Faux centre de sécurité windows
Fermé
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
-
22 mars 2010 à 18:39
garfield62 Messages postés 16 Date d'inscription dimanche 19 octobre 2008 Statut Membre Dernière intervention 18 janvier 2012 - 22 mars 2010 à 22:01
garfield62 Messages postés 16 Date d'inscription dimanche 19 octobre 2008 Statut Membre Dernière intervention 18 janvier 2012 - 22 mars 2010 à 22:01
A voir également:
- Faux centre de sécurité windows
- Passer de windows 7 à windows 10 - Guide
- Windows 10 iso - Guide
- Centre de messagerie free - Guide
- Retourner ecran windows - Guide
- Clé windows 10 - Guide
7 réponses
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 299
22 mars 2010 à 18:39
22 mars 2010 à 18:39
Bonjour,
--> Télécharge OTL (de OldTimer) sur ton Bureau.
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.
--> Coche également les cases à côté de LOP Check et Purity Check.
--> Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.
--> Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
Pour me transmettre les rapports :
--> Clique sur ce lien : http://www.cijoint.fr/
--> Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
--> Clique sur Ouvrir.
--> Clique sur Cliquez ici pour déposer le fichier.
--> Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
--> Copie-colle ce lien dans ta réponse.
--> Télécharge OTL (de OldTimer) sur ton Bureau.
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.
--> Coche également les cases à côté de LOP Check et Purity Check.
--> Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.
--> Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
Pour me transmettre les rapports :
--> Clique sur ce lien : http://www.cijoint.fr/
--> Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
--> Clique sur Ouvrir.
--> Clique sur Cliquez ici pour déposer le fichier.
--> Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
--> Copie-colle ce lien dans ta réponse.
crapoulou
Messages postés
28096
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
6 avril 2023
8 004
22 mars 2010 à 18:40
22 mars 2010 à 18:40
Bonsoir,
Je vais m'occuper de ton infection.
Avant tout, il me faudrait connaitre ton système d'exploitation : Windows XP, Vista, 7, ...?
Je vais m'occuper de ton infection.
Avant tout, il me faudrait connaitre ton système d'exploitation : Windows XP, Vista, 7, ...?
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
22 mars 2010 à 18:44
22 mars 2010 à 18:44
je suis sous windows xp ;)
crapoulou
Messages postés
28096
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
6 avril 2023
8 004
22 mars 2010 à 18:45
22 mars 2010 à 18:45
C'est noté.
Suis la procédure de Destrio5 ;-).
Bonne continuation.
Suis la procédure de Destrio5 ;-).
Bonne continuation.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 299
22 mars 2010 à 19:51
22 mars 2010 à 19:51
1/
--> Démarre Spybot, clique sur Mode, coche Mode avancé.
--> A gauche, clique sur Outils, puis sur Résident.
--> Décoche la case devant Résident "TeaTimer" :
http://sd-1.archive-host.com/membres/up/3288717712384394/TeaTimer.jpg
--> Quitte Spybot.
2/
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Sous l'onglet Custom Scans/Fixes en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :
:OTL
PRC - C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe ()
PRC - C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\System32\regedit.exe File not found
O4 - HKLM\..\Run: [syncman] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKCU\..\Run: [syncman] c:\documents and settings\nd\wuaucldt.exe File not found
O4 - Startup: C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O37 - HKCU\...exe [@ = secfile] -- "C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe" /START "%1" %* ()
[2010/03/20 19:30:46 | 000,017,072 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\48531I0
[2010/03/20 19:29:53 | 000,029,764 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2010/03/20 19:29:42 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\jasltw.dat
[2010/03/20 19:28:31 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\nd\Application Data\avdrn.dat
[2010/03/22 17:57:55 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\nd\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010/03/22 17:56:56 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\3570694465.dll
[2010/03/22 17:55:48 | 000,012,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\VH56DJI7u87yo
[2010/03/22 17:55:48 | 000,012,800 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo
[2010/03/22 07:40:20 | 000,203,776 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\490373180.dll
[2010/03/22 07:37:01 | 000,014,600 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\wo588q8Gd1tnB
[2010/03/22 07:37:00 | 000,014,600 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\wo588q8Gd1tnB
[2010/03/21 11:29:22 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\1139758833.dll
[2010/03/21 11:25:01 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe
[2010/03/21 11:22:59 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vma.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\MSASCui.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ave.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\av.exe
[2010/03/21 11:22:58 | 000,017,072 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\48531I0
[2010/03/21 11:22:55 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\av.exe
[2010/03/21 11:22:55 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\vma.exe
[2010/03/21 11:22:55 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\MSASCui.exe
[2010/03/20 19:31:51 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe
:commands
[emptytemp]
[reboot]
--> Puis clique sur le bouton Run Fix en haut de la fenêtre.
--> Laisse le programme travailler, redémarre une fois le fix terminé.
--> Poste le rapport qui s'affichera après redémarrage.
--> Démarre Spybot, clique sur Mode, coche Mode avancé.
--> A gauche, clique sur Outils, puis sur Résident.
--> Décoche la case devant Résident "TeaTimer" :
http://sd-1.archive-host.com/membres/up/3288717712384394/TeaTimer.jpg
--> Quitte Spybot.
2/
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Sous l'onglet Custom Scans/Fixes en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :
:OTL
PRC - C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe ()
PRC - C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\System32\regedit.exe File not found
O4 - HKLM\..\Run: [syncman] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKCU\..\Run: [syncman] c:\documents and settings\nd\wuaucldt.exe File not found
O4 - Startup: C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O37 - HKCU\...exe [@ = secfile] -- "C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe" /START "%1" %* ()
[2010/03/20 19:30:46 | 000,017,072 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\48531I0
[2010/03/20 19:29:53 | 000,029,764 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2010/03/20 19:29:42 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\jasltw.dat
[2010/03/20 19:28:31 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\nd\Application Data\avdrn.dat
[2010/03/22 17:57:55 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\nd\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010/03/22 17:56:56 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\3570694465.dll
[2010/03/22 17:55:48 | 000,012,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\VH56DJI7u87yo
[2010/03/22 17:55:48 | 000,012,800 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo
[2010/03/22 07:40:20 | 000,203,776 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\490373180.dll
[2010/03/22 07:37:01 | 000,014,600 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\wo588q8Gd1tnB
[2010/03/22 07:37:00 | 000,014,600 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\wo588q8Gd1tnB
[2010/03/21 11:29:22 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\1139758833.dll
[2010/03/21 11:25:01 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe
[2010/03/21 11:22:59 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vma.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\MSASCui.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ave.exe
[2010/03/21 11:22:58 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\av.exe
[2010/03/21 11:22:58 | 000,017,072 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\48531I0
[2010/03/21 11:22:55 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\av.exe
[2010/03/21 11:22:55 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\vma.exe
[2010/03/21 11:22:55 | 000,202,240 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\MSASCui.exe
[2010/03/20 19:31:51 | 000,204,800 | -HS- | C] () -- C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe
:commands
[emptytemp]
[reboot]
--> Puis clique sur le bouton Run Fix en haut de la fenêtre.
--> Laisse le programme travailler, redémarre une fois le fix terminé.
--> Poste le rapport qui s'affichera après redémarrage.
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
22 mars 2010 à 20:43
22 mars 2010 à 20:43
All processes killed
========== OTL ==========
No active process named ave.exe was found!
No active process named wuaucldt.exe was found!
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\WINDOWS\system32\wuaucldt.exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File move failed. C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe scheduled to be moved on reboot.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
File C:\Documents and Settings\All Users\Application Data\48531I0 not found.
File C:\WINDOWS\System32\wuaucldt.exe not found.
File C:\Documents and Settings\NetworkService\Application Data\jasltw.dat not found.
File C:\Documents and Settings\nd\Application Data\avdrn.dat not found.
File C:\Documents and Settings\nd\oashdihasidhasuidhiasdhiashdiuasdhasd not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\3570694465.dll not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\VH56DJI7u87yo not found.
File C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\490373180.dll not found.
File C:\Documents and Settings\All Users\Application Data\wo588q8Gd1tnB not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\wo588q8Gd1tnB not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\1139758833.dll not found.
File C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe not found.
File C:\Documents and Settings\All Users\Application Data\vma.exe not found.
File C:\Documents and Settings\All Users\Application Data\MSASCui.exe not found.
File C:\Documents and Settings\All Users\Application Data\ave.exe not found.
File C:\Documents and Settings\All Users\Application Data\av.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\48531I0 not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\av.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\vma.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\MSASCui.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 7168644 bytes
User: nd
->Temp folder emptied: 1446537929 bytes
->Temporary Internet Files folder emptied: 247924946 bytes
->Java cache emptied: 47398699 bytes
->FireFox cache emptied: 51311636 bytes
->Flash cache emptied: 2052487 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2225529 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32864 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 128993 bytes
RecycleBin emptied: 82752036 bytes
Total Files Cleaned = 1 800,00 mb
OTL by OldTimer - Version 3.1.37.3 log created on 03222010_200156
Files\Folders moved on Reboot...
C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\XUL.mfl moved successfully.
Registry entries deleted on Reboot...
========== OTL ==========
No active process named ave.exe was found!
No active process named wuaucldt.exe was found!
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\WINDOWS\system32\wuaucldt.exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File move failed. C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe scheduled to be moved on reboot.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
File C:\Documents and Settings\All Users\Application Data\48531I0 not found.
File C:\WINDOWS\System32\wuaucldt.exe not found.
File C:\Documents and Settings\NetworkService\Application Data\jasltw.dat not found.
File C:\Documents and Settings\nd\Application Data\avdrn.dat not found.
File C:\Documents and Settings\nd\oashdihasidhasuidhiasdhiashdiuasdhasd not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\3570694465.dll not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\VH56DJI7u87yo not found.
File C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\490373180.dll not found.
File C:\Documents and Settings\All Users\Application Data\wo588q8Gd1tnB not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\wo588q8Gd1tnB not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\1139758833.dll not found.
File C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe not found.
File C:\Documents and Settings\All Users\Application Data\vma.exe not found.
File C:\Documents and Settings\All Users\Application Data\MSASCui.exe not found.
File C:\Documents and Settings\All Users\Application Data\ave.exe not found.
File C:\Documents and Settings\All Users\Application Data\av.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\48531I0 not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\av.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\vma.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\MSASCui.exe not found.
File C:\Documents and Settings\nd\Local Settings\Application Data\ave.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 7168644 bytes
User: nd
->Temp folder emptied: 1446537929 bytes
->Temporary Internet Files folder emptied: 247924946 bytes
->Java cache emptied: 47398699 bytes
->FireFox cache emptied: 51311636 bytes
->Flash cache emptied: 2052487 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2225529 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32864 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 128993 bytes
RecycleBin emptied: 82752036 bytes
Total Files Cleaned = 1 800,00 mb
OTL by OldTimer - Version 3.1.37.3 log created on 03222010_200156
Files\Folders moved on Reboot...
C:\Documents and Settings\nd\Menu Démarrer\Programmes\Démarrage\syspck32.exe moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Mozilla\Firefox\Profiles\9sr5epbu.default\XUL.mfl moved successfully.
Registry entries deleted on Reboot...
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 299
22 mars 2010 à 21:01
22 mars 2010 à 21:01
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
22 mars 2010 à 21:30
22 mars 2010 à 21:30
mon ordi c'est redemarré apres l'analyse qui avait trouvé un bon nombre de virus, trojan ...
donc je n'ai pas pu copié les données donc je ne peut pas te les donner ! :S
donc je n'ai pas pu copié les données donc je ne peut pas te les donner ! :S
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 299
22 mars 2010 à 21:56
22 mars 2010 à 21:56
Tu peux récupérer le rapport dans l'onglet Rapports/Logs de MBAM.
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
22 mars 2010 à 21:57
22 mars 2010 à 21:57
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22/03/2010 21:21:43
mbam-log-2010-03-22 (21-21-43).txt
Type de recherche: Examen rapide
Eléments examinés: 117121
Temps écoulé: 9 minute(s), 45 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe (Rogue.MultipleAV) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom (Trojan.Patched) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\config\SystemProfile\wuaucldt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
Version de la base de données: 3901
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22/03/2010 21:21:43
mbam-log-2010-03-22 (21-21-43).txt
Type de recherche: Examen rapide
Eléments examinés: 117121
Temps écoulé: 9 minute(s), 45 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe (Rogue.MultipleAV) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom (Trojan.Patched) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\config\SystemProfile\wuaucldt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\avG\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\nd\Local Settings\Application Data\Microsoft\Windows Defender\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\vma.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\avG\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 299
22 mars 2010 à 21:59
22 mars 2010 à 21:59
Le PC va mieux ?
--> Relance MBAM, va dans Quarantaine et supprime tout.
--> Refais un scan OTL et poste le rapport OTL.
--> Relance MBAM, va dans Quarantaine et supprime tout.
--> Refais un scan OTL et poste le rapport OTL.
garfield62
Messages postés
16
Date d'inscription
dimanche 19 octobre 2008
Statut
Membre
Dernière intervention
18 janvier 2012
22 mars 2010 à 22:01
22 mars 2010 à 22:01
oué merci le pc va mieux :D
je te fais le scan OTL de suite ;)
je te fais le scan OTL de suite ;)
22 mars 2010 à 19:45
OTL.txt: http://www.cijoint.fr/cjlink.php?file=cj201003/cijYZLjKum.txt
Extras.tkt: http://www.cijoint.fr/cjlink.php?file=cj201003/cijGckpyvl.txt