|
|
Auteur
|
Message
|
1
|
|
|
|
Bonjour a toutes et a tous,
Depuis 2 jours je n'arrète pas d'avoir des pubs et de plus mon pc se fige et toutes mes icones sur le bureau disparaisse, que dois-je faire j'ai essayé en vain mais rien ne fonctionne, vous êtes mon seul recours aidez moi s'il vous plaît.
Merci
|
|
|
|
|
Salut
Telecharge et installe Hijackthis ici : http://download.hijackthis.eu/HJTInstall.exe
Suit le guide et poste nous un rapport : http://www.malekal.com/tutorial_HijackThis.html
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
|
Ba tu fait comme j'ai dit
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Merci pour votre aide car la ça empire.voici le rapport
Logfile of HijackThis v1.99.1
Scan saved at 10:46:05, on 01/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Documents and Settings\otman\lsass.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cssrss.exe
C:\WINDOWS\system32\Rundll32.exe
C:\APPS\SMP\SmpSys.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\SpyShredder\SpyShredder.exe
C:\Program Files\Eroca\Eroca.exe
C:\Documents and Settings\otman\Application Data\Microsoft\Windows\wxlvngn.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\otman\LOCALS~1\Temp\Répertoire temporaire 1 pour hi mister jack this !!!.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\otman\lsass.exe
O4 - HKLM\..\Run: [18e65184] rundll32.exe "C:\WINDOWS\system32\klttkfig.dll",b
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [WMDM PMSP Service] C:\WINDOWS\system32\cssrss.exe
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKLM\..\Run: [BM1bd56218] Rundll32.exe "C:\WINDOWS\system32\jxfmvxsr.dll",s
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S165.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\otman\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\otman\Application Data\Microsoft\Windows\wxlvngn.exe
O4 - HKCU\..\Run: [Aeic] "C:\DOCUME~1\otman\MESDOC~1\YSTEM3~1\ntvdm.exe" -vt yazb
O4 - HKCU\..\Run: [Zmjelh] "C:\Program Files\?dobe\w?auboot.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: printers - {843444A4-CEE0-43C8-8FE5-9F906AE3CC84} - libcintle2.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
|
|
|
|
|
Bon
Telecharge ceci : ftp://ftp.commentcamarche.com/download/f-sasser.exe
Et execute le.
Ensuite telecharge SmitFraudfix : http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Suit le guide ici : http://siri.urz.free.fr/Fix/
Ensuite:
1) Télécharge et installe Malwarebyte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
*** Referme le programme ***
2) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
3) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Exécuter un examen complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
Mode sans échec:
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparait rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Pour: christellem14
Fixe les lignes suivantes :
O3 - Toolbar: atfxqogp - {736569A1-1F42-4ECD-A4E5-2B05341D41FF} - C:\WINDOWS\atfxqogp.dll
Telecharge Msnfix : http://sosvirus.changelog.fr/MSNFix.zip
Et suit le guide ici : http://www.malekal.com/tutorial_MSNFix.php
-->Message édité par VIRUS_KILLER+ le 01/06/2008 12:11:47<--
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Voici mon rapport et merci, désolé pour l'attente je ne suis pas du pc.
Malwarebytes' Anti-Malware 1.14
Version de la base de données: 811
12:47:39 01/06/2008
mbam-log-6-1-2008 (12-47-39).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 123113
Temps écoulé: 14 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 62
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 22
Fichier(s) infecté(s): 112
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\awtrRJyv.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\mlJBQKAt.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{9aee7fa8-0da7-4c8a-8b3e-fbb6b979c657} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9aee7fa8-0da7-4c8a-8b3e-fbb6b979c657} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtrrjyv (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{def85c80-216a-43ab-af70-1665edbe2780} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{30baf6a2-c6f4-4d13-9535-a34b817f5e7f} (Adware.TTC) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30baf6a2-c6f4-4d13-9535-a34b817f5e7f} (Adware.TTC) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spcron (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Svconr (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72007373-6ed3-42eb-a09b-6667ecc887d3} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72007373-6ed3-42eb-a09b-6667ecc887d3} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpyShredder (Rogue.SpyShredder) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{9aee7fa8-0da7-4c8a-8b3e-fbb6b979c657} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Eroca (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Svconr (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SfKg6wIP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LSA Shellu (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\18e65184 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpyShredder (Rogue.SpyShredder) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM1bd56218 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WMDM PMSP Service (Backdoor.Knocker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Trojan.Agent) -> Data: spc.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljbqkat -> Delete on reboot.
Dossier(s) infecté(s):
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\A1 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\Svconr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Eroca (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\awtrRJyv.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\Eroca\Eroca.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Svconr\Svconr.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\Microsoft\Windows\wxlvngn.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\lsass.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\klttkfig.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1188.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Spcron\Spc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\kl.exe (Malware.Tool) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\Goto Software\fohi821058.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027596.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027623.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027637.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027662.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b155.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\b156.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1188.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnkHYRk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyyxYon.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder\SpyShredder.exe (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder\SpyShredder.lic (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder\SpyShredder0.ss (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder\SpyShredder1.ss (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\SpyShredder\Uninstall.exe (Rogue.SpyShredder) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack\QdrPack16.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Documents and Settings\otman\Application Data\speedrunner\SpeedRunner.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gside.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxfmvxsr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zxdnt3d.cfg. (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cssrss.exe (Backdoor.Knocker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJBQKAt.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\b148.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b149.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\image014.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image017.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image02.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image020.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image029.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image035.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image05.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image062.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image071.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image08.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image095.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images15.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images24.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images30.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images36.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images51.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images63.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images69.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images75.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images78.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images93.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo12.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo18.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo21.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo3.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo30.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo45.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo63.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo69.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo72.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo84.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo87.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_16.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_31.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_46.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_49.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_52.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_55.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_67.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_85.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_91.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album37.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album40.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album43.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album49.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album55.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album58.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album61.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album70.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album91.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
|
|
|
|
|
Pour bountao : voila trés bien,MalwareBytes AntiMalware a supprimer beaucoup d'infection.
Pour christellem14 et bountao :
Aller dans demarrer > Panneau de configuration > Ajouter ou Supprimer des programmes > Regarder si il y a pas cid helper > Déssinstaller le si il y est.
Ensuite pour tous les deux:
Telechargez et installez Navilog : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Ensuite double clique sur le logiciel > Choisie la langue de ton choix (par exemple : F pour Francais) > Appuyez sur Entrée > Laisse vous guider > vous accedez ensuite au menu principal > Appuye sur 1(Recherche) > Attend que l'analyse soit terminer > Le rapport s'affiche > Copie/Colle le rapport sur le Forum.
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Salut
A oui j'ai oublier de dire de désactiver ton Antivirus car il detecte certain composant de ce programme comme etant dangereu.Mais il sert pour les désinfection.Lance le et envoi un rapport.
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
Modérateur/Helper
|
|
|
 Bonjour à tous,
Pour rappel des règles, un sujet unique par personne. On ne s'incruste pas dans le sujet d'un autre, n'est-ce pas christellem14 ?
On ne désinfecte pas deux internautes sur un même sujet, n'est-ce pas VIRUS_KILLER+ ?
Merci de consulter les règles du forum et de les respecter ! 
Veuillez lire l'article suivant :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/a_(...)
Tous les messages de christellem14 vont être supprimés. christellem14, vous devrez créer votre propre sujet pour obtenir de l'aide.
Cordialement,
Mérillym.
-->Message édité par Mérillym le 01/06/2008 17:01:25<--
|
|
|
|
|
Merci pour ton aide voici le rapport:
Search Navipromo version 3.5.7 commencé le 01/06/2008 à 20:03:50,85
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "otman"
Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\otman\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\otman\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
C:\WINDOWS\system32\tAKQBJlm.ini2 trouvé ! infection Vundo possible non traitée par cet outil !
*** Analyse terminée le 01/06/2008 à 20:07:00,95 ***
|
|
|
|
|
merci pour ton aide
Search Navipromo version 3.5.7 commencé le 01/06/2008 à 20:03:50,85
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "otman"
Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\otman\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\otman\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\otman\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
C:\WINDOWS\system32\tAKQBJlm.ini2 trouvé ! infection Vundo possible non traitée par cet outil !
*** Analyse terminée le 01/06/2008 à 20:07:00,95 ***
|
|
|
|
|
voici le rapport de mon antivirus
*
* Rapport avast!
* Ce fichier est généré automatiquement
*
* Tâche utilisée 'Interface utilisateur simplifiée'
* Débuté le dimanche 1 juin 2008 20:38:29
* VPS : 080531-1, 31/05/2008
*
C:\Documents and Settings\otman\Local Settings\Temporary Internet Files\Content.IE5\B0MVD2RU\kb713501[1] [L] Win32:PrivacySet-B [Trj] (0)
Le fichier sera supprimé au prochain démarrage de l'ordinateur...
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027778.dll\[PECompact] [L] Win32:Agent-RY [Trj] (0)
Fichier supprimé avec succès...
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0027779.exe [L] Win32:BHO-OU [Trj] (0)
Fichier supprimé avec succès...
Fichiers infectés : 3
Total des fichiers : 89099
Total des dossiers : 8396
Taille totale : 258,8 GB
*
* Tâche arrêtée : dimanche 1 juin 2008 20:55:05
* Programme en exécution était 16 minute(s), 36 seconde(s)
*
|
|
|
|
|
Bon il n'y rien dans le rapport Navilog.
Les fichiers detecter par Avast seront supprimer au redemarrage.
Ensuite dit moi tu utilise Mozilla Firefox ou Internet Explorer?
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
|
J'utilise internet explorer.
|
|
|
|
|
D'accord.Maitenant on va faire un scan Antivirus en ligne.
BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm
Envoi moi ensuite le rapport de l'analyse.
Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Merci de ton aide, il y a moins de pub mais mon pc se fige beaucoup maintenant par exemple quand j'ouvre une fenêtre n'importe laquelle comme internet explorer, la fenêtre s'ouvre mais il n'y a pas de contenu et c la qu'elle se fige enfin bref voici le rapport:
BitDefender Online Scanner
Rapport d'analyse généré à: Wed, Jun 04, 2008 - 01:04:38
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;
Statistiques
Temps
00:14:32
Fichiers
94641
Directoires
8432
Secteurs de boot
3
Archives
837
Paquets programmes
10228
Résultats
Virus identifiés
3
Fichiers infectés
3
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
3
Info sur les moteurs
Définition virus
1149421
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
14
Archive des plugins
39
Unpack des plugins
7
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C2F7D7E.exe=>(Quarantine-2)=>(CAB Sfx r)=>VVSN.exe
Infecté par: Generic.Adw.SaveNow.56AD4696
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C2F7D7E.exe=>(Quarantine-2)=>(CAB Sfx r)=>VVSN.exe
Echec de la désinfection
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C2F7D7E.exe=>(Quarantine-2)=>(CAB Sfx r)=>VVSN.exe
Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C2F7D7E.exe=>(Quarantine-2)=>(CAB Sfx r)
Echec de la mise à jour
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP251\A0029196.exe
Infecté par: Trojan.LowZones.SG
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP251\A0029196.exe
Supprimé
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP251\A0029197.exe
Infecté par: Trojan.Retapu.D
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP251\A0029197.exe
Echec de la désinfection
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP251\A0029197.exe
Supprimé
|
|
|
|
|
il a trouver certains fichiers dans la quaraintaine de Norton.
Bon ton probleme est il résolu?(Pour les Pubs).
En recoi tu encore ?
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
Salut,
Il y a de temps a autre une page de pub qui vient mais rien de grave comparé a ce qu'il y avait y'a 3 jours, par contre je n'arrive plus a ouvrir I.E ou mozilla, je ne peux aller sur le net qu'avec le navigateur orange.
I.E s'ouvre de temps a autre mais l'image se fige dès que la page apparait quand a mozilla c'est peine perdu ça ne se lance même plus.
Voila ce qu'il en ait.
Merci de ton aide précieuse
|
|
|
|
|
Par contre la j'ai pas trop d'idée poue le probleme de Internet Explorer ou Mozilla.Désoler.
Sinon peut étre en essayn zebrestore ca marchera.
ftp://zebulon.fr/Zeb-Restore.zip
Voila coche les differentes options et lance le logiciel,il fera son boulot tou seul.Redemarret on PC et essaye de voir si Internet Explorer ou Mozilla marche.
Bonne chance!
-------
VIRUS_KILLER sorti d'un monde imaginaire va exterminer vos Virus dans la mesure du possible.Et selon le temp qu'il a.
|
|
|
|
|
|
Merci pour le coup de pouce tout semble aller mieux à présent.
|
|
|
1
|
