Alerte antivirus 2009 - ok - (Résolu) |
Connexion | Inscription | Aide
  |
|
08/01/2009 à 19:20
|
|
  |
 Bonjour, suite à une infection ( un début ? ), le service des mises à jour automatique a été désactivé et ma page d'accueil IE7 a été modifiée. Au redémarrage, le pavé AntiVirus 2009 était là..... Heureusement, ma femme m'a appelé au bureau et n'a touché à rien. Je lui ai demandé d'éteindre le PC à la sauvage, une fois n'étant pas coutume.......... Voici quelles ont été mes manipulations = Démarrage en mode sans échec, session administrateur, mon anti virus ( AVG8.0 ) s'est lancé automatiquement en ligne de commande. Voici le rapport = Citation AVG 8.0 Anti-Virus command line scanner Copyright © 1992 - 2008 AVG Technologies Program version 8.0.145, engine 8.0.0 Virus Database: Version 270.10.3/1877 2009-01-05 C:\Documents and Settings\Administrateur.NONAME\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested. C:\Documents and Settings\Administrateur.NONAME\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested. C:\Documents and Settings\Administrateur.NONAME\NTUSER.DAT Locked file. Not tested. C:\Documents and Settings\Administrateur.NONAME\NtUser.dat.LOG Locked file. Not tested. C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested. C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested. C:\Documents and Settings\NetworkService\NTUSER.DAT Locked file. Not tested. C:\Documents and Settings\NetworkService\ntuser.dat.LOG Locked file. Not tested. C:\pagefile.sys Locked file. Not tested. C:\System Volume Information\ Locked file. Not tested. C:\WINDOWS\system32\config\default Locked file. Not tested. C:\WINDOWS\system32\config\default.LOG Locked file. Not tested. C:\WINDOWS\system32\config\SAM Locked file. Not tested. C:\WINDOWS\system32\config\SAM.LOG Locked file. Not tested. C:\WINDOWS\system32\config\SECURITY Locked file. Not tested. C:\WINDOWS\system32\config\SECURITY.LOG Locked file. Not tested. C:\WINDOWS\system32\config\software Locked file. Not tested. C:\WINDOWS\system32\config\software.LOG Locked file. Not tested. C:\WINDOWS\system32\config\system Locked file. Not tested. C:\WINDOWS\system32\config\system.LOG Locked file. Not tested. C:\WINDOWS\system32\yayyVmjH.dll Trojan horse Generic12.AJIT Object was moved to Virus Vault. ------------------------------------------------------------ Objects scanned : 685504 Found infections : 1 Found PUPs : 0 Healed infections : 1 Healed PUPs : 0 Warnings : 0 ------------------------------------------------------------ Démarrage toujours en mode sans echec, installation et lancement de MalWare Bytes, téléchargé sur le PC de mon fils. Voici le rapport = Citation Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1616 Windows 5.1.2600 Service Pack 3 06/01/2009 14:41:27 mbam-log-2009-01-06 (14-41-27).txt Type de recherche: Examen rapide Eléments examinés: 68859 Temps écoulé: 6 minute(s), 10 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 3 Clé(s) du Registre infectée(s): 20 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 43 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\hgGwTlIb.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\kgqfjm.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\byXOHyWo.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{315db022-2857-45b1-8085-3bf691b28e7e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{315db022-2857-45b1-8085-3bf691b28e7e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fb6a8b7a-c895-4b89-9fec-e2ba16322170} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{fb6a8b7a-c895-4b89-9fec-e2ba16322170} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{315db022-2857-45b1-8085-3bf691b28e7e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxohywo (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hggwtlib -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hggwtlib -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\kgqfjm.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\hgGwTlIb.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\bIlTwGgh.ini (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\bIlTwGgh.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nlltbyto.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\otybtlln.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\byXOHyWo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\jmptysmg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\aazalirt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\dkekkrkska.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\dkewiizkjdks.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\iddqdops.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\ienotas.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\iqmcnoeqz.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\irprokwks.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\jikglond.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\jiklagka.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\jrjakdsd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\jungertab.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\kitiiwhaas.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\kkwknrbsggeg.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\klopnidret.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\krkdkdkee.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\krkmahejdk.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\krtawefg.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\krujmmwlrra.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\ktknamwerr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\kuruhccdsdd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\ooorjaas.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\oranerkka.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\oropbbsee.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\otnnbektre.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\otowjdseww.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\otpeppggq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\rkaskssd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\ronitfst.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\salrtybek.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\seeukluba.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\skaaanret.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\tobmygers.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\tobykke.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\zibaglertz.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\sysguard.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. Demarrage ensuite en mode normal, mise à jour de MalWare Bytes et nouveau scan complet de mon disque C. Voici le nouveau rapport = Citation Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1624 Windows 5.1.2600 Service Pack 3 06/01/2009 15:48:21 mbam-log-2009-01-06 (15-48-21).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 168783 Temps écoulé: 58 minute(s), 13 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{3D1EF7E7-DEC7-4186-AA9D-7C35EED0767A}\RP2\A0003213.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{3D1EF7E7-DEC7-4186-AA9D-7C35EED0767A}\RP2\A0003215.dll (Trojan.Vundo) -> Quarantined and deleted successfully. J'ai ensuite lancé HiJackThis, dont voici le rapport = Citation Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15:57, on 06/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\ClocX\ClocX.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\AVG\AVG8\aAvgApi.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sysguard] C:\WINDOWS\ O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1192204492343 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://securite-neufbox.sfr.fr/pchc/fscax.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll kgqfjm.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 10173 bytes J'ai pu redémarrer le service des mises à jour et remettre ma page d'accueil IE7, et j'ai revu toutes les options Internet. Il me reste un souci, le gestionnaire des taches apparait en fenetre réduite, je m'explique, il n'y a plus d'onglets, il ne reste que le cadre de l'onglet " Processus ", aucune action n'est possible........ J'ai essayé une capture d'écran mais c'est mission impossible......... Le gestionaire des taches reste " dessus ", je ne capture que mon fond d'écran........ Dois je aller plus loin dans le nettoyage et comment m'y prendre ? Comment récuperer les fonctionnalités du gestionnaire des taches ? Grand merci à tous et à bientot ! ! ! 
|
|
|
08/01/2009 à 23:15
|
|
 |
bonsoir
essaie de fixer ces 4lignes O4 - HKCU\..\Run: [sysguard] C:\WINDOWS\ O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab vois si tu connais ces 2 lignes si non tu peux les fixer O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab |
|
|
|
Trouver un problème ou une solution similaire à "Alerte antivirus 2009 - ok - (Résolu)":
Parlons-en sur le forum ou faites une recherche sur nos forums informatique. |
| |
|
Contact • Plan | Nous sommes le : 04/07/09 |