Demade d'aide pour supression de virus
Résolu/Fermé
free-surf
Messages postés
116
Statut
Membre
-
moment de grace Messages postés 30049 Statut Contributeur sécurité -
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour, Je suis entrain de faire du grand nettoyage sur mes deux ordis, et mes disques dures qui sont pas mal infester, je souhaiterais obtenir votre aide afin de ne surtout pasz faire de betises car j'utilise mes pc dans un but proffessionnel et il ne faudrais surtout pas que je perde des dossiers, ou que celui plante et que je sois obliger de tout reinstaller, je vous remerci d'avance
dsl pour les accents clavier qwerty
dsl pour les accents clavier qwerty
A voir également:
- Demade d'aide pour supression de virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Virus informatique - Guide
- Undisclosed-recipients virus - Guide
63 réponses
heu, c'est bien la premiere fois que j'arrive pas a demarer en mode sans echec....
c'est bien F8? en tout cas c'est ce que j'ai fais au demararge et l'ordi m'affiche juste un page noir sans les option habituele tu aurais une idee?
c'est bien F8? en tout cas c'est ce que j'ai fais au demararge et l'ordi m'affiche juste un page noir sans les option habituele tu aurais une idee?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ouai c'est bon c'est ca mais il a un acces bisard pour reuissir a demarer en mode sans echec, la supression et en cours
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_E | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 07.12.2009 at 21:14
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 0:38:04, Tue 12/08/2009 | Safe Mode | Option: CLEAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: STUDIO-CC32889D | Current user: Henri
.
============== NEUTRALIZED ELEMENT(S) ==============
.
C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-1415D1B8.pf
(!) -- Temp files deleted.
.
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
.
HKCU\..\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} (Orphan registry key)
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://www.msn.com/
Start Page Redirect Cache_TIMESTAMP: c691bd2c2068ca01
Start Page Redirect Cache AcceptLangs: en-us
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Henri\Desktop\BURREAU\ANYDVD.V6.0.9.0\PATCH\SLYSOFT PRODUCTS UNIVERSAL PATCH V1.38 4IN1.EXE
C:\Documents and Settings\Henri\Desktop\BURREAU\plugins rev delay comp\drumagog v1.4.7.3 cracked.rar
C:\Documents and Settings\Henri\Desktop\BURREAU\plugins rev delay comp\WaveMachine.Labs.Drumagog.Platinum.VST.RTAS.v4.10.incl.Keygen-AiR.rar
.
===================================
.
2867 Byte(s) - C:\Ad-Report-CLEAN[1].log
3266 Byte(s) - C:\Ad-Report-SCAN[1].log
.
0 File(s) - C:\DOCUME~1\Henri\LOCALS~1\Temp
0 File(s) - C:\WINDOWS\Temp
.
18 File(s) - C:\Program Files\Ad-Remover\BACKUP
1 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 0:41:21 | Tue 12/08/2009 - CLEAN[1]
.
============== E.O.F ==============
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_E | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 07.12.2009 at 21:14
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 0:38:04, Tue 12/08/2009 | Safe Mode | Option: CLEAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: STUDIO-CC32889D | Current user: Henri
.
============== NEUTRALIZED ELEMENT(S) ==============
.
C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-1415D1B8.pf
(!) -- Temp files deleted.
.
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
.
HKCU\..\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} (Orphan registry key)
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://www.msn.com/
Start Page Redirect Cache_TIMESTAMP: c691bd2c2068ca01
Start Page Redirect Cache AcceptLangs: en-us
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Henri\Desktop\BURREAU\ANYDVD.V6.0.9.0\PATCH\SLYSOFT PRODUCTS UNIVERSAL PATCH V1.38 4IN1.EXE
C:\Documents and Settings\Henri\Desktop\BURREAU\plugins rev delay comp\drumagog v1.4.7.3 cracked.rar
C:\Documents and Settings\Henri\Desktop\BURREAU\plugins rev delay comp\WaveMachine.Labs.Drumagog.Platinum.VST.RTAS.v4.10.incl.Keygen-AiR.rar
.
===================================
.
2867 Byte(s) - C:\Ad-Report-CLEAN[1].log
3266 Byte(s) - C:\Ad-Report-SCAN[1].log
.
0 File(s) - C:\DOCUME~1\Henri\LOCALS~1\Temp
0 File(s) - C:\WINDOWS\Temp
.
18 File(s) - C:\Program Files\Ad-Remover\BACKUP
1 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 0:41:21 | Tue 12/08/2009 - CLEAN[1]
.
============== E.O.F ==============
.
ok
Téléchargez MalwareByte's Anti-Malware
https://www.majorgeeks.com/files/details/malwarebytes_anti_malware.html
. Sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Téléchargez MalwareByte's Anti-Malware
https://www.majorgeeks.com/files/details/malwarebytes_anti_malware.html
. Sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
ok, les plug ont ete bien ou pqs ? parce que d'apres le rapport(j'y comprend pas grand chose en log) il les as suspecte mais c'est pas indique qu'ils ont ete suprimees.
a dans 45 minutes
a dans 45 minutes
le scan vient de finir et 44 infection detece voici le rapport
Malwarebytes' Anti-Malware 1.42
Version de la base de donnיes: 3312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/8/2009 2:21:04 AM
mbam-log-2009-12-08 (02-20-54).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Elיments examinיs: 497402
Temps יcoulי: 1 hour(s), 17 minute(s), 45 second(s)
Processus mיmoire infectי(s): 0
Module(s) mיmoire infectי(s): 5
Clי(s) du Registre infectיe(s): 0
Valeur(s) du Registre infectיe(s): 1
Elיment(s) de donnיes du Registre infectי(s): 2
Dossier(s) infectי(s): 1
Fichier(s) infectי(s): 35
Processus mיmoire infectי(s):
(Aucun יlיment nuisible dיtectי)
Module(s) mיmoire infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> No action taken.
Clי(s) du Registre infectיe(s):
(Aucun יlיment nuisible dיtectי)
Valeur(s) du Registre infectיe(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp-24ae0b83 (Trojan.Agent) -> No action taken.
Elיment(s) de donnיes du Registre infectי(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4 (Worm.AutoRun) -> No action taken.
Fichier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> No action taken.
C:\Program Files\CDXTRACT4\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP284\A0065934.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0065946.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0069535.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP286\A0069543.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069552.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069571.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089244.exe (Spyware.OnlineGames) -> No action taken.
C:\WINDOWS\system32\shell.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\com.run (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\dp1.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\eAPI.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089249.exe (Spyware.OnlineGames) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
E:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089254.exe (Spyware.OnlineGames) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\internet.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\RegEx.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\spec.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Start Menu\Programs\Startup\¡¡¡¡¡¡.lnk (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\internet.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\og.edt (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\spec.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\XP-24AE0B83.EXE (Trojan.Agent) -> No action taken.
Malwarebytes' Anti-Malware 1.42
Version de la base de donnיes: 3312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/8/2009 2:21:04 AM
mbam-log-2009-12-08 (02-20-54).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Elיments examinיs: 497402
Temps יcoulי: 1 hour(s), 17 minute(s), 45 second(s)
Processus mיmoire infectי(s): 0
Module(s) mיmoire infectי(s): 5
Clי(s) du Registre infectיe(s): 0
Valeur(s) du Registre infectיe(s): 1
Elיment(s) de donnיes du Registre infectי(s): 2
Dossier(s) infectי(s): 1
Fichier(s) infectי(s): 35
Processus mיmoire infectי(s):
(Aucun יlיment nuisible dיtectי)
Module(s) mיmoire infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> No action taken.
Clי(s) du Registre infectיe(s):
(Aucun יlיment nuisible dיtectי)
Valeur(s) du Registre infectיe(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp-24ae0b83 (Trojan.Agent) -> No action taken.
Elיment(s) de donnיes du Registre infectי(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4 (Worm.AutoRun) -> No action taken.
Fichier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> No action taken.
C:\Program Files\CDXTRACT4\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP284\A0065934.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0065946.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0069535.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP286\A0069543.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069552.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069571.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089244.exe (Spyware.OnlineGames) -> No action taken.
C:\WINDOWS\system32\shell.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\com.run (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\dp1.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\eAPI.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089249.exe (Spyware.OnlineGames) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
E:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089254.exe (Spyware.OnlineGames) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\internet.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\RegEx.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\spec.fne (Worm.AutoRun) -> No action taken.
C:\Documents and Settings\Henri\Start Menu\Programs\Startup\¡¡¡¡¡¡.lnk (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\internet.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\og.edt (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\spec.fne (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> No action taken.
C:\WINDOWS\system32\XP-24AE0B83.EXE (Trojan.Agent) -> No action taken.
j'attend ton accord pour supprimer etant donner qu'il y a des infections dans des plug tres important de cubase infectees
effectivement
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
je sais que tu tiens à ceux là et j'ai eu le nez fin de t'avoir conseiller de ne pas supprimer
deux solutions
1) la plus sage tout supprimer
2) la moins sage, graver les fichiers en question, puis refaire MBAM proprement en supprimant tout à la fin
c'est toi qui voit mais le 2) t'amènera forcément à nouveau des problèmes
j'attends ta réponse
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
je sais que tu tiens à ceux là et j'ai eu le nez fin de t'avoir conseiller de ne pas supprimer
deux solutions
1) la plus sage tout supprimer
2) la moins sage, graver les fichiers en question, puis refaire MBAM proprement en supprimant tout à la fin
c'est toi qui voit mais le 2) t'amènera forcément à nouveau des problèmes
j'attends ta réponse
je n'ai pas ferme MBAM, je peux decocher les programes de cubases et suprimer les autres ?
Les infections
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
sont-elles grave?
Merci d'avoir eu le nez fin
Les infections
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> No action taken.
sont-elles grave?
Merci d'avoir eu le nez fin
je peux decocher les programes de cubases et suprimer les autres ?
oui
sont-elles grave?
je ne sais pas...
Merci d'avoir eu le nez fin
j'espère pour toi que non pour leur réutilisation prochaine
refais un nouveau RSIT ensuite pour faire le point
oui
sont-elles grave?
je ne sais pas...
Merci d'avoir eu le nez fin
j'espère pour toi que non pour leur réutilisation prochaine
refais un nouveau RSIT ensuite pour faire le point
Malwarebytes' Anti-Malware 1.42
Version de la base de donnיes: 3312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/8/2009 2:53:30 AM
mbam-log-2009-12-08 (02-53-30).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Elיments examinיs: 497402
Temps יcoulי: 1 hour(s), 17 minute(s), 45 second(s)
Processus mיmoire infectי(s): 0
Module(s) mיmoire infectי(s): 5
Clי(s) du Registre infectיe(s): 0
Valeur(s) du Registre infectיe(s): 1
Elיment(s) de donnיes du Registre infectי(s): 2
Dossier(s) infectי(s): 1
Fichier(s) infectי(s): 35
Processus mיmoire infectי(s):
(Aucun יlיment nuisible dיtectי)
Module(s) mיmoire infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> Delete on reboot.
Clי(s) du Registre infectיe(s):
(Aucun יlיment nuisible dיtectי)
Valeur(s) du Registre infectיe(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp-24ae0b83 (Trojan.Agent) -> Quarantined and deleted successfully.
Elיment(s) de donnיes du Registre infectי(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4 (Worm.AutoRun) -> Delete on reboot.
Fichier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> Delete on reboot.
C:\Program Files\CDXTRACT4\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP284\A0065934.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0065946.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0069535.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP286\A0069543.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069552.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069571.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089244.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shell.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\com.run (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dp1.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eAPI.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089249.exe (Spyware.OnlineGames) -> Not selected for removal.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> Not selected for removal.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> Not selected for removal.
E:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089254.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\internet.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\RegEx.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Henri\Start Menu\Programs\Startup\¡¡¡¡¡¡.lnk (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\internet.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.edt (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XP-24AE0B83.EXE (Trojan.Agent) -> Delete on reboot.
je fini de graver les installations et je relance le scan
Version de la base de donnיes: 3312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/8/2009 2:53:30 AM
mbam-log-2009-12-08 (02-53-30).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Elיments examinיs: 497402
Temps יcoulי: 1 hour(s), 17 minute(s), 45 second(s)
Processus mיmoire infectי(s): 0
Module(s) mיmoire infectי(s): 5
Clי(s) du Registre infectיe(s): 0
Valeur(s) du Registre infectיe(s): 1
Elיment(s) de donnיes du Registre infectי(s): 2
Dossier(s) infectי(s): 1
Fichier(s) infectי(s): 35
Processus mיmoire infectי(s):
(Aucun יlיment nuisible dיtectי)
Module(s) mיmoire infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> Delete on reboot.
Clי(s) du Registre infectיe(s):
(Aucun יlיment nuisible dיtectי)
Valeur(s) du Registre infectיe(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp-24ae0b83 (Trojan.Agent) -> Quarantined and deleted successfully.
Elיment(s) de donnיes du Registre infectי(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4 (Worm.AutoRun) -> Delete on reboot.
Fichier(s) infectי(s):
C:\Documents and Settings\Henri\Local Settings\temp\E_4\krnln.fnr (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\com.run (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\dp1.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\shell.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\eAPI.fne (Worm.AutoRun) -> Delete on reboot.
C:\Program Files\CDXTRACT4\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP284\A0065934.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0065946.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP285\A0069535.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP286\A0069543.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069552.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP287\A0069571.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089244.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shell.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\com.run (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dp1.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eAPI.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\HALion 2\HALion2 Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\EZDrummer\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\Audio Programs\Steinberg\Cubase SX 3\Vstplugins\Waves\UninstallDiamond\UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
D:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089249.exe (Spyware.OnlineGames) -> Not selected for removal.
D:\Wizoo Darbuka & Latigo\best service artist grooves keygen.exe (Trojan.Downloader) -> Not selected for removal.
D:\Wizoo Darbuka & Latigo\Wizoo Darbuka & Latigo (DVD original) need keygen\best service artist grooves keygen.exe (Trojan.Downloader) -> Not selected for removal.
E:\System Volume Information\_restore{22BF0D84-E4DF-4306-84B5-810087C492F4}\RP348\A0089254.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\internet.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\RegEx.fne (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\Henri\Local Settings\temp\E_4\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Henri\Start Menu\Programs\Startup\¡¡¡¡¡¡.lnk (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\internet.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.edt (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XP-24AE0B83.EXE (Trojan.Agent) -> Delete on reboot.
je fini de graver les installations et je relance le scan
