[Réglé]rapport malwarebyte du tonnerre

[calimero67]

PC WINDOWS XP 750 go de memoire
Bonjour,
Je ne suis heureusement pas sur mon ordinateur.
Mon père n'a plus d'antivirus depuis 6 mois. Il est HYPER ENVAHI par la pub et a du mal a atteindre la page internet souhaitée.
De plus ce PC travaille tout le temps.
voici le rapport malware byte

Code: Tout sélectionner

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3875
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

17/03/2010 15:51:50
mbam-log-2010-03-17 (15-51-49).txt

Type de recherche: Examen complet (C:\|D:\|G:\|H:\|I:\|R:\|)
Eléments examinés: 106202
Temps écoulé: 3 hour(s), 53 minute(s), 9 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 75
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 64

Processus mémoire infecté(s):
C:\documents and settings\propriétaire\local settings\application data\ekqgv.exe (Adware.Navipromo.H) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.307.0\ShopperReports.dll (Adware.ShopperReports) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt.1.0 (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdat.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdate (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{d8c0508c-e235-4d9e-a27e-c8bb5f527dc9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e0ec6fba-f009-3535-95d6-b6390db27da1} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{931c624a-1932-49f4-b1e4-b7ab60881f75} (Adware.SmartAdsSolutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{025b1d48-fda2-439b-a74d-ceca8b704028} (Adware.SmartAdsSolutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\tabquery (Adware.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ekqgv (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ckipebji_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ckipebji_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ckipebji.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ekqgv_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ekqgv_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ekqgv.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ekqgv.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.117.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.307.0\ShopperReports.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.3.6.0\SmartAdsxtra.dll (Adware.SmartAdsSolutions) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife\1.3.6.0\ezLifextra.dll (Adware.SmartAdsSolutions) -> Quarantined and deleted successfully.
C:\Program Files\TabQuery\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1060\A0840156.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856629.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856630.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856631.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856632.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856633.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0856634.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857623.dll (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857626.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857643.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857645.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857650.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1065\A0857647.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1067\A0861703.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1067\A0861707.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1067\A0861736.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1068\A0862802.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1068\A0863362.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1069\A0866459.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1069\A0866460.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1069\A0867451.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1075\A0876255.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1075\A0876257.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1075\A0876259.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1075\A0876263.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1076\A0876275.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1076\A0876277.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1076\A0876279.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1076\A0876282.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1076\A0876308.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1077\A0878390.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1077\A0878392.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1077\A0878443.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1077\A0878388.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1078\A0879766.dll (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1078\A0879767.dll (Adware.EzLife) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895650.dll (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895617.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895619.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895621.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895624.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1086\A0895652.dll (Adware.SmartAdsSolutions) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1091\A0902096.dll (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1091\A0902100.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1091\A0904094.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1091\A0904133.dll (Adware.EzLife) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1091\A0904134.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1095\A0920664.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1095\A0920665.dll (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1095\A0920666.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1095\A0920668.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1095\A0920669.dll (Adware.Adrotator) -> Quarantined and deleted successfully.

Il s'est arrêté là.
Je ne suis pas pressé
A+

[bernard53]

Bonjour

Bon je constate que ton père a jouer et il a perdu.

Déjà tu as supprimer tout avec Malewarebytes et c'est OK.

fait ceci.

Télécharge Navilog1 :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.

Fais un clic-droit sur le Navilog1.exe présent sur ton bureau et choisis :
"Exécuter en tant qu'administrateur". C'est impératif : "Pour Vista et Seven seulement"

Au menu principal, Fais le choix "1"
Laisse toi guider et patiente.
De nouveau choisis 1
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.

Copie-colle l'intégralité du rapport dans ta réponse.
Referme le blocnote.
Note : Il sera enregistré sous C:\cleannavi.txt

PUIS:: Télécharge ANTIVIR ici.

http://www.free-av.com/fr/index.html

Mets le a jour puis fait un scan complet.

Ensuite tu feras ceci.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Custom scan/fixes"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Run Scan" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

[calimero67]

Bonjour,
Je te remercie pour ta réponse, je suis étonné, nous sommes étonnés que mon père (âgé) s'est laissé submerger ainsi.
Nous avons découvert en fait qu'il ne maîtrise plus du tout son ordinateur et internet puisque nous avons découvert autre chose digne d'un enfant de 10 ans à qui on donne un PC.
Malwarebyte a tourné pendant 32 heures encore et n'arrête pas de trouver des virus des trojan etc....
Que mon père reste sans anti virus n'est pas son genre.
J'ai sauvegardé ses dossiers personnels vérifiés en support extérieur ils ne sont pas vérolés et j'ai formaté le disque dur.
Tu t'imagines, tu allumes ton PC et tu attends 23 minutes 30 pour pouvoir prendre la main sur ton PC..... c'est un record pour moi.
Merci pour tes conseils
On peut fermer cette discussion je reviens sur une autre.
A+

[bernard53]

OK pour la formatage