A voir également:
- Probleme avec un ordi!erreur ligne #13366.(0)
- Erreur 0x80070643 - Guide
- Mon ordi rame que faire - Guide
- Comment reinitialiser un ordi - Guide
- Aller à la ligne excel - Guide
- Hors ligne instagram - Guide
2 réponses
bonjour!
alors pour le probleme avec le redemarrage c'est reglé, enfin je dcrois!
ilme reste encore tout plein de soucis donc si quelqu'un pouvait m'aider ca serait vraiment super!!!
alors pour le probleme avec le redemarrage c'est reglé, enfin je dcrois!
ilme reste encore tout plein de soucis donc si quelqu'un pouvait m'aider ca serait vraiment super!!!
bon j'ai reussi a faire une analyse complete avec malwarebytes!
l'ordinateur avait des infections qui ont etes traitée, par contre au redemarage j'ai eu 2 messages d'erreurs :
un pour nView.dll et nViewInitialise
et un pour NVidia twin view Windows : rundll.exe_erreur d'application
"l'instruction à "0x6de86d90" emploie l'adresse memoire "0x6de86d90"
la memoire ne peut pas etre "read"
et voici l'analyse malwarebytes :
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2297
Windows 5.1.2600 Service Pack 3
02/07/2009 15:50:18
mbam-log-2009-07-02 (15-50-18).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 164755
Temps écoulé: 51 minute(s), 23 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 24
Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{b6acb3f1-6a83-432c-b854-3e1056f87f4e} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819db72d-1c28-4387-9778-e2ff3dc86f74} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetGameBox (Adware.Popup) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\id (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\host (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\jo\local settings\application data\frdwi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\jo\local settings\application data\frdwi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoAdv\EoRezoBHO.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\lolly\local settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hvstqc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yuzphzlu_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hvstqc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
l'ordinateur avait des infections qui ont etes traitée, par contre au redemarage j'ai eu 2 messages d'erreurs :
un pour nView.dll et nViewInitialise
et un pour NVidia twin view Windows : rundll.exe_erreur d'application
"l'instruction à "0x6de86d90" emploie l'adresse memoire "0x6de86d90"
la memoire ne peut pas etre "read"
et voici l'analyse malwarebytes :
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2297
Windows 5.1.2600 Service Pack 3
02/07/2009 15:50:18
mbam-log-2009-07-02 (15-50-18).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 164755
Temps écoulé: 51 minute(s), 23 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 24
Processus mémoire infecté(s):
C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{b6acb3f1-6a83-432c-b854-3e1056f87f4e} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819db72d-1c28-4387-9778-e2ff3dc86f74} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64f56fc1-1272-44cd-ba6e-39723696e350} (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetGameBox (Adware.Popup) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Adware.EoRezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\id (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\host (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\jo\local settings\application data\frdwi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\jo\local settings\application data\frdwi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoAdv\EoRezoBHO.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\lolly\local settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hvstqc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yuzphzlu_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hvstqc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
