Trojan Impossible à Expulser
lolo54644
-
okay -
okay -
Bonjour,
Je viens d'analyser mon pc avec HiJackThis. Voici le rapport. J'espere que vous pourrez m'aider.
Merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:54, on 12/05/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18444)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Users\Jue\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
O3 - Toolbar: VDownloader Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\CyberLink\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW
O4 - HKCU\..\Run: [urtvblbq] C:\Users\Jue\AppData\Local\ahehlpeoq\fwrntbqtssd.exe
O4 - HKCU\..\Run: [asam] C:\Users\Jue\AppData\Local\asam.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\CFGMGR3232.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1ca1df5bf3bd960) (gupdate1ca1df5bf3bd960) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Je viens d'analyser mon pc avec HiJackThis. Voici le rapport. J'espere que vous pourrez m'aider.
Merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:54, on 12/05/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18444)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Users\Jue\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
O3 - Toolbar: VDownloader Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\CyberLink\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW
O4 - HKCU\..\Run: [urtvblbq] C:\Users\Jue\AppData\Local\ahehlpeoq\fwrntbqtssd.exe
O4 - HKCU\..\Run: [asam] C:\Users\Jue\AppData\Local\asam.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O20 - AppInit_DLLs: C:\WINDOWS\SYSTEM32\CFGMGR3232.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1ca1df5bf3bd960) (gupdate1ca1df5bf3bd960) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
A voir également:
- Trojan Impossible à Expulser
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Trojan b901 system32 win config 34 ✓ - Forum Virus
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
7 réponses
Malekal_morte-
Messages postés
184348
Date d'inscription
Statut
Modérateur, Contributeur sécurité
Dernière intervention
24 693
Tu peux rajouter BitDefender à la liste :)
lolo54644
Bit defender, et pas avast ni norton
Salut,
C'est un module complémentaire que je lui ferais désinstaller ensuite ainsi que toutes ses toolbar
etc... merci !
C'est un module complémentaire que je lui ferais désinstaller ensuite ainsi que toutes ses toolbar
etc... merci !
Re-Salut,
Désinstalle Norton:
http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924
et Avast:
https://www.avast.com/fr-fr/uninstall-utility
ensuite fais un scan complet avec:
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
fais la mise à jour avant le scan complet !!
à la fin du scan complet, supprime la sélections !!!!!!!!
poste le rapport ici, stp
Désinstalle Norton:
http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924
et Avast:
https://www.avast.com/fr-fr/uninstall-utility
ensuite fais un scan complet avec:
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
fais la mise à jour avant le scan complet !!
à la fin du scan complet, supprime la sélections !!!!!!!!
poste le rapport ici, stp
Voici le rapport:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:15:49
mbam-log-2010-05-13 (17-15-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\captura.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo1.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo2.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo3.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo4.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\error.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:15:49
mbam-log-2010-05-13 (17-15-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\captura.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo1.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo2.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo3.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo4.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\error.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Salut Electricien 69,
merci, ok,
lolo54644 , avant de lancer Malwarbyte's, fais ceci,stp
Télécharge:
https://www.commentcamarche.net/telecharger/securite/2547-ad-remover/
éteinds ta box ou déconnecte ton ordi !!
et fais: Nétoyer
poste le rapport ici,stp
merci, ok,
lolo54644 , avant de lancer Malwarbyte's, fais ceci,stp
Télécharge:
https://www.commentcamarche.net/telecharger/securite/2547-ad-remover/
éteinds ta box ou déconnecte ton ordi !!
et fais: Nétoyer
poste le rapport ici,stp
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjou,
Voici le rapport de Malwarebytes.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:12:13
rapport virus
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> No action taken.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> No action taken.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> No action taken.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> No action taken.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> No action taken.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> No action taken.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> No action taken.
C:\Windows\System32\net.net (Trojan.Downloader) -> No action taken.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> No action taken.
C:\captura.bmp (Malware.Traces) -> No action taken.
C:\codigo1.bmp (Malware.Traces) -> No action taken.
C:\codigo2.bmp (Malware.Traces) -> No action taken.
C:\codigo3.bmp (Malware.Traces) -> No action taken.
C:\codigo4.bmp (Malware.Traces) -> No action taken.
C:\error.bmp (Malware.Traces) -> No action taken.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> No action taken.
C:\Windows\GnuHashes.ini (Malware.Trace) -> No action taken.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> No action taken.
Puis voici le rapport post nettoyage par Malwarebyte:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:15:49
mbam-log-2010-05-13 (17-15-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\captura.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo1.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo2.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo3.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo4.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\error.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
All is good?
Que faire maintenant? Juste redemarrer?
Voici le rapport de Malwarebytes.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:12:13
rapport virus
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> No action taken.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> No action taken.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> No action taken.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> No action taken.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> No action taken.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> No action taken.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> No action taken.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> No action taken.
C:\Windows\System32\net.net (Trojan.Downloader) -> No action taken.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> No action taken.
C:\captura.bmp (Malware.Traces) -> No action taken.
C:\codigo1.bmp (Malware.Traces) -> No action taken.
C:\codigo2.bmp (Malware.Traces) -> No action taken.
C:\codigo3.bmp (Malware.Traces) -> No action taken.
C:\codigo4.bmp (Malware.Traces) -> No action taken.
C:\error.bmp (Malware.Traces) -> No action taken.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> No action taken.
C:\Windows\GnuHashes.ini (Malware.Trace) -> No action taken.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> No action taken.
Puis voici le rapport post nettoyage par Malwarebyte:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4096
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
13/05/2010 17:15:49
mbam-log-2010-05-13 (17-15-49).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 284591
Temps écoulé: 2 heure(s), 35 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\urtvblbq (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF79B.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\BASH\Clone\BHCF7FA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT7W0YOQ\photofiltre-fr[1].exe (Trojan.SMSScam) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6E8PZ6\fwevpovto[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\khvcol.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\swcamexron.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\Hcj.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\owcnmesarx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Jue\AppData\Local\Temp\waosxmenrc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\7BB4.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\DFAB.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\@u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mi882158548v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\mu882158548v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\wu882158548v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_i882158548v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\SysWoW32\_u882158548v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\captura.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo1.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo2.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo3.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\codigo4.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\error.bmp (Malware.Traces) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
All is good?
Que faire maintenant? Juste redemarrer?
