Formatage
spomino
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
alors voila je pense que mon ordi est infecté et je voudrais formater l'ordinateur je voudrais savoir que faire des fichiers que je veux garder. Les mettre sur un périphérique? OK mais n'y a t-il pas un danger que les virus subsistent via ce périphérique ? Merci de m'éclairer
alors voila je pense que mon ordi est infecté et je voudrais formater l'ordinateur je voudrais savoir que faire des fichiers que je veux garder. Les mettre sur un périphérique? OK mais n'y a t-il pas un danger que les virus subsistent via ce périphérique ? Merci de m'éclairer
A voir également:
- Formatage
- Formatage pc - Guide
- Formatage clé usb - Guide
- Formatage apfs - Guide
- Formatage conditionnel excel - Guide
- Formatage exfat ou ntfs - Guide
39 réponses
non a la fin du scan il crée un fichier sur le bureau qu il faut envoyer au créateur du logiciel pour l aider a développer son programme mais tu ne ma pas mis le rapport de usbfix option 2
il se trouve ici comme je te lai déjà dis Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
tu a bien fais option 2 ?
il se trouve ici comme je te lai déjà dis Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
tu a bien fais option 2 ?
ben oui j'ai taper 2 (sa doit etre suppression je crois) ou alors tu voulais celle a la droite du 1er alors c'est listing c'est ca ?
sinon dans C:\Usbfix.txt j'ai :
############################## | UsbFix V6.094 |
User : lucas (Administrateurs) # DUGNY
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:57:26 | 14/02/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) 64 Processor 3200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Avira AntiVir PersonalEdition 7.0.2.117
[ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 152,66 Go (25,88 Go free) # NTFS
D:\ -> Disque CD-ROM # 7,05 Go (0 Mo free) [3282_26451] # UDF
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 960,72 Mo (596,64 Mo free) [USB DISK] # FAT
G:\ -> Disque amovible # 7,4 Go (4,57 Go free) [IPOD (QUENT] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Elements infectieux |
Supprimé ! C:\Program Files\Dot1XCfg
Supprimé ! C:\Program Files\Temporary
Supprimé ! C:\regxpcom.exe
Supprimé ! C:\temp.txt
Supprimé ! C:\Recycler\S-1-5-21-1644491937-1715567821-839522115-1005
Supprimé ! C:\Recycler\S-1-5-21-1644491937-1715567821-839522115-1006
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1004
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1005
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1006
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1007
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-500
Supprimé ! G:\.\Recycler\svchost.exe
################## | Registre |
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS]
Supprimé ! [HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SSHNAS]
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{cce0815e-0c20-11df-9f2c-0018f3028254}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1ca36b0-13f9-11df-9f3e-0018f3028254}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[15/02/2008 18:12|--a------|197] C:\ASWL2K.ini
[18/01/2006 16:17|--a------|0] C:\AUTOEXEC.BAT
[15/02/2008 18:38|---hs----|216] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[18/01/2006 16:17|--a------|0] C:\CONFIG.SYS
[24/01/2010 17:01|--a------|366] C:\DelSysReg.log
[11/06/2009 21:52|--a------|119] C:\dgindex.bat
[18/01/2006 16:17|-rahs----|0] C:\IO.SYS
[28/11/2009 19:12|--a------|26] C:\Last Formats.azl
[28/11/2009 19:11|--a------|0] C:\Last List.azl
[04/04/2009 10:20|--a------|45724] C:\MP4debug.log
[11/06/2009 21:49|--a------|3977] C:\mpeg.txt
[18/01/2006 16:17|-rahs----|0] C:\MSDOS.SYS
[11/06/2009 21:56|--a------|136] C:\muxmp4.bat
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[22/09/2008 17:21|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[11/02/2008 18:22|--a------|184] C:\Setup.log
[08/02/2008 18:42|--a------|629] C:\SMax.log
[17/01/2008 18:07|--ahs----|4096] C:\Thumbs.db
[14/02/2010 15:05|--a------|4022] C:\UsbFix.txt
[18/11/2009 18:34|--a------|1348] F:\Nostale.lnk
[16/01/2010 10:55|--a------|137398872] F:\HaloTrial (2).exe
[01/01/2000 03:34|---------|0] G:\.metadata_never_index
[02/11/2009 20:45|--a------|3020] G:\BOOTEX.LOG
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix .
# F:\autorun.inf -> Dossier créé par UsbFix .
# G:\autorun.inf -> Dossier créé par UsbFix .
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_DUGNY.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
############################## | UsbFix V6.094 |
User : lucas (Administrateurs) # DUGNY
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:57:26 | 14/02/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) 64 Processor 3200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Avira AntiVir PersonalEdition 7.0.2.117
[ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 152,66 Go (25,88 Go free) # NTFS
D:\ -> Disque CD-ROM # 7,05 Go (0 Mo free) [3282_26451] # UDF
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 960,72 Mo (596,64 Mo free) [USB DISK] # FAT
G:\ -> Disque amovible # 7,4 Go (4,57 Go free) [IPOD (QUENT] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Elements infectieux |
Supprimé ! C:\Program Files\Dot1XCfg
Supprimé ! C:\Program Files\Temporary
Supprimé ! C:\regxpcom.exe
Supprimé ! C:\temp.txt
Supprimé ! C:\Recycler\S-1-5-21-1644491937-1715567821-839522115-1005
Supprimé ! C:\Recycler\S-1-5-21-1644491937-1715567821-839522115-1006
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1004
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1005
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1006
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-1007
Supprimé ! C:\Recycler\S-1-5-21-507921405-2077806209-839522115-500
Supprimé ! G:\.\Recycler\svchost.exe
################## | Registre |
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS]
Supprimé ! [HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SSHNAS]
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{cce0815e-0c20-11df-9f2c-0018f3028254}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1ca36b0-13f9-11df-9f3e-0018f3028254}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[15/02/2008 18:12|--a------|197] C:\ASWL2K.ini
[18/01/2006 16:17|--a------|0] C:\AUTOEXEC.BAT
[15/02/2008 18:38|---hs----|216] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[18/01/2006 16:17|--a------|0] C:\CONFIG.SYS
[24/01/2010 17:01|--a------|366] C:\DelSysReg.log
[11/06/2009 21:52|--a------|119] C:\dgindex.bat
[18/01/2006 16:17|-rahs----|0] C:\IO.SYS
[28/11/2009 19:12|--a------|26] C:\Last Formats.azl
[28/11/2009 19:11|--a------|0] C:\Last List.azl
[04/04/2009 10:20|--a------|45724] C:\MP4debug.log
[11/06/2009 21:49|--a------|3977] C:\mpeg.txt
[18/01/2006 16:17|-rahs----|0] C:\MSDOS.SYS
[11/06/2009 21:56|--a------|136] C:\muxmp4.bat
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[22/09/2008 17:21|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[11/02/2008 18:22|--a------|184] C:\Setup.log
[08/02/2008 18:42|--a------|629] C:\SMax.log
[17/01/2008 18:07|--ahs----|4096] C:\Thumbs.db
[14/02/2010 15:05|--a------|4022] C:\UsbFix.txt
[18/11/2009 18:34|--a------|1348] F:\Nostale.lnk
[16/01/2010 10:55|--a------|137398872] F:\HaloTrial (2).exe
[01/01/2000 03:34|---------|0] G:\.metadata_never_index
[02/11/2009 20:45|--a------|3020] G:\BOOTEX.LOG
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix .
# F:\autorun.inf -> Dossier créé par UsbFix .
# G:\autorun.inf -> Dossier créé par UsbFix .
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_DUGNY.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
? jai pas compris ? MOI je veux le rapport usbfix option 2
est fais le reste de la manip comme demandé
est fais le reste de la manip comme demandé
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tu q envoyer le fichier qui il y a sur ton bureau a cette adresse https://www.ionos.fr/?affiliate_id=77097
dans comptes d'utilisateur je ne trouve pas l'option que tu me demandes d'activer ou desactiver je sais plus sinon j'ai recommencer l'option 2 de usb fix
NON ces pas la peine de recommancer usbfix
tu est bien sous vista ?
dans compte d utilisateur tu a une case a décoche si tu trouve pas utilise le lien que je tai donné tous est expliquer en image
fais ad remover et le reste
tu est bien sous vista ?
dans compte d utilisateur tu a une case a décoche si tu trouve pas utilise le lien que je tai donné tous est expliquer en image
fais ad remover et le reste
ad remover terminé,je rappelle je suis sous XP:
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.02.2010 à 17:34
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 16:35:59, 14/02/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: DUGNY | Utilisateur actuel: lucas
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: *Application Updater*
C:\DOCUME~1\lucas\MENUDM~1\PROGRA~1\PlayMP3z
C:\Program Files\Application Updater
C:\Program Files\Dealio Toolbar
C:\Program Files\EoRezo
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\pdfforge Toolbar
C:\Program Files\PlayMP3z
C:\Program Files\Search Settings
C:\Program Files\Viewpoint
C:\DOCUME~1\lucas\APPLIC~1\EoRezo
C:\DOCUME~1\lucas\APPLIC~1\ItsLabel
C:\DOCUME~1\lucas\APPLIC~1\pdfforge
C:\DOCUME~1\lucas\APPLIC~1\Search Settings
C:\Windows\Installer\793ce.msi
C:\Windows\Installer\793f1.msi
C:\Windows\Installer\7940b.msi
C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater
C:\Documents and Settings\quentin\Application Data\Dealio
C:\Documents and Settings\laurent\Application Data\Dealio
C:\Documents and Settings\quentin\Application Data\pdfforge
C:\Documents and Settings\laurent\Application Data\pdfforge
C:\Documents and Settings\quentin\Application Data\Search Settings
C:\Documents and Settings\laurent\Application Data\Search Settings
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\EoRezo
HKCU\software\FBrowsingAdvisor
HKCU\software\ItsLabel
HKCU\software\MediaHoldings
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\software\Mirar
HKCU\software\pdfforge
HKCU\software\PlayMP3
HKCU\software\Search Settings
HKLM\software\Application Updater
HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\software\classes\EoRezoBHO.EoBho
HKLM\software\classes\EoRezoBHO.EoBho.1
HKLM\software\classes\installer\Products\96DC878CBD58B624183A7E1157AABE19
HKLM\Software\Classes\Interface\{1037B06C-84B7-4240-8D80-485810A0497D}
HKLM\Software\Classes\Interface\{4A6B3860-FF3F-47A6-A21D-EFE9E56FB1E4}
HKLM\Software\Classes\Interface\{54B287F9-FD90-4457-B65E-CB91560C021D}
HKLM\Software\Classes\Interface\{6CB9A28B-1D90-F2BA-4DA7-D0630293AC69}
HKLM\Software\Classes\Interface\{6E4C7AFC-9915-4036-B7F9-8B3F1710788F}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\Interface\{F9DD1CE0-8153-F9BE-FFA9-F351EC261D60}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\software\Dealio
HKLM\software\EoRezo
HKLM\software\ItsLabel
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\23A03A6765D10864EB278629A2DF32C3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\377026901A2D8744A8423A983B50E0D1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\3A4FCCE032CA50340A6975C92410AE30
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6E00D9B24354FBA44AE2CA0FA86EF2E2
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\76DA9915C36F3D742951F63351CF5C97
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7C13F41728A69EF41AA1A3372FB86FA6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9B0B0584E80456A4FB98DA3973B1EB3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A89F1E0FE544529429C8BF82FE74CE39
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B278DBFACA5AB424DA79915F3A109F9A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B3B348F18694F1949B4D6BD9507F2886
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B92A2929968AED344BD6B34AD60E6604
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C9667115F6A9CE340B31B63B680FF26F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E48E3A6D380B2EC4ABCEB3BA048D767F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EFB70E89C3D6D354596520DE424F89D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F49A213B5069AC348994D03F81B56C19
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F715D253BF28D554C9C0F60ABA8585CF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\96DC878CBD58B624183A7E1157AABE19
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\software\microsoft\windows\currentversion\uninstall\{C878CD69-85DB-426B-81A3-E71175AAEB91}
HKLM\software\microsoft\windows\currentversion\uninstall\FBrowsingAdvisor_is1
HKLM\software\microsoft\windows\currentversion\uninstall\PlayMP3
HKLM\software\pdfforge
HKLM\software\Search Settings
.
============== Scan additionnel ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\lucas\Local Settings\Temp\apatch.exe
.
===================================
.
8488 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
2800 Fichier(s) - C:\DOCUME~1\lucas\LOCALS~1\Temp
121 Fichier(s) - C:\WINDOWS\Temp
10 Fichier(s) - C:\WINDOWS\Prefetch
.
16 Fichier(s) - C:\Ad-Remover\BACKUP
101 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 16:43:14 | 14/02/2010 - CLEAN[1]
.
============== E.O.F ==============
.
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.02.2010 à 17:34
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 16:35:59, 14/02/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: DUGNY | Utilisateur actuel: lucas
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: *Application Updater*
C:\DOCUME~1\lucas\MENUDM~1\PROGRA~1\PlayMP3z
C:\Program Files\Application Updater
C:\Program Files\Dealio Toolbar
C:\Program Files\EoRezo
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\pdfforge Toolbar
C:\Program Files\PlayMP3z
C:\Program Files\Search Settings
C:\Program Files\Viewpoint
C:\DOCUME~1\lucas\APPLIC~1\EoRezo
C:\DOCUME~1\lucas\APPLIC~1\ItsLabel
C:\DOCUME~1\lucas\APPLIC~1\pdfforge
C:\DOCUME~1\lucas\APPLIC~1\Search Settings
C:\Windows\Installer\793ce.msi
C:\Windows\Installer\793f1.msi
C:\Windows\Installer\7940b.msi
C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater
C:\Documents and Settings\quentin\Application Data\Dealio
C:\Documents and Settings\laurent\Application Data\Dealio
C:\Documents and Settings\quentin\Application Data\pdfforge
C:\Documents and Settings\laurent\Application Data\pdfforge
C:\Documents and Settings\quentin\Application Data\Search Settings
C:\Documents and Settings\laurent\Application Data\Search Settings
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\EoRezo
HKCU\software\FBrowsingAdvisor
HKCU\software\ItsLabel
HKCU\software\MediaHoldings
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\software\Mirar
HKCU\software\pdfforge
HKCU\software\PlayMP3
HKCU\software\Search Settings
HKLM\software\Application Updater
HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\software\classes\EoRezoBHO.EoBho
HKLM\software\classes\EoRezoBHO.EoBho.1
HKLM\software\classes\installer\Products\96DC878CBD58B624183A7E1157AABE19
HKLM\Software\Classes\Interface\{1037B06C-84B7-4240-8D80-485810A0497D}
HKLM\Software\Classes\Interface\{4A6B3860-FF3F-47A6-A21D-EFE9E56FB1E4}
HKLM\Software\Classes\Interface\{54B287F9-FD90-4457-B65E-CB91560C021D}
HKLM\Software\Classes\Interface\{6CB9A28B-1D90-F2BA-4DA7-D0630293AC69}
HKLM\Software\Classes\Interface\{6E4C7AFC-9915-4036-B7F9-8B3F1710788F}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\Interface\{F9DD1CE0-8153-F9BE-FFA9-F351EC261D60}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\software\Dealio
HKLM\software\EoRezo
HKLM\software\ItsLabel
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\23A03A6765D10864EB278629A2DF32C3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\377026901A2D8744A8423A983B50E0D1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\3A4FCCE032CA50340A6975C92410AE30
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6E00D9B24354FBA44AE2CA0FA86EF2E2
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\76DA9915C36F3D742951F63351CF5C97
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7C13F41728A69EF41AA1A3372FB86FA6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9B0B0584E80456A4FB98DA3973B1EB3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A89F1E0FE544529429C8BF82FE74CE39
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B278DBFACA5AB424DA79915F3A109F9A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B3B348F18694F1949B4D6BD9507F2886
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B92A2929968AED344BD6B34AD60E6604
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C9667115F6A9CE340B31B63B680FF26F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E48E3A6D380B2EC4ABCEB3BA048D767F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EFB70E89C3D6D354596520DE424F89D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F49A213B5069AC348994D03F81B56C19
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F715D253BF28D554C9C0F60ABA8585CF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\96DC878CBD58B624183A7E1157AABE19
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\software\microsoft\windows\currentversion\uninstall\{C878CD69-85DB-426B-81A3-E71175AAEB91}
HKLM\software\microsoft\windows\currentversion\uninstall\FBrowsingAdvisor_is1
HKLM\software\microsoft\windows\currentversion\uninstall\PlayMP3
HKLM\software\pdfforge
HKLM\software\Search Settings
.
============== Scan additionnel ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\lucas\Local Settings\Temp\apatch.exe
.
===================================
.
8488 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
2800 Fichier(s) - C:\DOCUME~1\lucas\LOCALS~1\Temp
121 Fichier(s) - C:\WINDOWS\Temp
10 Fichier(s) - C:\WINDOWS\Prefetch
.
16 Fichier(s) - C:\Ad-Remover\BACKUP
101 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 16:43:14 | 14/02/2010 - CLEAN[1]
.
============== E.O.F ==============
.
Téléchargez MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
est-on en train de nettoyer l'ordinateur complet ? ce qui m'arrangerait et simplifierait bien tout ou juste mes peripheriques usb ou le tout (PC + periph)
je vais lancer malware
je vais lancer malware
ben le PC et les support car si ton ordi est infecter a chaque fois que tu branche a ton pc ta clé usb elle va être réinfecter par le virus qui se trouve sur ton pc
est-ce que, apres ces operations, j'aurai besoin de formater mon ordinateur car en realiter je voulais le formater juste pour me debarasser des virus
pour info certain virus résiste a un formatage simple comme je pense tu a fais
en plus si tu branche tes clé usb infecter sur ton ordi sain qui viens être formater tu réinfecte ton PC comme tu viens de le faire
SI TU peux formater tous les jours aucun problème je te laisse mais sinon suis mes conseil
en plus si tu branche tes clé usb infecter sur ton ordi sain qui viens être formater tu réinfecte ton PC comme tu viens de le faire
SI TU peux formater tous les jours aucun problème je te laisse mais sinon suis mes conseil
je te fait confiance a 100% je veux absoluement me debarasser de ces trucs
comment ca j'ai reinfecter le PC ?
je n'ai pas deco reco de periph depuis que j'ai commencer les manips
sinon niveau scan j'ai mit a scanner tout les lecteurs(les periphs aussi) j'en suis a 18 fichiers infectés
comment ca j'ai reinfecter le PC ?
je n'ai pas deco reco de periph depuis que j'ai commencer les manips
sinon niveau scan j'ai mit a scanner tout les lecteurs(les periphs aussi) j'en suis a 18 fichiers infectés
ben tu ma dis que tu venais de formater ton pc he ben voila y a plein de virus car tu a été réinfecter par tes clé usb
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3738
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14/02/2010 20:30:35
mbam-log-2010-02-14 (20-30-35).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|)
Eléments examinés: 429959
Temps écoulé: 3 hour(s), 31 minute(s), 26 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 123
Processus mémoire infecté(s):
C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\csseqchk32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\2C.tmp (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\d3d932.dll (Trojan.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\d05b0ddf700 (Trojan.Tracur) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCenter (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\phime2002a (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\csseqchk32.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\csseqchk32.dll -> Delete on reboot.
Dossier(s) infecté(s):
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\p2pnetworks (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\registry_backup (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\acespy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\PerfInfo (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\d3d932.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csseqchk32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\2C.tmp (Trojan.Tracur) -> Delete on reboot.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP527\A0069011.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP533\A0070417.exe (Adware.Mirar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP582\A0094889.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099043.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099044.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099045.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102290.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102298.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102343.exe (Rogue.PClean) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102344.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102346.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076893.exe (Rogue.PClean) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076894.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076896.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-1644491937-1715567821-839522115-1005.UsbFix\Dc366.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc255.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc295.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc334.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc507.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc524.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc578.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc594.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc637.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc656.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc675.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc682.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc685.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc699.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc739.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc680.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc902.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1C.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\23.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nenejiyo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\BA.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jagenoki.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jajagedu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\5.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\68.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WinNB58.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\PROGRA~1\FBROWS~2\XPCOMEvents.dll.vir (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\PROGRA~1\PlayMP3z\PlayMP3.exe.vir (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\c.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\g.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\sshnas.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\quentin\Local Settings\Temp\6.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\CCDW3WA8\lsegihwln[1].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\CCDW3WA8\lsegihwln[2].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\JD7Y9097\cprdshtvt[1].htm (Backdoor.Sinowal) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\JD7Y9097\cprdshtvt[2].htm (Backdoor.Sinowal) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\RJ152F70\addy[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\RJ152F70\lsegihwln[1].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\curlog.htm (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\keylog.txt (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\readme.txt (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\awmsg.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\mfc42.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\msvcrt.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\unins000.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\unis000.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\winam.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\p2pnetworks\amp2pl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\uninstall.exe (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\registry_backup\2008.01.25 15.57.17.rb (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mu167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mu167860101v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\ntos.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\ntos.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Version de la base de données: 3738
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14/02/2010 20:30:35
mbam-log-2010-02-14 (20-30-35).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|)
Eléments examinés: 429959
Temps écoulé: 3 hour(s), 31 minute(s), 26 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 123
Processus mémoire infecté(s):
C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\csseqchk32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\2C.tmp (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\d3d932.dll (Trojan.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\d05b0ddf700 (Trojan.Tracur) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00df6602-934f-44d4-9359-3aee0fc6d866} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0113eb94-cac8-4716-967d-66c64b2d87c6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01243811-ca46-43f3-b63f-37c45396b56f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCenter (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\phime2002a (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\csseqchk32.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\csseqchk32.dll -> Delete on reboot.
Dossier(s) infecté(s):
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\p2pnetworks (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\registry_backup (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\acespy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\PerfInfo (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\d3d932.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csseqchk32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\2C.tmp (Trojan.Tracur) -> Delete on reboot.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP527\A0069011.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP533\A0070417.exe (Adware.Mirar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP582\A0094889.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099043.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099044.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP584\A0099045.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102290.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102298.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102343.exe (Rogue.PClean) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102344.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP587\A0102346.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076893.exe (Rogue.PClean) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076894.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{866E0948-B53A-4159-9780-675C96EBE68E}\RP543\A0076896.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-1644491937-1715567821-839522115-1005.UsbFix\Dc366.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc255.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc295.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc334.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc507.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc524.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc578.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc594.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc637.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc656.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc675.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc682.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc685.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc699.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc739.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc680.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-507921405-2077806209-839522115-1005.UsbFix\Dc902.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1C.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\23.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nenejiyo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\BA.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jagenoki.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jajagedu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\5.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\68.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WinNB58.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\PROGRA~1\FBROWS~2\XPCOMEvents.dll.vir (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\PROGRA~1\PlayMP3z\PlayMP3.exe.vir (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\c.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\g.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\sshnas.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\quentin\Local Settings\Temp\6.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\CCDW3WA8\lsegihwln[1].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\CCDW3WA8\lsegihwln[2].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\JD7Y9097\cprdshtvt[1].htm (Backdoor.Sinowal) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\JD7Y9097\cprdshtvt[2].htm (Backdoor.Sinowal) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\RJ152F70\addy[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\sphinx lucas\Local Settings\Temporary Internet Files\Content.IE5\RJ152F70\lsegihwln[1].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\curlog.htm (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\keylog.txt (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\readme.txt (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\awmsg.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\mfc42.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\msvcrt.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\unins000.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\unis000.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\amsys\winam.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\p2pnetworks\amp2pl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\uninstall.exe (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\Program Files\WinPerformance\registry_backup\2008.01.25 15.57.17.rb (Rogue.WinPerformance) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@i167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi167860101v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mu167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mu167860101v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu167860101v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i167860101v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u167860101v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\Utilisateur\Application Data\ntos.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\véronique\Application Data\ntos.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\laurent\Local Settings\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
putain assez infecter mais si tu compte formater ensuite on va juste faire sa
▶ Téléchargez Dr.Web CureIt! sur ton Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
▶ Double-cliquez sur drweb-cureit.exe et cliquez sur Commencer le scan.
▶ Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton Oui pour Tout à l'invite.
▶ Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
▶ Choisissez l'onglet Scanner, et décochez Analyse heuristique.
▶ De retour à la fenêtre principale : choisissez Analyse complète.
▶ Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
▶ Cliquez Oui pour Tout si un fichier est détecté.
▶ A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
▶ Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
▶ Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
▶ Fermez Dr.Web CureIt!
▶ Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
▶ Postez (Copiez/Collez) le contenu du rapport de l'outil Dr.Web dans un bloc note
Ensuite :
▶ Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
▶ Cliquez sur parcourir, chercher rapport DrWeb.txt puis sur cliquez ici pour déposer le fichier
▶ Une fois le lien crée, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse
▶ Téléchargez Dr.Web CureIt! sur ton Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
▶ Double-cliquez sur drweb-cureit.exe et cliquez sur Commencer le scan.
▶ Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton Oui pour Tout à l'invite.
▶ Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
▶ Choisissez l'onglet Scanner, et décochez Analyse heuristique.
▶ De retour à la fenêtre principale : choisissez Analyse complète.
▶ Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
▶ Cliquez Oui pour Tout si un fichier est détecté.
▶ A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
▶ Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
▶ Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
▶ Fermez Dr.Web CureIt!
▶ Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
▶ Postez (Copiez/Collez) le contenu du rapport de l'outil Dr.Web dans un bloc note
Ensuite :
▶ Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
▶ Cliquez sur parcourir, chercher rapport DrWeb.txt puis sur cliquez ici pour déposer le fichier
▶ Une fois le lien crée, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse
