PC encore infecté ?
Résolu
PleaseHelpMe
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai eu récemment quelques virus (une quinzaine) qu'Avira AntiVir et Malwarebytes' Anti-Malware ont neutralisé et je voudrais m'assurer qu'il n'est plus infecté car je doute encore. Un message d'erreur Java apparaît au lancement de Firefox. Malgré ça, je n'ai pas de problème pour naviguer.
Que dois-je faire ?
Merci
J'ai eu récemment quelques virus (une quinzaine) qu'Avira AntiVir et Malwarebytes' Anti-Malware ont neutralisé et je voudrais m'assurer qu'il n'est plus infecté car je doute encore. Un message d'erreur Java apparaît au lancement de Firefox. Malgré ça, je n'ai pas de problème pour naviguer.
Que dois-je faire ?
Merci
A voir également:
- PC encore infecté ?
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
95 réponses
L'assistant recherche fonctionne. J'ai recherché sur un autre sujet et il fallait taper:
regsvr32 %systemroot%\srchasst\srchui.dll dans "Executer" (menu démarrer)
Cependant je n'arrive toujours pas à mettre à jour antivir
^^"
Peut-être que je devrais changer d'antivirus.
Sinon, faut-il que je refasse un scan OTL ?
regsvr32 %systemroot%\srchasst\srchui.dll dans "Executer" (menu démarrer)
Cependant je n'arrive toujours pas à mettre à jour antivir
^^"
Peut-être que je devrais changer d'antivirus.
Sinon, faut-il que je refasse un scan OTL ?
Je le relance, donc!
:)
OTL.txt:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijxAX0pyi.txt
Extras.txt:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijIAEYpiv.txt
Sinon j'ai fait pas mal de tri dans les logiciels. Tu aurais un antivirus gratuit à me conseiller ? Etant donné que j'ai enlevé avira antivir...
^^
Edit: Zut j'ai mis "Age du fichier" sur 30 jours... Je dois recommencer ??
:)
OTL.txt:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijxAX0pyi.txt
Extras.txt:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijIAEYpiv.txt
Sinon j'ai fait pas mal de tri dans les logiciels. Tu aurais un antivirus gratuit à me conseiller ? Etant donné que j'ai enlevé avira antivir...
^^
Edit: Zut j'ai mis "Age du fichier" sur 30 jours... Je dois recommencer ??
non je vais faire avec ca :)
t'aurais du garder antivir c'est le meilleur en gratuit
je regarde les rapports :)
t'aurais du garder antivir c'est le meilleur en gratuit
je regarde les rapports :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
shcut.exe
:OTL
IE - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O2 - BHO: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O3 - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\Toolbar\WebBrowser: (WeFiBar Toolbar) - {0B876028-B388-4F6D-922F-F52FAEC8535F} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-621025510-174831016-3728667849-1005..\Run: [wefi] C:\Program Files\WeFi\WeFi.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"Reminder"=-
"SoundMAX"=-
"TkBellExe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
:Files
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:264B2CC4
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
shcut.exe
:OTL
IE - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O2 - BHO: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O3 - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - C:\Program Files\Gossiper\tbGos1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-621025510-174831016-3728667849-1005\..\Toolbar\WebBrowser: (WeFiBar Toolbar) - {0B876028-B388-4F6D-922F-F52FAEC8535F} - C:\Program Files\WeFiBar\tbWeF1.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-621025510-174831016-3728667849-1005..\Run: [wefi] C:\Program Files\WeFi\WeFi.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"Reminder"=-
"SoundMAX"=-
"TkBellExe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
:Files
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:264B2CC4
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
Trouvé!
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named shcut.exe was found!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0a452a47-c5a8-4854-a237-4b9b06b376f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
C:\Program Files\Gossiper\tbGos1.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0b876028-b388-4f6d-922f-f52faec8535f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0b876028-b388-4f6d-922f-f52faec8535f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0a452a47-c5a8-4854-a237-4b9b06b376f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0b876028-b388-4f6d-922f-f52faec8535f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0A452A47-C5A8-4854-A237-4B9B06B376F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A452A47-C5A8-4854-A237-4B9B06B376F0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B876028-B388-4F6D-922F-F52FAEC8535F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B876028-B388-4F6D-922F-F52FAEC8535F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Windows\CurrentVersion\Run\\wefi deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\comfile\shell\open\command\\'' updated successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\'' updated successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.com\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Reminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMAX deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|145 /E : value set successfully!
========== FILES ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:264B2CC4 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 21837 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6628218 bytes
->Flash cache emptied: 434 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 181278 bytes
User: VL
->Temp folder emptied: 154637279 bytes
->Temporary Internet Files folder emptied: 260438347 bytes
->Java cache emptied: 49824967 bytes
->FireFox cache emptied: 45101913 bytes
->Flash cache emptied: 2004826 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14682634 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91309972 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 324691680 bytes
Total Files Cleaned = 906,00 mb
OTL by OldTimer - Version 3.2.17.2 log created on 11112010_144818
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named shcut.exe was found!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0a452a47-c5a8-4854-a237-4b9b06b376f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
C:\Program Files\Gossiper\tbGos1.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0b876028-b388-4f6d-922f-f52faec8535f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0b876028-b388-4f6d-922f-f52faec8535f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0a452a47-c5a8-4854-a237-4b9b06b376f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0b876028-b388-4f6d-922f-f52faec8535f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0A452A47-C5A8-4854-A237-4B9B06B376F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A452A47-C5A8-4854-A237-4B9B06B376F0}\ not found.
File C:\Program Files\Gossiper\tbGos1.dll not found.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B876028-B388-4F6D-922F-F52FAEC8535F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B876028-B388-4F6D-922F-F52FAEC8535F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-621025510-174831016-3728667849-1005\Software\Microsoft\Windows\CurrentVersion\Run\\wefi deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\comfile\shell\open\command\\'' updated successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\'' updated successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.com\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Reminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMAX deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|145 /E : value set successfully!
========== FILES ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:264B2CC4 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 21837 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6628218 bytes
->Flash cache emptied: 434 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 181278 bytes
User: VL
->Temp folder emptied: 154637279 bytes
->Temporary Internet Files folder emptied: 260438347 bytes
->Java cache emptied: 49824967 bytes
->FireFox cache emptied: 45101913 bytes
->Flash cache emptied: 2004826 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14682634 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91309972 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 324691680 bytes
Total Files Cleaned = 906,00 mb
OTL by OldTimer - Version 3.2.17.2 log created on 11112010_144818
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Hum.. Le message apparaît toujours mais ça ne m'empêche pas de naviguer.
Sinon je n'arrive pas à réinstaller Avira, même message qu'au démarrage de Firefox et lorsque j'ai lancé List_Kill'em.
Sinon à part que je n'ai plus d'antivirus tout va bien. n_n
Tu crois que je devrais essayer d'en installer un autre ?
Sinon je n'arrive pas à réinstaller Avira, même message qu'au démarrage de Firefox et lorsque j'ai lancé List_Kill'em.
Sinon à part que je n'ai plus d'antivirus tout va bien. n_n
Tu crois que je devrais essayer d'en installer un autre ?
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* * Colle directement le chemin des fichiers , un par un , dans l'espace "Parcourir" apres chaque analyse :
c:\windows\system32\Winlogon.exe
c:\windows\system32\Wininit.exe
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
Virus Total
* * Colle directement le chemin des fichiers , un par un , dans l'espace "Parcourir" apres chaque analyse :
c:\windows\system32\Winlogon.exe
c:\windows\system32\Wininit.exe
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
Le premier est un trojan je crois:
http://www.virustotal.com/file-scan/report.html?id=ecef5a07dbc72e99adcb82af4dab143f5a2bad3812ccbfa87ea5e82e29e133fa-1289554066
Il est indiqué que le deuxième est introuvable.
Que dois-je faire pour le premier ?
http://www.virustotal.com/file-scan/report.html?id=ecef5a07dbc72e99adcb82af4dab143f5a2bad3812ccbfa87ea5e82e29e133fa-1289554066
Il est indiqué que le deuxième est introuvable.
Que dois-je faire pour le premier ?
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5100
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/11/2010 18:43:06
mbam-log-2010-11-12 (18-43-06).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 255805
Temps écoulé: 1 heure(s), 2 minute(s), 6 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
C:\Program Files\InstallPedia\lnetworker.exe (Adware.InstallPedia) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\90051b49\003b0f99_fb53cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i.p services (Adware.InstallPedia) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ip network (Adware.InstallPedia) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\InstallPedia (Adware.InstallPedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\InstallPedia\lnetworker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\90051b49\003b0f99_fb53cb01\Utils.DLL (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\c2d93468\000ede97_fb53cb01\networker.EXE (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\networker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\service.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\Ionic.Zip.Reduced.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\pref_updater.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 5100
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/11/2010 18:43:06
mbam-log-2010-11-12 (18-43-06).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 255805
Temps écoulé: 1 heure(s), 2 minute(s), 6 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
C:\Program Files\InstallPedia\lnetworker.exe (Adware.InstallPedia) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\90051b49\003b0f99_fb53cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i.p services (Adware.InstallPedia) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ip network (Adware.InstallPedia) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\InstallPedia (Adware.InstallPedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\InstallPedia\lnetworker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\90051b49\003b0f99_fb53cb01\Utils.DLL (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\VL\Local Settings\Application Data\assembly\dl3\3QMLR0XD.WR9\DRL4GQV8.P00\c2d93468\000ede97_fb53cb01\networker.EXE (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\networker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\service.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\Ionic.Zip.Reduced.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
C:\Program Files\InstallPedia\pref_updater.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
rien qu'en te promenant sur le net , tu as reinfecté ton pc
je sais pas comment tu fais....
moi ca fait 15 j que je tourne sans antivirus...
je sais pas comment tu fais....
moi ca fait 15 j que je tourne sans antivirus...