virus Fermé

Question

Bonjour, 
qlq peut m aider mon pc est infecter ,j ai un antivirus gt qui aparait chaque fois sur mon ecrant ,voila le raport merci d avance.

Configuration: Windows XP / Internet Explorer 6.0Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:00:39, on 16/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AVGT\antivirusGT.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Documents and Settings\aw\Application Data\T-Mobile Internet Manager\ouc.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\T-Mobile Internet Manager.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\bmctl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\bmop.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/broadband
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagey.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagey.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://uk.search.yahoo.com/
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar	oolband.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar	oolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ueapwjpu] C:\Documents and Settings\aw\Local Settings\Application Data
jxdphbhh\pgqqfghtssd.exe
O4 - HKLM\..\Run: [usbkkuhe] C:\Documents and Settings\aw\Local Settings\Application Data\oumtksfud\atsxtsatssd.exe
O4 - HKLM\..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ueapwjpu] C:\Documents and Settings\aw\Local Settings\Application Data
jxdphbhh\pgqqfghtssd.exe
O4 - HKCU\..\Run: [usbkkuhe] C:\Documents and Settings\aw\Local Settings\Application Data\oumtksfud\atsxtsatssd.exe
O4 - HKCU\..\Run: [AVGT] C:\Program Files\AVGT\antivirusGT.exe
O4 - HKCU\..\Run: [{F5B734F2-9319-6688-F35E-902094142E3B}] "C:\Documents and Settings\aw\Application Data\Zeeppe\utbah.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: ogsau.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: ogsau.exe (User 'Default user')
O4 - .DEFAULT User Startup: ogsau.exe (User 'Default user')
O4 - Startup: Herramienta de búsqueda de soportes de PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar	oolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUman000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\msiedle.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{E04EEAD9-9D46-4A88-B989-CEE2A3E31597}: NameServer = 149.254.230.7 149.254.199.126
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxct_device -   - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

Utilisateur anonyme · Answer

salut

    * Télécharge sur le bureau RogueKiller
    * Quitte tous tes programmes en cours
    * Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
    * Sinon lance simplement RogueKiller.exe
    * Lorsque demandé, tape 1 [SCAN] et valide
    * Un rapport (RKreport.txt) a du se créer sur le bureau, poste-le.

ensuite:

MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:   

MBAM :    

&#9635 Télécharge MBAM    


&#9635 Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.    


&#9635 Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\     


&#9635 A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»    


&#9635 Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"    


> L'analyse peut durer un plusieurs heures...    


&#9635 Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"    


&#9635 Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"    


&#9635 Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum  > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI »  »

croco20 · Answer

ogueKiller V3.10.1 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: aw [Admin rights] Mode: Scan -- Time : 17/02/2011 00:12:14 Bad processes: Killed c:\documents and settings\aw\application data -mobile internet manager\ouc.exe Found: HKCU\...\RUN\ ueapwjpu : C:\Documents and Settings\aw\Local Settings\Application Data jxdphbhh\pgqqfghtssd.exe HKCU\...\RUN\ usbkkuhe : C:\Documents and Settings\aw\Local Settings\Application Data\oumtksfud\atsxtsatssd.exe HKCU\...\RUN\ {F5B734F2-9319-6688-F35E-902094142E3B} : "C:\Documents and Settings\aw\Application Data\Zeeppe\utbah.exe" HKLM\...\RUN\ ueapwjpu : C:\Documents and Settings\aw\Local Settings\Application Data jxdphbhh\pgqqfghtssd.exe HKLM\...\RUN\ usbkkuhe : C:\Documents and Settings\aw\Local Settings\Application Data\oumtksfud\atsxtsatssd.exe HKUS\S-1-5-21-583907252-1682526488-1417001333-1004...\RUN\ ueapwjpu : C:\Documents and Settings\aw\Local Settings\Application Data jxdphbhh\pgqqfghtssd.exe HKUS\S-1-5-21-583907252-1682526488-1417001333-1004...\RUN\ usbkkuhe : C:\Documents and Settings\aw\Local Settings\Application Data\oumtksfud\atsxtsatssd.exe HKUS\S-1-5-21-583907252-1682526488-1417001333-1004...\RUN\ {F5B734F2-9319-6688-F35E-902094142E3B} : "C:\Documents and Settings\aw\Application Data\Zeeppe\utbah.exe" HKLM\...\ControlSet002\...\Tcpip\...\Interface\{E04EEAD9-9D46-4A88-B989-CEE2A3E31597}: 149.254.230.7 149.254.199.126 HOSTS File: 127.0.0.1 localhost Finished

Utilisateur anonyme · Answer

un rogue comme prévu

MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:   

MBAM :    

&#9635 Télécharge MBAM    


&#9635 Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.    


&#9635 Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\     


&#9635 A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»    


&#9635 Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"    


> L'analyse peut durer un plusieurs heures...    


&#9635 Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"    


&#9635 Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"    


&#9635 Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum  > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI »  »

croco20 · Answer

voila le rMalwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5777

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

17/02/2011 01:52:41
mbam-log-2011-02-17 (01-52-40).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 188808
Time elapsed: 48 minute(s), 51 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 29
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 79

Memory Processes Infected:
c:\program files\AVGT\antivirusgt.exe (Rogue.AntivirusGT) -> 1264 -> Unloaded process successfully.

Memory Modules Infected:
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SolutionAV (Rogue.AntivirSolutionPro) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (PUP.PerfectOptimizer) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ueapwjpu (Rogue.AntivirusSuite.Gen) -> Value: ueapwjpu -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\usbkkuhe (Rogue.AntivirusSuite.Gen) -> Value: usbkkuhe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{F5B734F2-9319-6688-F35E-902094142E3B} (Trojan.ZbotR.Gen) -> Value: {F5B734F2-9319-6688-F35E-902094142E3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AVGT (Rogue.AntivirusGT) -> Value: AVGT -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ueapwjpu (Rogue.AntivirusSuite.Gen) -> Value: ueapwjpu -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\usbkkuhe (Rogue.AntivirusSuite.Gen) -> Value: usbkkuhe -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files\AVGT (Rogue.AntivirusGT) -> Quarantined and deleted successfully.
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\all users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\documents and settings\administrator\start menu\Programs\Startup\doruc.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\aw\local settings\Temp\50.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\default user\start menu\Programs\Startup\ogsau.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\uninstall fun web products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP172\A0247553.exe (PUP.Fbsearch) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP172\A0247560.exe (PUP.Fbsearch) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248129.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248147.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248128.scr (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248130.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248131.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248132.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248133.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248134.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248135.SCR (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248136.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248137.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248138.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248139.EXE (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248140.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248141.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248142.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248143.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248145.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248146.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248148.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248149.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248150.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248152.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248153.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248154.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248155.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248156.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248157.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248158.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248159.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248160.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248161.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248174.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248176.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248177.DLL (PUP.PerfectOptimizer) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248178.DLL (PUP.PerfectOptimizer) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248179.DLL (PUP.PerfectOptimizer) -> Not selected for removal.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP175\A0248180.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP177\A0248346.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP177\A0248344.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP177\A0248345.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b0212e98-a9aa-4c3a-9b1d-579227edd6b8}\RP177\A0248347.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\aw\Desktop\antivirusgt.lnk (Rogue.AntivirusGT) -> Quarantined and deleted successfully.
c:\program files\AVGT\antivirusgt.exe (Rogue.AntivirusGT) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\000977B4.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0009D97C.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\000C6ECC.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\000D9B17.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\000E66B4.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\000EE3E3.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\00103049.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0011680E.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0011DAEC.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\00131FC0.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\001418F5.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\00153E89.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0015D904.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\001A0418.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0088CF02.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0097C6EB.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\0097F31B.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\00991E4D.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\009A5C5B.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\009B64C3.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\009CF43C.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\009DFCD3.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\00A0A9E2.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\f3wallpp.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\wrkparam.lst (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
apport

Utilisateur anonyme · Answer

ok...

pas mal d'infection, on va voir tout ce que tu as:

pour une analyse de ton système, fais ceci: 

                              ----->ZHPDIAG<-----

/!\ utilisateur de vista et seven, désactiver l'UAC./!\  

/!\ utilisateur de vista et seven faite clique droit et "éxécuter en temps qu'administrateur/!\  

&#9654  Télécharge zhpdiag (de Nicolas Coolman)  

&#9654 Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.  

>  /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\  

&#9654 Clique sur la petite loupe en haut à gauche pour débuter l'analyse :  

&#9654 attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour  

&#9654 Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette  

&#9654 Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni                                          dans ta prochaine réponse sur le forum.  
    

@++

Virus

5 réponses

Discussions similaires