalwareSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7f4e63c9-f30c-4424-9baf-b6896f5f56c4} (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{abcd4567-4d73-43e9-85e5-53a2dbd95422} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{abcd4567-d8e8-4df1-a3ea-d0aa72f42622} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f5ac8b35-5b15-4e8f-8046-43858973b495} (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00b498e3-0543-4624-8fde-1caf89a80550} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e678cbdc-d022-41f5-ab21-c43dfd9dfc3e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea232a0a-46f8-4d44-a30b-50321518a828} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f585cb1f-f17d-4007-a573-b663197ef500} (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{abcd4567-7437-43ef-ab74-4ab1d3a37422} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{03c4c5f4-1893-444c-b8d8-002f0034da92} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{11e2bc0c-5d4f-4e0c-b438-501ffe05a382} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{37587889-fc28-4507-b6d3-8557305f7511} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4a5e947e-c407-4dcc-a0b5-5658e457153b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4fd5c4d3-6c15-4ea0-9eb9-eee8fc74a91b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{620d55b0-f2fb-464e-a278-b4308db1db2b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{741beefd-aec0-4aff-84af-4f61d15f5526} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7a41359e-0407-470f-b3f7-7c6a0f7c449a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7c4a630a-de98-4e3e-8093-e8f5e159bb72} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ed1e9b1-cb57-4fa0-84e8-fae653fe8e6b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6931b16-90fa-4d69-a49f-3abfa2c04060} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5aa36a1-8bd1-47e0-90f8-47e7239c6ea1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fa2cbafb-f7b1-4f41-9b7a-73329a6c1cb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b31a91df-1991-43fa-93d0-884d644f929b} (Trojan.BHO) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b31a91df-1991-43fa-93d0-884d644f929b} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{162c8b82-6af8-4009-921a-c1c84bedbe43} (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wasfsd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SBTV (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApiMon (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantispyware 2006 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantispyware 2006 scanner (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\winantispyware 2006 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\ExplorerWAS (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\ExplorerWAS (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpamBlockerOutlookTools (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpamBlockerWebTools (Adware.Hotbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spoolsv (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\printer (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{4567ab12-b980-44a5-b259-9b09ebea6331} (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.QHost) -> Data: c:\windows\system32\wowfx.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Trojan.QHost) -> Data: wowfx.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.QHost) -> Data: system32\wowfx.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Agent) -> Data: c:\windows\shell.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe C:\WINDOWS\shell.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\SpamBlockerUtility\Bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\SpamBlockerUtility\SBTV (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006 (Rogue.WinAntiSpyware) -> Delete on reboot.
C:\Program Files\WinAntiSpyware 2006\database (Rogue.WinAntiSpyware) -> Delete on reboot.
C:\Program Files\WinAntiSpyware 2006\database\quaratine.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\quaratine.dat\c356cc178b8244b85542538f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\quaratine.dat\c356cc178b8244b85542538f\a16acacd0686462b57c59b9e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\quaratine.dat\d6b24393e3074bd8f0ad93a1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\quaratine.dat\d6b24393e3074bd8f0ad93a1\5268f685ea1542db15af3b96 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0055ead944de4f8471edac82 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\008b793deaf64551ecb65982 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\00bd840da27a42feb8a6a791 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\013e1db1b03346af813d5284 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\015b1f01cc614a2d5e5f9a99 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\015cdb6dc1e345b0ac513398 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0239130d147d4cdf023603a2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\024e79726b7f4cee1ce4c7b2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\026e0f6e5e0f4bf419705e8d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0294015db81440e1b0d07591 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\02f8ad44ba9141cb49aea289 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\038a14de7a8744a4126fba87 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\04b686cabf6645ff78225b98 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\04ee7873c44e4cbd633ca4aa (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\062e26ed7cbc4898baf2d195 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\06598608efd945f5c590b2ae (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0705c9750fa3495eef93caa3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0791987fa8ee4c2d949c5581 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\07ddffdb4b9242fb92fa9a9d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\07ee422dfbcf45a464910aab (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\07f8b8fae40144012c36b899 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\086a3fabd67144169838c3a2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\097783527c994c7b073eafa0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0a06ab5781d24671a784ad9c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0a36f668e14d4ae941460998 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0a6af447119f4304eafaef90 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0b5c403d171940b4389d1b94 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0b824938a1ae41872551cc81 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0bd0fdeca98d4e7782b2c59d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0cbfe9bed1f94177d0650e95 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0cd9ea62200b4e38cfb041af (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0d21d5704302411f2da5579c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0d6f2a10814d4e88d48f4d8d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0d864ca0857d4360a93c548d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0dd3f9bc73674b66a4f662b5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0e4856a9e9fe4dfde1ad1f95 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0eadf8abf4d4401895750c93 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0eb0732f54654157b271b391 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0f1e7f018c5d43639067f2b5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0f93537521894b6ad9bac7a2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\0fee8a2b8c12491005b018a2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1007484fc1ae44985bdbb99d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\104fd321e7c54442da6e5188 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\10717f0d1bc04dab08c99296 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\10a4cccecfcc49cd8732868e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\116c03a0cba3420d6e81bbb7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\118913b832f741aed31e7f9c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\11cfabb7eeb345d26e4d2f87 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\120265b8f8db4e6bea929494 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\125d8a67d29e478646f7b3a7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\12a4f46229a74c3c8fe70bb5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1373e071382341d7dcd65fbf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\13cb617aaec64c90b162559f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1457f3845645459f57714188 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1465efdd7f7e44e477aef8ac (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1525d76c149f4e79ad175d87 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\15bf4433070542eb37fe48bc (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\16cdf38e56c242b940f602b9 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\17610b1deac843a4611e4191 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\17da075ed75a4f356438c4ad (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\17fc91a1aec047779f29919f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\181b7baa10984917af8eff8c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\18a106c71a8440375d3e3f9e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\192a9e7289144b9c06507e99 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\194efec70e7644d8bc387caf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1a6e1d0a5f3c470516dcceac (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1ac1336b4e744649f2857d91 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1acc14209a86437a9090dfa4 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1b7934a0cbcd49822b2470bb (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1bc14afd94bb4c09935d7ea1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1c50b247ce3547886ee654b8 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1c7fca75b62943531324dbaf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1d0b15e77ee845fad6e6ed9f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1d559e4940f845240bbb1cbe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1d78ab01c985470912c16ca4 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1dbe64b6f8e64f0b57ff63a0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1e04f7dc9196481139edb98c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1fa440f367674f0ed3cc9fbd (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1fd1033699e04749af74aca6 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1fd5fdf736f84fb7124ca887 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2006\database\RTMonitor.dat\4237edc4e4b9407496216da5\0726ae5d73da45b855c2deb3\1ff11e1293674f88765e9fb2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
0
Réponse 28 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
tu devrais les mettres les un après les autres tu les as mis trop haut dans la discution
-1
Réponse 29 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, si tu désinstalles avast il faut remettre un autre anti-virus plus performant comme antivir ou avg8 free qui sont des gratuits aussi , car surtout ne pas resté sans anti-virus, je pense que toptibal va passé
-1
Réponse 30 / 31
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
jeanba, ou en sont tes problèmes as tu toujours des messages d'alertes??
-1
jeanba
 
bonsoir, cool d'avoir de vos news. je viens de me reconnecter. j'ai tjrs des messages d'alerte qui s'affichent et certains fichiers que le systeme ne trouve plus car come tu m'as suggeré, j'ai efface la quarantaine de MBAM. d'ailleurs, que dois-je en faire de celui la ? je le desinstalle ?
a tout bientot.
0
Réponse 31 / 31
toptitbal Messages postés 25719 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Re jeanba

Télécharges SDFix sur ton bureau :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.

--->Double-cliques sur SDFix.exe et choisis "Install" .

( tuto ici : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ )

Puis une fois l'installe faite, redémarre en mode sans échec .

Comment aller en Mode sans échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
--->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presse une touche pour redémarrer quand il te le sera demandé .

Le PC va mettre du temps avant de démarrer ( c'est normal), après le chargement du Bureau presse une touche lorsque "Finished" s'affiche .

Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier C:\SDFix sous le nom "Report.txt".
Poste ce dernier dans ta prochaine réponse.
-1

Discussions similaires

" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Échec de l'analyse anti virus.
alice1414 -
bazfile -

3 réponses
télécharger et installer encarta junior
98653773 -
1 -

3 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses