Anna i liebe you milk@3 ne veut pas s'en alle
Fermé
douctour
-
8 déc. 2009 à 01:07
crapoulou Messages postés 28161 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 - 2 janv. 2010 à 00:17
crapoulou Messages postés 28161 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 - 2 janv. 2010 à 00:17
A voir également:
- Anna i liebe you milk@3 ne veut pas s'en alle
- And i miss you ✓ - Forum Musique / Radio / Clip
- Picasa 3 - Télécharger - Albums photo
- Chanson i love you année 70 ✓ - Forum Musique / Radio / Clip
- I trema - Forum Bureautique
- Couper photo en 3 instagram - Guide
2 réponses
crapoulou
Messages postés
28161
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
10 déc. 2009 à 17:20
10 déc. 2009 à 17:20
On va commencer par un nettoyage global :
Télécharge Malwarebytes’ Anti-Malware
= = = = >>> En cliquant ici <<< = = = =
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
Télécharge Malwarebytes’ Anti-Malware
= = = = >>> En cliquant ici <<< = = = =
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
crapoulou
Messages postés
28161
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
8 déc. 2009 à 02:54
8 déc. 2009 à 02:54
Salut,
Tu as plusieurs infections !!!
Tout d'abord, entre BitDefender et Antivir, tu DOIS faire un choix => un seul antivirus sur une même machine !!!
Désinstalle en un.
**********
Tu as des barres d'outils néfastes => on va utiliser Toolbar S&D :
Télécharges ToolBar S&D ( de Eric_71 )
= = = = >>> En cliquant ici <<< = = = =
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Clique droit sur l’exécutable puis sélectionne ‘Exécuter en tant qu’administrateur‘pour lancer l’outil.
* Une fois fait, tape F pour sélectionner le Français
* Choisis l’option 1 (Recherche) et tape sur Entrée.
* Une fois le scan finit, un rapport va apparaître au format .txt.
* Copie-colle l’intégralité de son contenu dans ta prochaine réponse ...
Note :
Le rapport est sauvegardé ici : C:\TB.txt
Tuto si besoin ICI
Tu as plusieurs infections !!!
Tout d'abord, entre BitDefender et Antivir, tu DOIS faire un choix => un seul antivirus sur une même machine !!!
Désinstalle en un.
**********
Tu as des barres d'outils néfastes => on va utiliser Toolbar S&D :
Télécharges ToolBar S&D ( de Eric_71 )
= = = = >>> En cliquant ici <<< = = = =
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Clique droit sur l’exécutable puis sélectionne ‘Exécuter en tant qu’administrateur‘pour lancer l’outil.
* Une fois fait, tape F pour sélectionner le Français
* Choisis l’option 1 (Recherche) et tape sur Entrée.
* Une fois le scan finit, un rapport va apparaître au format .txt.
* Copie-colle l’intégralité de son contenu dans ta prochaine réponse ...
Note :
Le rapport est sauvegardé ici : C:\TB.txt
Tuto si besoin ICI
salut,
je t'ai envoyé une réponse mais il me semble pas que je l'ai envoyée puisque je ne la vois pas donc je vais l'envoyer une deuxième fois .
-j'ai désinstallé bitdefender
-impssible de telecharger toolbar S&D il y a une boite de dialogue qui s'ouvre à chaque fois pour dire que IE ne peut pas telecharger DNSERROR.HTM de shdoclc.dll ( c koi ça?) site internet introuvable ou non disponible
-j'ai réessayé avec usbfix et j'ai effacé certaines lignes du rapport hijackthis (après l'avoir analysé en ligne sur hijackthis.com) j'ai pu virer anna i liebe you (je ne sais pas si j'ai bien fait ou pas) je t'envoie un nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:03:38, on 10/12/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC351D60-4CAC-4609-B1BC-432637DF7EA5}: NameServer = 41.221.20.4 66.28.0.45
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
je t'ai envoyé une réponse mais il me semble pas que je l'ai envoyée puisque je ne la vois pas donc je vais l'envoyer une deuxième fois .
-j'ai désinstallé bitdefender
-impssible de telecharger toolbar S&D il y a une boite de dialogue qui s'ouvre à chaque fois pour dire que IE ne peut pas telecharger DNSERROR.HTM de shdoclc.dll ( c koi ça?) site internet introuvable ou non disponible
-j'ai réessayé avec usbfix et j'ai effacé certaines lignes du rapport hijackthis (après l'avoir analysé en ligne sur hijackthis.com) j'ai pu virer anna i liebe you (je ne sais pas si j'ai bien fait ou pas) je t'envoie un nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:03:38, on 10/12/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC351D60-4CAC-4609-B1BC-432637DF7EA5}: NameServer = 41.221.20.4 66.28.0.45
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
salut,
je t'ai envoyé une réponse mais il me semble pas que je l'ai envoyée puisque je ne la vois pas donc je vais l'envoyer une deuxième fois .
-j'ai désinstallé bitdefender
-impssible de telecharger toolbar S&D il y a une boite de dialogue qui s'ouvre à chaque fois pour dire que IE ne peut pas telecharger DNSERROR.HTM de shdoclc.dll ( c koi ça?) site internet introuvable ou non disponible
-j'ai réessayé avec usbfix et j'ai effacé certaines lignes du rapport hijackthis (après l'avoir analysé en ligne sur hijackthis.com) j'ai pu virer anna i liebe you (je ne sais pas si j'ai bien fait ou pas) je t'envoie un nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:03:38, on 10/12/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC351D60-4CAC-4609-B1BC-432637DF7EA5}: NameServer = 41.221.20.4 66.28.0.45
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
je t'ai envoyé une réponse mais il me semble pas que je l'ai envoyée puisque je ne la vois pas donc je vais l'envoyer une deuxième fois .
-j'ai désinstallé bitdefender
-impssible de telecharger toolbar S&D il y a une boite de dialogue qui s'ouvre à chaque fois pour dire que IE ne peut pas telecharger DNSERROR.HTM de shdoclc.dll ( c koi ça?) site internet introuvable ou non disponible
-j'ai réessayé avec usbfix et j'ai effacé certaines lignes du rapport hijackthis (après l'avoir analysé en ligne sur hijackthis.com) j'ai pu virer anna i liebe you (je ne sais pas si j'ai bien fait ou pas) je t'envoie un nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:03:38, on 10/12/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC351D60-4CAC-4609-B1BC-432637DF7EA5}: NameServer = 41.221.20.4 66.28.0.45
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
1 janv. 2010 à 17:37
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3468
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
01/01/2010 14:06:49
mbam-log-2010-01-01 (14-06-49).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 320885
Temps écoulé: 1 hour(s), 41 minute(s), 1 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 70
Fichier(s) infecté(s): 127
Processus mémoire infecté(s):
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Unloaded process successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bycool (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_20_13_03 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_20_36_02 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_20_58_33 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_21_20_36 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_21_39_17 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_21_50_17 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_22_26_23 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_24_01_2009_23_15_07 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_12_39_31 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_13_14_47 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_15_38_02 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_16_28_12 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_17_17_47 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_18_08_22 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_20_27_45 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_25_01_2009_23_31_43 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_08_51_43 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_09_04_53 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_12_42_53 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_13_02_31 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_18_59_24 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_26_01_2009_21_06_43 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_00_02_09 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_08_50_13 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_11_19_49 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_13_30_22 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_14_49_06 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_16_36_52 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_16_46_25 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_27_01_2009_21_52_29 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_13_03_31 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_16_31_45 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_19_06_07 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_21_04_00 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_22_18_39 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_23_21_15 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_28_01_2009_23_34_10 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_09_11_32 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_10_14_09 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_12_56_47 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_16_20_53 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_18_10_48 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_18_13_01 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_18_31_43 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_29_01_2009_21_45_58 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_10_06_27 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_13_02_40 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_14_09_06 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_14_58_39 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_16_07_48 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_16_33_50 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_18_34_41 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_18_43_27 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_18_59_45 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_20_36_24 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_21_36_47 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_22_16_20 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_30_01_2009_23_00_07 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_31_01_2009_09_46_08 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_31_01_2009_15_20_04 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_31_01_2009_16_04_41 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_31_01_2009_17_36_40 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f\d\e\d\h\Administrateur_31_01_2009_17_39_21 (Worm.AutoRun) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\com.run (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\dp1.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\eAPI.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\shell.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Program Files\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9FDDDEE4-FC12-4236-AE51-8A820BB85EF8}\RP3\A0003949.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0081992.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082014.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082094.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082096.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082097.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082098.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082099.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082100.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082101.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP30\A0082102.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086602.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086638.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087585.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086600.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086601.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086603.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086610.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086614.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086616.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086618.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086624.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086627.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086629.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086630.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086631.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086635.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086636.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086639.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086640.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0086671.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087583.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087586.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087587.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087588.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087590.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0087591.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0088585.DLL (Adware.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0088586.DLL (Adware.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090782.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090783.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090784.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090785.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090786.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090787.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP31\A0090788.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091883.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091884.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091885.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091886.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091893.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091897.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091899.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091901.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091907.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091911.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091913.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091914.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091915.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091918.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091919.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091908.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091962.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091966.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091967.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091968.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP32\A0091969.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP33\A0103623.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP35\A0113696.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP40\A0138385.icd (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP40\A0140617.icd (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0155506.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0155607.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0162752.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0166912.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0168241.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0175278.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0176432.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP41\A0176434.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0177673.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0177675.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0180867.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0180869.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0182140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP42\A0182142.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP43\A0185382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP43\A0185384.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP44\A0187766.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP44\A0187769.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP44\A0189296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP44\A0189298.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP44\A0189465.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP45\A0189619.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP45\A0189621.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP45\A0190907.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP45\A0190909.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP46\A0196244.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP46\A0196251.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP46\A0196272.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP46\A0196277.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP46\A0196278.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FF3C7AE0-AAC0-4971-9515-20E29D5ED3A9}\RP49\A0199079.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\com.run (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dp1.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eAPI.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shell.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\internet.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\RegEx.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Local Settings\Temp\E_4\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM.001\Menu Démarrer\Programmes\Démarrage\¡¡¡¡¡¡.lnk (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\internet.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.edt (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spec.fne (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
svp éder moi!!!!!!!!!
2 janv. 2010 à 00:17
Merci de créer ton propre topic de désinfection sur le forum Virus / Sécurité.
Cordialement.
Crapoulou.