Sujet Précédent Sujet Suivant

Trojan:Win32/Sefnit.G aide svp

Résolu/Fermé
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011 - 28 janv. 2011 à 16:07
namour62129 Messages postés 1 Date d'inscription jeudi 2 juin 2011 Statut Membre Dernière intervention 2 juin 2011 - 2 juin 2011 à 13:17
Bonjour, voila, j'ai un petit soucis de virus, le trojan Sefnit.G qui ne cesse de réapparaitre (même après désinfection, clean CCleaner, et re analyse complète vierge, au reboot, il revient)


LOG Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:48, on 28/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe
C:\windows\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\wins.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Explorer.EXE
C:\windows\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\windows\system32\wuauclt.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Utilisateur\Mes documents\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - (no file)
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://freed-world.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Windows Internet Name Service - Unknown owner - C:\windows\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\wins.exe
A voir également:

9 réponses

Réponse 1 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
28 janv. 2011 à 16:09
Salut,

Envioie C:\windows\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\wins.exe
sur http://upload.malekal.com

~~

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan, supprime tout et poste le rapport ici.



puis :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
1
Réponse 2 / 9
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011
28 janv. 2011 à 18:01
Déjà un grand merci, dslé ça a pris un moment :

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5630

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/01/2011 17:59:06
mbam-log-2011-01-28 (17-59-06).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|S:\|)
Elément(s) analysé(s): 197535
Temps écoulé: 1 heure(s), 38 minute(s), 3 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 51
Fichier(s) infecté(s): 136

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{50AD41D2-B1F0-47CC-9EA7-395355EAEEBD} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8CEB185E-81A5-46D3-BC20-C555D605AFBD} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A72522BA-9FF3-4C83-ABC6-9B476728A396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C5762628-AE15-4ca6-96C4-B00DD17F3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D062E03E-65CA-49E4-9B15-31938BA98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunRedirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunRedirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Internet System Controller (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Live Content Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Web Search Assistant (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet System Controller (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Live Content Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Assistant (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\Software\Internet Content Updater (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Value: {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Value: {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B} (Adware.DoubleD) -> Value: {E63605FC-D583-4C81-867F-9457BDB3EA1B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B} (Adware.DoubleD) -> Value: {E63605FC-D583-4C81-867F-9457BDB3EA1B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440E-08F0-4339-9959-5C31C6A69F23} (Adware.DoubleD) -> Value: {8141440E-08F0-4339-9959-5C31C6A69F23} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440E-08F0-4339-9959-5C31C6A69F23} (Adware.DoubleD) -> Value: {8141440E-08F0-4339-9959-5C31C6A69F23} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506} (Adware.DoubleD) -> Value: {E889F097-B0BE-471B-89AD-B86B6F04B506} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506} (Adware.DoubleD) -> Value: {E889F097-B0BE-471B-89AD-B86B6F04B506} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\{AA1ACB70-B5F1-4037-909E-1F725B04D2A8} (Adware.DoubleD) -> Value: {AA1ACB70-B5F1-4037-909E-1F725B04D2A8} -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\program files\context management controller (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\Chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\bin (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet connection wizard\1.8.0.2650 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet content updater (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet system controller (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet system controller\5.8.0.3240 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\web search assistant (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\web search assistant\5.8.0.3310 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\context management controller\2.8.0.4360\cmcsh.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Chrome\cmcchromeaddon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\isccommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\wsacommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\wsacommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\Favoris\myfastsearcher.url (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\exclude.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\matchingdata.zd5 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\pxtmpdata.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\running.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Chrome\background.html (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Chrome\contentscript.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\Chrome\manifest.json (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\chrome\content\AddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\chrome\content\AddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\context management controller\2.8.0.4360\FF\components\cmcffaddon.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\internettoday.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\internettoday.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\microsoft.vc80.mfc.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\skincrafterdll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet content updater\1.8.0.2650\data\itcfg.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Chrome\background.html (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Chrome\manifest.json (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Chrome\newtab.html (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome\ISCAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome\content\ISCAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\chrome\content\ISCAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\components\iscffaddon.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\internet system controller\5.8.0.3240\FF\components\iscffhelpercomponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\Chrome\background.html (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\Chrome\manifest.json (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome\LCAAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome\content\LCAAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\chrome\content\LCAAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\components\lcaffaddon.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\live content advancer\5.8.0.7460\FF\components\lcaffhelpercomponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\background.html (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\manifest.json (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\script.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Chrome\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome\WSAAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome\content\WSAAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\chrome\content\WSAAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\components\wsaffaddon.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search assistant\5.8.0.3310\FF\components\wsaffhelpercomponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_rss.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_smiley_config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\module_webdropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\productinfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\searchenginelist.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\toolbarlayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\updatecentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Data\updatecentrebk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\component_combobox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_option_menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_rss.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_rss.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_rss_menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_rss_menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Icons\module_webdropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\gamieplay toolbar\3.7.1.8090\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet connection wizard\1.8.0.2650\itcfg.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet system controller\5.8.0.3240\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet system controller\5.8.0.3240\hjhp_20100718-011411.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\internet system controller\5.8.0.3240\hjhp_20100718-012142.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-011350.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-011359.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-012143.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122039.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122411.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122413.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122557.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122652.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\np_20100718-122658.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\live content advancer\5.8.0.7460\State.ini (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\web search assistant\5.8.0.3310\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\web search assistant\5.8.0.3310\rState.ini (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\utilisateur\local settings\application data\web search assistant\5.8.0.3310\sState.ini (Adware.DoubleD) -> Quarantined and deleted successfully.

je reboot et je fais la suite :)
0
Réponse 3 / 9
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011
28 janv. 2011 à 18:36
OTL: http://www.cijoint.fr/cjlink.php?file=cj201101/cijAlQYJYg.txt
Extras: http://www.cijoint.fr/cjlink.php?file=cj201101/cijorOMj2N.txt

merci
0
Réponse 4 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
28 janv. 2011 à 19:00
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:

:OTL
PRC - [2010/12/30 19:57:27 | 005,358,080 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\wins.exe
:files
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\

* redemarre le pc sous windows et poste le rapport ici


~~~

Refais un scan OTL et poste le rapport ici.

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011
28 janv. 2011 à 19:06
ok, log de la correction:
========== OTL ==========
Process wins.exe killed successfully!
========== FILES ==========
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\temp folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\pacman\bspatch folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\pacman\archive folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\pacman folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\mtemp folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\incoming folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service\cache folder moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Windows Internet Name Service folder moved successfully.

OTL by OldTimer - Version 3.2.20.6 log created on 01282011_190446


reboot et re scan apres.... (avc les mêmes parametres que précedent)

merci
0
Réponse 6 / 9
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011
28 janv. 2011 à 19:27
voila le scan OTL, cette fois ci il ne m'a pas donné d'extras! bon signe?

http://www.cijoint.fr/cjlink.php?file=cj201101/cijVIaXOMi.txt
0
Réponse 7 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
28 janv. 2011 à 19:32
il couine encore ton antivirus ?
0
kat1987 Messages postés 3 Date d'inscription mardi 1 février 2011 Statut Membre Dernière intervention 5 février 2011
1 févr. 2011 à 14:12
Bonjour, pourriez-vous m'aider, j'ai le meme soucis que freedfreed j'ai le virus Trojan:Win32/Sefnit.G cependant lorsque je scan ou essaye de le supprimer ou de le mettre en quarantaine impossible de le faire partir!! j'ai essayer le debut de votre methode avec malwarebytes cependant il me dit que je n'ai pas de fichiers infectes que tout va bien et pourtant q achque fois que je rallume mon ordinateur mon antivirus redetecte le trojan je ne sais plus quoi faire pour m'en debarasser !! pouvez-vous m'aider !!!
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
1 févr. 2011 à 14:23
merci de créer ton propre sujet pour obtenir de l'aide !
0
Réponse 8 / 9
Freedfreed Messages postés 6 Date d'inscription vendredi 28 janvier 2011 Statut Membre Dernière intervention 28 janvier 2011
28 janv. 2011 à 19:37
pas pour l'instant, je vais reboot voir et lancer un scan complet :)

en tout cas un gros merci!!!! <3

je reviens après l'analyse etc
0
Réponse 9 / 9
namour62129 Messages postés 1 Date d'inscription jeudi 2 juin 2011 Statut Membre Dernière intervention 2 juin 2011
2 juin 2011 à 13:17
bonjour à tous

je suis nouvelle inscrite sur votre site .
je connais bien le site et je sais que vous me serai d'une grande aide .

j'ai lu pas mal de post sur mon probléme et je ne vois que vous pour m'aider .

j'ai mon syst32 qui est infecté .

j'ai télécharger malwarebyte anti-malware et voici le rapport :
( bien evidemment je ne sais pas le déchiffré lol )
Pouvez-vous m'aider à supprimer ce virus .
mes donnés sur le disque dur data sont accessible mais quand j'ouvre le disque C: ben c vide alors ca fait peur

merci d'avance cordialement

=> Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6752

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

02/06/2011 13:16:06
mbam-log-2011-06-02 (13-16-06).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 267262
Temps écoulé: 48 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files\mozilla firefox\rk_quarantine\39313144.exe.vir (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\rk_quarantine\iwtqjsalxi.exe.vir (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\programdata\iwtqjsalxi.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Users\sophie\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\VZ2E37LZ\calc[1].exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Users\sophie\downloads\vlc-fr(2).exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\sophie\downloads\vlc-fr.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses