Neilly83 - PC2
crapoulou
Messages postés
28195
Date d'inscription
Statut
Modérateur, Contributeur sécurité
Dernière intervention
-
crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
Afin que l'on ne se perde pas dans la désinfection du PC1 et du PC2, on va traiter le second sur ce topic.
Merci ;-).
Afin que l'on ne se perde pas dans la désinfection du PC1 et du PC2, on va traiter le second sur ce topic.
Merci ;-).
A voir également:
- Neilly83 - PC2
- Barrette de ram: DDR2 533 pc2-4300 et 4200 - Forum Matériel & Système
51 réponses
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4436
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
16/08/2010 19:27:56
mbam-log-2010-08-16 (19-27-56).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 313958
Temps écoulé: 1 heure(s), 21 minute(s), 10 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 57
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rkfree (Keylogger.Logixoft) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Registry Victor (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\anpe (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\eric (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rkfree\rkfree.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\rlls.dll.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\rlservice.exe.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\components\rlxg.dll.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\ShoppingReport2\Bin\2.7.8\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Programmi\SniffPass\SniffPass.exe (Trojan.PSW) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\CasinoAction\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\CasinoClassic\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\JackpotCity\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\RWOptimizer.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Settings.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup\AutoBackup20091119223813.zip (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup\AutoBackup20091121211206.zip (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\desktop.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\anpe\POLE EMPLOI Assedic ANPE fusionnent en Pôle emploi.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\eric\Ministère de la Justice - Vos droits et démarches vos droits et démarches.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics\Cyber-citoyenneté.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics\Service public.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\desktop.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\Galerie de composants Web Slice.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\Sites suggérés.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Internet Explorer 7 - Présentation rapide.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Microsoft Store.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Site Internet Explorer sur microsoft.com.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Windows Marketplace.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Actualités.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Automobile.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Divertissements.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Finances.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Sports.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Gallery.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Mail.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Spaces.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - BEBE LILLY - LES JEUX VIDEO (NEW CLIP!!!).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Bébé Lilly - MILLE ET UNE NUITS (OFFICIEL).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Bébé Lilly.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Dora.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Gummibär - CHO KA KA O.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - La danse de Titou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - la danse des canards remix 2008!!! (français, espagnol, allemand, italien!).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Le Roi Lion (The Lion King) Hakuna Matata (french).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - MAMADOU.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Oui-Oui.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - Le ragga des Pingouins.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - Moi J'aime Skier.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - « Le Papa Pingouin » + sous-titres.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo bisous d'eskimo.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pinguins.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Playlist pour les enfants !.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - tchoupi a la ferme.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Titou Le Lapinou - Le Coucou du Titou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Titou, Le Lapinou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Winnie l'Ourson.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Registry Victor Schedule.job (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 4436
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
16/08/2010 19:27:56
mbam-log-2010-08-16 (19-27-56).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 313958
Temps écoulé: 1 heure(s), 21 minute(s), 10 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 57
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rkfree (Keylogger.Logixoft) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Registry Victor (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\anpe (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\eric (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rkfree\rkfree.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\rlls.dll.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\rlservice.exe.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\RelevantKnowledge\components\rlxg.dll.vir (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\Quarantine\C\Program Files\ShoppingReport2\Bin\2.7.8\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Programmi\SniffPass\SniffPass.exe (Trojan.PSW) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\CasinoAction\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\CasinoClassic\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Microgaming\Casino\JackpotCity\install.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\RWOptimizer.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Settings.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup\AutoBackup20091119223813.zip (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\AutoBackup\AutoBackup20091121211206.zip (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\desktop.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\anpe\POLE EMPLOI Assedic ANPE fusionnent en Pôle emploi.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\eric\Ministère de la Justice - Vos droits et démarches vos droits et démarches.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics\Cyber-citoyenneté.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Liens publics\Service public.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\desktop.ini (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\Galerie de composants Web Slice.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Links\Sites suggérés.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Internet Explorer 7 - Présentation rapide.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Microsoft Store.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Site Internet Explorer sur microsoft.com.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web Microsoft\Windows Marketplace.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Actualités.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Automobile.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Divertissements.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Finances.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN Sports.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Sites Web MSN\MSN.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Gallery.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Mail.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live Spaces.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\Windows Live\Windows Live.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - BEBE LILLY - LES JEUX VIDEO (NEW CLIP!!!).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Bébé Lilly - MILLE ET UNE NUITS (OFFICIEL).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Bébé Lilly.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Dora.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Gummibär - CHO KA KA O.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - La danse de Titou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - la danse des canards remix 2008!!! (français, espagnol, allemand, italien!).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Le Roi Lion (The Lion King) Hakuna Matata (french).url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - MAMADOU.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Oui-Oui.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - Le ragga des Pingouins.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - Moi J'aime Skier.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo - « Le Papa Pingouin » + sous-titres.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pigloo bisous d'eskimo.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Pinguins.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Playlist pour les enfants !.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - tchoupi a la ferme.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Titou Le Lapinou - Le Coucou du Titou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Titou, Le Lapinou.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Program Files\Registry Victor\Utilities\Favorites\zozoé\YouTube - Winnie l'Ourson.url (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Registry Victor Schedule.job (Rogue.RegistryVictor) -> Quarantined and deleted successfully.
Vide la quarantaine de MBAM.
Supprime AD-R (l'exécutable et le dossier C:\AD-R) et retélécharge-le.
Recommence la manipulation de suppression.
Supprime AD-R (l'exécutable et le dossier C:\AD-R) et retélécharge-le.
Recommence la manipulation de suppression.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
- Supprime ce dossier : C:\AD-R.
- Supprime AD-R, le fichier téléchargé comme demandé ici :
https://forums.commentcamarche.net/forum/affich-18855358-neilly83-pc2?full#6
Une fois que t'ad supprimé AD-R, retélécharge-le et suis à nouveau cette procédure :
https://forums.commentcamarche.net/forum/affich-18855358-neilly83-pc2?full#6
- Supprime AD-R, le fichier téléchargé comme demandé ici :
https://forums.commentcamarche.net/forum/affich-18855358-neilly83-pc2?full#6
Une fois que t'ad supprimé AD-R, retélécharge-le et suis à nouveau cette procédure :
https://forums.commentcamarche.net/forum/affich-18855358-neilly83-pc2?full#6
======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:35:44 le 16/08/2010, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
nathalie@PC-DE-NATHALIE (Acer Aspire T660)
============== ACTION(S) ==============
3,Fichier supprimé: C:\Users\nathalie\AppData\Local\gyeiw.bat
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [Impossible d'obtenir la version] **
-- C:\Users\nathalie\AppData\Roaming\Mozilla\FireFox\Profiles\r4zefnbw.default\Prefs.js --
browser.download.dir, C:\\Users\\nathalie\\Downloads
browser.download.lastDir, C:\\Users\\nathalie\\Documents\\Téléchargements
browser.search.defaultenginename, Bing
browser.search.selectedEngine, SearchTheWeb
browser.startup.homepage, hxxp://search.iminent.com/?appId=dc3fdd94-00a3-4868-9102-654a15c34afe
browser.startup.homepage_override.mstone, rv:1.9.2.3
keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
** Internet Explorer Version [8.0.6001.18943] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
SearchAssistant:
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst:
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 16/08/2010 (2588 Octet(s))
Fin à: 20:47:04, 16/08/2010
============== E.O.F ==============
Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:35:44 le 16/08/2010, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
nathalie@PC-DE-NATHALIE (Acer Aspire T660)
============== ACTION(S) ==============
3,Fichier supprimé: C:\Users\nathalie\AppData\Local\gyeiw.bat
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [Impossible d'obtenir la version] **
-- C:\Users\nathalie\AppData\Roaming\Mozilla\FireFox\Profiles\r4zefnbw.default\Prefs.js --
browser.download.dir, C:\\Users\\nathalie\\Downloads
browser.download.lastDir, C:\\Users\\nathalie\\Documents\\Téléchargements
browser.search.defaultenginename, Bing
browser.search.selectedEngine, SearchTheWeb
browser.startup.homepage, hxxp://search.iminent.com/?appId=dc3fdd94-00a3-4868-9102-654a15c34afe
browser.startup.homepage_override.mstone, rv:1.9.2.3
keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
** Internet Explorer Version [8.0.6001.18943] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
SearchAssistant:
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst:
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 16/08/2010 (2588 Octet(s))
Fin à: 20:47:04, 16/08/2010
============== E.O.F ==============
Installe bien RSIT sur ton bureau : Enregistrer et non pas Exécuter
********
Supprime ce dossier :
C:\Program Files\rkfree
********
Lance Hijackthis par clic droit, `Exécuter en tant qu'administrateur`.
Il se situe ici :
C:\Program Files\trend micro\nathalie.exe
Clique sur "Do a system scan only".
Coche ces lignes :
Clique ensuite sur "Fix checked".
Ferme Hijackthis.
********
Je vais manger, à tout à l'heure.
********
Supprime ce dossier :
C:\Program Files\rkfree
********
Lance Hijackthis par clic droit, `Exécuter en tant qu'administrateur`.
Il se situe ici :
C:\Program Files\trend micro\nathalie.exe
Clique sur "Do a system scan only".
Coche ces lignes :
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
o4 - hkcu\..\run: [{da5e92d6-5647-1d09-30dc-81915a8db468}] c:\users\nathalie\appdata\local\microsoft\windows\temporary internet files\content.ie5\v23wzfyz\dofus%20hack%20tools%20v3.0[1].exe
o4 - hkcu\..\run: [example] c:\users\nathalie\appdata\local\microsoft\windows\temporary internet files\content.ie5\v23wzfyz\dofus%20hack%20tools%20v3.0[1].exe => Fichiers temporaires Microsoft IE
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
Clique ensuite sur "Fix checked".
Ferme Hijackthis.
********
Je vais manger, à tout à l'heure.
