infection - plus de droit administrateur - scan en ligne impossible

Le
dame-mikeline
bonjour à tous et merci par avance pour votre aide
j'ai récupéré une méchante infection par bagle et tooso apparemment.
j'ai chargé tous les utilitaires de désinfection, je les ai faits en mode sans échec et mon antivirus avast (que j'ai dû réinstaller) semble ne plus rien trouver.
mais impossible de faire un scan en ligne, j'ai systématiquement le message comme quoi je n'ai pas les droits administrateur.
or je les avais, et impossible de les remettre !
même en créant un nouveau compte, la case "administrateur" est sytématiquement désactivée
j'ai voulu recommencer la désinfection en mode sans échec, en décochant la restauration automatique, mais pareil, impossible
quand je suis en session normale, les utilitaires de désinfection que je veux lancer (combofix, antibagle, elibagle ) foirent tous
je ne sais plus quoi faire
rapport hijack que j'ai pu avoir, mais avec plantage donc je ne sais pas s'il est fiable
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56, on 2008-08-04
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesPrevxCSIprevxcsi.exe
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsRtHDVCpl.exe
C:Program FilesJavajre1.6.0_06binjusched.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesiTunesiTunesHelper.exe
C:WindowsSystem32undll32.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesSiber SystemsAI RoboFormobotaskbaricon.exe
C:Windowsehomeehmsas.exe
C:Program FilesAxBxMulti Virus Cleaner 2008MVC.exe
C:UsersMicheleDesktopAntibagle-fr.exe
C:UsersMicheleDesktopHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://format.packardbell.com/cgi- [] ey=IESTART
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://portail.free.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://format.packardbell.com/cgi- [] ey=IESTART
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://format.packardbell.com/cgi- [] ey=IESTART
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormoboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier2.1.1119.1736swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program FilesGoogleGoogle_BAEBAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormoboform.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_06binjusched.exe"
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBealsched.exe" -osboot
O4 - HKLM..Run: [CloneCDTray] "C:Program FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [NBKeyScan] "C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32vsvc.dll,nvsvcStart
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [ISUSPM] "C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [RoboForm] "C:Program FilesSiber SystemsAI RoboFormRoboTaskBarIcon.exe"
O8 - Extra context menu item: Barre RoboForm - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_06binssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://support.f-secure.fr
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6 [] vSniff.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/31.37/uploader2.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargem [] otoweb.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [] /cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/g [] ection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [] scan53.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/d [] sVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/p [] wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/p [] taller.exe
O17 - HKLMSystemCCSServicesTcpip..{A01C28D8-FE34-4301-BEAB-751F1BDFF8AF}: NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 - Service: CSIScanner - Prevx - C:Program FilesPrevxCSIprevxcsi.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:Program FilesCDBurnerXPNMSAccessU.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:Windowssystem32IoctlSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberlinkShared filesRichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: @%SystemRoot%System32TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:WindowsSystem32TuneUpDefragService.exe

--
Questions / Réponses high-tech
Vidéos High-Tech et Jeu Vidéo
Téléchargements
Vos réponses
Gagnez chaque mois un abonnement Premium avec GNT : Inscrivez-vous !
Trier par : date / pertinence
codekiller
Le #16496541
dame-mikeline a écrit le 04/08/2008 à 21h31 :
bonjour à tous et merci par avance pour votre aide
j'ai récupéré une méchante infection par bagle et
tooso apparemment.
j'ai chargé tous les utilitaires de désinfection, je les ai faits
en mode sans échec et mon antivirus avast (que j'ai dû
réinstaller) semble ne plus rien trouver.
mais impossible de faire un scan en ligne, j'ai systématiquement le
message comme quoi je n'ai pas les droits administrateur.
or je les avais, et impossible de les remettre !
même en créant un nouveau compte, la case
"administrateur" est sytématiquement désactivée

j'ai voulu recommencer la désinfection en mode sans échec, en
décochant la restauration automatique, mais pareil, impossible
quand je suis en session normale, les utilitaires de désinfection que je
veux lancer (combofix, antibagle, elibagle ...) foirent tous
je ne sais plus quoi faire
rapport hijack que j'ai pu avoir, mais avec plantage donc je ne sais pas s'il
est fiable
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56, on 2008-08-04
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesPrevxCSIprevxcsi.exe
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsRtHDVCpl.exe
C:Program FilesJavajre1.6.0_06binjusched.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesiTunesiTunesHelper.exe
C:WindowsSystem32rundll32.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesSiber SystemsAI RoboFormrobotaskbaricon.exe
C:Windowsehomeehmsas.exe
C:Program FilesAxBxMulti Virus Cleaner 2008MVC.exe
C:UsersMicheleDesktopAntibagle-fr.exe
C:UsersMicheleDesktopHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://portail.free.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon
FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F}
- C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:Program
FilesSiber SystemsAI RoboFormroboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -
C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program
FilesJavajre1.6.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
- C:Program FilesGoogleGoogleToolbarNotifier2.1.1119.1736swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
- C:Program FilesGoogleGoogle_BAEBAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} -
C:Program FilesSiber SystemsAI RoboFormroboform.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows
DefenderMSASCui.exe -hide
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program
FilesJavajre1.6.0_06binjusched.exe"
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft
OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon
FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program
FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [NBKeyScan] "C:Program FilesNeroNero8Nero
BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [ISUSPM] "C:Program FilesCommon
FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe

O4 - HKCU..Run: [RoboForm] "C:Program FilesSiber SystemsAI
RoboFormRoboTaskBarIcon.exe"
O8 - Extra context menu item: Barre RoboForm - file://C:Program FilesSiber
SystemsAI RoboFormRoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:Program
FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:Program
FilesSiber SystemsAI RoboFormRoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:Program
FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.6.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.6.0_06binssv.dll
O9 - Extra button: Envoyer à OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber
SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber
SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber
SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://support.f-secure.fr
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/download/ipixx.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner)
- http://security.symantec.com/sscv6 [...] vSniff.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -
http://picasaweb.google.fr/s/v/31.37/uploader2.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://www.photoweb.fr/telechargem [...] otoweb.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -
http://h20270.www2.hp.com/ediags/g [...] ection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) -
http://h20264.www2.hp.com/ediags/d [...] sVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://fpdownload.macromedia.com/p [...] wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) -
http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O17 - HKLMSystemCCSServicesTcpip..{A01C28D8-FE34-4301-BEAB-751F1BDFF8AF}:
NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown
owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file
missing)
O23 - Service: CSIScanner - Prevx - C:Program FilesPrevxCSIprevxcsi.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program
FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation
- C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program
FilesiPodbiniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon
FilesLightScribeLSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon
FilesNeroLibNMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:Program
FilesCDBurnerXPNMSAccessU.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner -
C:Windowssystem32IoctlSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner -
C:Program FilesCyberlinkShared filesRichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon
FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions -
C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking
Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program
FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: @%SystemRoot%System32TuneUpDefragService.exe,-1
(TuneUp.Defrag) - TuneUp Software GmbH -
C:WindowsSystem32TuneUpDefragService.exe

--


Perso dans ce genre de situation je préconise la chose suivante :

Format et réinstallation complète.

C'est radicale mais en général ça fonctionne bien, évidemment une fois tout réinstaller évite d'ouvrir n'importe quel logiciel qui se trouverait sur une autre partition que la système sans avoir installer AVANT un antivirus.
Publicité
Poster une réponse
Anonyme