Aller au contenu

sandy1410

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par sandy1410

  1. sandy1410
    bonjour, voila depuis quelques jours les icones de mon bureau ne sont plus actifs, je ne peux plus les exécutés. Tous les programmes fonctionne encore bien mais Depuis ce matin c'est dans mes documents, poste de travail.... que je ne peux plus aller ça me note: "explorer.exe: erreur d'un appel système". que puis-je faire pour remédier à cela? est-ce un virus ou autre? Merci d'avance cordialement
  2. sandy1410
    j'ai vu sur un autre sujet qu'il fallait mettre le rapport de ZHPDiag alors le voici si ça peut vous aidez: Rapport de ZHPDiag v1.24.12 par Nicolas Coolman Run by Sandy at 10/09/2010 15:48:55 Web site : ZHPDiag Outil de diagnostic Platform : Windows 7 Home Premium MSIE: Internet Explorer v8.0.7600.16385 Boot mode: Normal (Normal boot) Total RAM: 3,8 Gb (54 % free) System drive C: 575 Go (320 Go free) ---\\ Processus lancés C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe C:\PROGRA~1\WIA6EB~1\DataMngr\DataMngrUI.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Hercules\Dualpix Exchange\XtrCtrl.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Users\Sandy\AppData\Local\Temp\Txp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=explorer.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll R3 - URLSearchHook: Radio Bar 1 Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: (no name) - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll R3 - URLSearchHook: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: C:\Program Files\Windows Live\Toolbar\wltcore.dll - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll O3 - Toolbar: C:\Program Files\Radio_Bar_1\tbRadi.dll - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll O3 - Toolbar: C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\WIA6EB~1\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [CamserviceExchange] C:\Program Files\Hercules\Dualpix Exchange\XtrCtrl.exe /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe -run C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iSUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [YXE7DXCQ37] C:\Users\Sandy\AppData\Local\Temp\Txp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - Global Startup: OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Sandy\AppData\Local\Temp\cce41B4.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: traduire la page - C:\Users\Sandy\AppData\Local\Temp\cce41B2.html O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Sandy\AppData\Local\Temp\cce41B3.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - C:\Program Files\Internet Explorer\Custom\eBay.ico O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201 O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll,103 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFBARH.ICO ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file) End of the scan: 133 lines
  3. sandy1410
    bonjour, je précise que le virus antimalware doctor n'est plus actif mais il est toujours présent dans mon menu démarrer. il y a également des dossiers inconnus dans mes programs files qui sont apparus: ils se nomment: 136, 198, 240, 449, 531, 1896, 23852, 24044, 24642, 24730, 24838, 32727 et ces fameux dossiers sont des applications de 0 Ko! que puis-je faire pour supprimer totalement ce virus? Aidez moi svp cordialement
  4. sandy1410
    bonsoir malgré antivir, malwarebytes -antimalware,j'ai attrapé un virus "antimalware doctor",je ne pouvez plus me connecter a internet,j'ai suivi quelques conseils sur votre forum,maintenant internet est revenu mais toujours des traçes de se virus,pouvez vous m'aider svp,je vous envoie quelques analyses et j'attends vos instructions,d'avances je vous remercie,cordialement Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:16:09, on 08/09/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Windows Searchqu Toolbar\DataMngr\DataMngrUI.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Hercules\Dualpix Exchange\XtrCtrl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Sandy\AppData\Local\Temp\Txp.exe C:\Windows\system32\taskeng.exe K:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file) R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll R3 - URLSearchHook: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll O3 - Toolbar: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\WIA6EB~1\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [CamserviceExchange] C:\Program Files\Hercules\Dualpix Exchange\XtrCtrl.exe /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe" -run "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [YXE7DXCQ37] C:\Users\Sandy\AppData\Local\Temp\Txp.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Sandy\AppData\Local\Temp\cce41B4.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: traduire la page - C:\Users\Sandy\AppData\Local\Temp\cce41B2.html O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Sandy\AppData\Local\Temp\cce41B3.html O9 - Extra button: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - Achetez et vendez vos objets neufs ou d'occasion. Enchères, prix fixe, petites annonces - Et vous, vous achetez comment ? (file missing) O9 - Extra 'Tools' menuitem: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - Achetez et vendez vos objets neufs ou d'occasion. Enchères, prix fixe, petites annonces - Et vous, vous achetez comment ? (file missing) O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - Achetez et vendez vos objets neufs ou d'occasion. Enchères, prix fixe, petites annonces - Et vous, vous achetez comment ? (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - Achetez et vendez vos objets neufs ou d'occasion. Enchères, prix fixe, petites annonces - Et vous, vous achetez comment ? (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 11694 bytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4568 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 08/09/2010 10:24:52 mbam-log-2010-09-08 (10-24-52).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|) Elément(s) analysé(s): 240690 Temps écoulé: 57 minute(s), 6 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 18 Processus mémoire infecté(s): C:\Users\Sandy\AppData\Roaming\FB672389691141901A04B97FAB5C9A6F\mediafix70700en02.exe (Trojan.Agent.Gen) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Users\Sandy\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d34d56e9-b37b-4c37-a854-1ac144592d5c} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\F5JMWNZTHI (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mediafix70700en02.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Environment\evapp (Rogue.Antivir2010) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Environment\evuninst (Rogue.Antivir2010) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows system guard (Backdoor.IRCBot) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\Sandy\AppData\Roaming\FB672389691141901A04B97FAB5C9A6F\mediafix70700en02.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P7ONJR1S\mediafix70700en02[1].exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txj.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txk.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txl.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txm.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txn.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\Txo.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Sandy\Jeux sandy\Everest_Poker.exe (PUP.Casino) -> Quarantined and deleted successfully. C:\Users\Sandy\Logiciels\Craagle 3.0.exe (HackTool.Craggle) -> Quarantined and deleted successfully. C:\Users\Sandy\Logiciels\Craagle_3.0UPBYKARRON\Craagle 3.0.exe (HackTool.Craggle) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully. C:\Users\Sandy\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. C:\Users\Sandy\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
×
×
  • Créer...