Sujet Précédent Sujet Suivant

Popup réguliers.

Résolu/Fermé
Lokee - 7 mai 2011 à 01:04
 Utilisateur anonyme - 11 mai 2011 à 12:39
Bonjour,
J'ai depuis peu un très grand nombre de popups différents sous firefox,malgré l'option bloquer les popups.. J'ai essayé spybot search and destroy,sans effet,et en cherchant un peu j'ai trouvé "navilog",mais le message de départ fait un peu peur,dans la mesure où je ne connais pas tellement l'informatique,et où j'ai un PC avec un prix conséquent..
Si vous avez quelque chose pour m'aider,ça serait parfait !!
Merci d'avance !



A voir également:

34 réponses

  • 1
  • 2
Réponse 1 / 34
vinvi
Modifié par vinvi le 7/05/2011 à 08:05
Salut,
télécharge ça plutôt

http://www.commentcamarche.net/download/telecharger-34055379-malwarebytes
0
Réponse 2 / 34
Utilisateur anonyme
7 mai 2011 à 10:27
Bonjour,

* Télécharge de AD-Remover sur ton Bureau.
http://www.teamxscript.org/adremoverTelechargement.html

/!\ Ferme toutes applications en cours /!\

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « chercher »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
0
Réponse 3 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 11:12
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 11:07:13 le 07/05/2011, Mode normal

Microsoft Windows 7 Édition Intégrale N (X64)
SUPER@SUPER-PC (System manufacturer System Product Name)

============== RECHERCHE ==============

Service: "sdmBackupIP" Présent

Dossier trouvé: C:\Program Files (x86)\Installer
Fichier trouvé: C:\Windows\SysWOW64\Utils.dll
Dossier trouvé: C:\Windows\BackupIP
Dossier trouvé: C:\Users\SUPER\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\SUPER\AppData\Roaming\CrazyLoader
Dossier trouvé: C:\Program Files (x86)\CrazyLoader
Dossier trouvé: C:\Users\SUPER\AppData\Roaming\FissaSearch
Dossier trouvé: C:\Users\SUPER\AppData\Local\networker
Dossier trouvé: C:\Users\SUPER\AppData\Roaming\OfferBox
Dossier trouvé: C:\Program Files (x86)\OfferBoxSearch

Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2643111
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\freeCompressor
Clé trouvée: HKLM\Software\Install Pedia Limited
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\FissaSearch
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fissa
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com (x)

-- C:\Users\SUPER\AppData\Roaming\Mozilla\FireFox\Profiles\r2hr31p8.default --
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://www.fissa.com/fr/?s=h&c=1008264698&suid=EjsEXZdqS&d=3&pid=28
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_URLSearchHooks|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKCU_SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9} - "Fissa" (hxxp://www.fissa.com/fr/results/?s=b&c=1008264698&suid=EjsEXZdqS&d=3&pid=28&q={s...)
HKCU_Toolbar\WebBrowser|{D0B1518E-3E45-4D16-A23B-4D90EF938E44} (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_Toolbar|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files (x86)\OfferBox\OfferBox.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll) (x)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 07/05/2011 11:07:18 (5968 Octet(s))

Fin à: 11:07:52, 07/05/2011

============== E.O.F ==============
0
Réponse 4 / 34
Utilisateur anonyme
7 mai 2011 à 11:23
Re,

1/
/!\ Ferme toutes applications en cours /!\

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton «Nettoyer»
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c

2/
Nous allons effectuer un diagnostic de ton PC:
*Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://pjjoint.malekal.com/

Si indisponible:
http://www.cijoint.fr/

* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html


Hébergement de rapport sur pjjoint.malekal.com

* Rends toi sur http://pjjoint.malekal.com/
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
*Clique sur le bouton Envoyer
* Un message de confirmation s'affiche, copie le lien dans ta prochaine réponse.

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 11:44
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:30:35 le 07/05/2011, Mode normal

Microsoft Windows 7 Édition Intégrale N (X64)
SUPER@SUPER-PC (System manufacturer System Product Name)

============== ACTION(S) ==============

Service: "sdmBackupIP" Stoppé et supprimé

Dossier supprimé: C:\Program Files (x86)\Installer
Fichier supprimé: C:\Windows\SysWOW64\Utils.dll
Dossier supprimé: C:\Windows\BackupIP
Dossier supprimé: C:\Users\SUPER\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files (x86)\Conduit
Dossier supprimé: C:\Users\SUPER\AppData\Roaming\CrazyLoader
Dossier supprimé: C:\Program Files (x86)\CrazyLoader
Dossier supprimé: C:\Users\SUPER\AppData\Roaming\FissaSearch
Dossier supprimé: C:\Users\SUPER\AppData\Local\networker
Dossier supprimé: C:\Users\SUPER\AppData\Roaming\OfferBox
Dossier supprimé: C:\Program Files (x86)\OfferBoxSearch

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2643111
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\freeCompressor
Clé supprimée: HKLM\Software\Install Pedia Limited
Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\FissaSearch
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\Spointer
Clé supprimée: HKCU\Software\AppDataLow\Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fissa
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\SUPER\AppData\Roaming\Mozilla\FireFox\Profiles\r2hr31p8.default --
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_URLSearchHooks|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKCU_Toolbar\WebBrowser|{D0B1518E-3E45-4D16-A23B-4D90EF938E44} (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_Toolbar|{d0b1518e-3e45-4d16-a23b-4d90ef938e44} (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d0b1518e-3e45-4d16-a23b-4d90ef938e44} - "Audacity-tools Toolbar" (C:\Program Files (x86)\Audacity-tools\tbAuda.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 30 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 07/05/2011 11:30:40 (5820 Octet(s))
C:\Ad-Report-SCAN[1].txt - 07/05/2011 11:07:18 (6106 Octet(s))

Fin à: 11:31:15, 07/05/2011

============== E.O.F ==============








https://pjjoint.malekal.com/files.php?id=6aec285134141113
0
Réponse 6 / 34
Utilisateur anonyme
7 mai 2011 à 13:10
Re,

1/
Désinstalle spybot et SpywareBlaster.


2/


Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM][64Bits] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847}
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM][64Bits] -- installer
[HKCU\Software\TOTEM]
O43 - CFD: 27/01/2011 - 19:35:40 - [230912] ----D- C:\Program Files\Installer
O43 - CFD: 05/12/2010 - 00:04:48 - [25662738] ----D- C:\Users\SUPER\AppData\Roaming\vghd
O43 - CFD: 05/12/2010 - 12:24:58 - [3345896] ----D- C:\Program Files (x86)\vghd
O43 - CFD: 27/08/2010 - 00:06:38 - [0] ----D- C:\Program Files (x86)\Widestream6
O87 - FAEL: "{B4D285B1-07F5-4B9A-94EE-EDEB56941709}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{18C00ACA-8C51-4180-9C44-6979F572F718}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe (.not file.)
C:\Program Files\Installer
C:\Users\SUPER\AppData\Roaming\vghd
C:\Documents and Settings\SUPER\Local Settings\Application Data\Crazyloader Air
C:\Documents and Settings\SUPER\Local Settings\Application Data\widestream6 Air
C:\Program Files (x86)\vghd
C:\Program Files (x86)\Widestream6


FirewallRAZ
EmptyTemp
EmptyFlash



Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.
0
Réponse 7 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 13:29
Rapport de ZHPFix 1.12.3280 par Nicolas Coolman, Update du 02/05/2011
Fichier d'export Registre : C:\ZHPExportRegistry-07-05-2011-13-28-38.txt
Run by SUPER at 07/05/2011 13:28:38
Windows 7, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM][64Bits] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847} => Logiciel déjà supprimé
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM][64Bits] -- installer => Logiciel déjà supprimé

========== Clé(s) du Registre ==========
O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader => Désinstallation logicielle annulée par l'utilisateur ou désinstallation partielle!
HKCU\Software\TOTEM => Clé absente

========== Valeur(s) du Registre ==========
{B4D285B1-07F5-4B9A-94EE-EDEB56941709} => Valeur supprimée avec succès
{18C00ACA-8C51-4180-9C44-6979F572F718} => Valeur supprimée avec succès
FirewallRaz : Aucune valeur présente dans la clé de registre "Standard Profile"
FirewallRaz : Aucune valeur présente dans la clé de registre "Domain Profile"
FirewallRaz (Domain) : FPS-SpoolSvc-In-TCP-NoScope => Valeur supprimée avec succès
FirewallRaz (Public) : FPS-SpoolSvc-In-TCP => Valeur supprimée avec succès
FirewallRaz (Domain) : CoreNet-GP-LSASS-Out-TCP => Valeur supprimée avec succès
FirewallRaz (Domain) : RemoteSvcAdmin-In-TCP-NoScope => Valeur supprimée avec succès
FirewallRaz (Public) : RemoteSvcAdmin-In-TCP => Valeur supprimée avec succès
FirewallRaz (Domain) : NetPres-In-TCP-NoScope => Valeur supprimée avec succès
FirewallRaz (Domain) : NetPres-Out-TCP-NoScope => Valeur supprimée avec succès
FirewallRaz (None) : NetPres-WSD-In-UDP => Valeur supprimée avec succès
FirewallRaz (None) : NetPres-WSD-Out-UDP => Valeur supprimée avec succès
FirewallRaz (Public) : NetPres-In-TCP => Valeur supprimée avec succès
FirewallRaz (Public) : NetPres-Out-TCP => Valeur supprimée avec succès
FirewallRaz (Private) : {C4BF243C-65D3-41E5-AF49-76963A88E72F} => Valeur supprimée avec succès
FirewallRaz (Private) : TCP Query User{AE838529-C1BE-42B2-84AB-B499F3272542}C:\program files (x86)\world of warcraft\launcher.exe => Valeur supprimée avec succès
FirewallRaz (Private) : UDP Query User{A2DDB66C-4D66-41F6-8373-46FB0733FE25}C:\program files (x86)\world of warcraft\launcher.exe => Valeur supprimée avec succès
FirewallRaz (Private) : {ED8AF83E-B4B5-4B97-9A3E-F2C27BA4DD67} => Valeur supprimée avec succès
FirewallRaz (Private) : {5EA174B4-F99C-4474-8702-12E20EE79630} => Valeur supprimée avec succès
FirewallRaz (Private) : {51C8EC39-9F6E-4C07-BC8B-501EF57F90FE} => Valeur supprimée avec succès
FirewallRaz (Private) : {B157CBD2-1BFE-42D9-B763-D3A1269BF5D2} => Valeur supprimée avec succès
FirewallRaz (Domain) : {09B36451-BEBB-4060-A6D5-75F29B1368C2} => Valeur supprimée avec succès
FirewallRaz (Domain) : {2AA2E91D-FA3D-4F13-869A-FA79BEF589AB} => Valeur supprimée avec succès
FirewallRaz (Private) : {8DDBC3FE-C73D-4738-96E2-3D184F309715} => Valeur supprimée avec succès
FirewallRaz (Private) : {C5E0E679-D3AB-426A-8355-442EAADE6119} => Valeur supprimée avec succès
FirewallRaz (Private) : TCP Query User{F6EAEA9E-4781-4762-9ED0-0D84FE601D2A}C:\users\super\desktop\world of warcraft\launcher.exe => Valeur supprimée avec succès
FirewallRaz (Private) : UDP Query User{F88EBFDC-0D0B-44F5-BBD8-399296D93786}C:\users\super\desktop\world of warcraft\launcher.exe => Valeur supprimée avec succès
FirewallRaz (Private) : {3A496600-4355-4844-A3EE-2E3FD81FF299} => Valeur supprimée avec succès
FirewallRaz (Private) : {BE65662E-4D1C-4175-B3FE-504C76B1EFD0} => Valeur supprimée avec succès
FirewallRaz (Private) : {C74194FD-8DC8-4225-A5C4-3EB283BAA7BF} => Valeur supprimée avec succès
FirewallRaz (Private) : {99AE53EC-3349-4478-A031-CCD0F1D69D0A} => Valeur supprimée avec succès
FirewallRaz (Public) : {D3E08B45-EB2D-47F2-BEA6-ED98C7FBE8D9} => Valeur supprimée avec succès
FirewallRaz (Public) : {E57BDC5D-5DE9-4693-810B-9EBC255510C7} => Valeur supprimée avec succès
FirewallRaz (Public) : {8B2DDEF6-5733-4CCC-B26D-2ADDE0BC0C37} => Valeur supprimée avec succès
FirewallRaz (Public) : {6B1A67B9-59D5-4517-8160-B191A65FB2E0} => Valeur supprimée avec succès
FirewallRaz (None) : {111FD9C3-61A6-43B7-8373-C73CD515EF8C} => Valeur supprimée avec succès
FirewallRaz (None) : {BF93BDED-FF93-4B29-8CCE-E95C0CC71503} => Valeur supprimée avec succès
FirewallRaz (None) : {86699216-FAB9-41FC-BDE0-912BA2653FAD} => Valeur supprimée avec succès
FirewallRaz (Private) : TCP Query User{FE2B6DBC-1703-47AB-AE2D-C79AFE601BE4}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe => Valeur supprimée avec succès
FirewallRaz (Private) : UDP Query User{49CDBA08-E86F-4F6A-AE10-6F42FF6F2A35}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe => Valeur supprimée avec succès
FirewallRaz (None) : {C7253BB7-D9B9-4506-B39C-D42975444BD9} => Valeur supprimée avec succès
FirewallRaz (Private) : {670413CE-D4CD-450B-A07A-49630F7D5813} => Valeur supprimée avec succès
FirewallRaz (Private) : {C07B5178-5BC2-492B-99BC-28F2BC855934} => Valeur supprimée avec succès
FirewallRaz (Private) : {5588A001-4EA0-4A9D-AA3B-5ACE026BE81B} => Valeur supprimée avec succès
FirewallRaz (Private) : {4F70E24F-BBA8-4AF4-B949-B0FC3C585A84} => Valeur supprimée avec succès
FirewallRaz (Private) : {4D967103-CF14-4D0A-B3D8-DB478838879B} => Valeur supprimée avec succès
FirewallRaz (Private) : {1491320C-FA0F-4012-914B-CC086937FBBB} => Valeur supprimée avec succès
FirewallRaz (Private) : {919D5976-54BB-4899-B5FD-9CAEF4953458} => Valeur supprimée avec succès
FirewallRaz (Private) : {CA2AA961-CED2-4A1C-A771-90FF952617CF} => Valeur supprimée avec succès

========== Dossier(s) ==========
Dossiers Flash Cookies supprimés : 746

========== Fichier(s) ==========
Fichiers Flash Cookies supprimés : 308


========== Récapitulatif ==========
2 : Clé(s) du Registre
50 : Valeur(s) du Registre
1 : Dossier(s)
1 : Fichier(s)
2 : Logiciel(s)


End of the scan
0
Réponse 8 / 34
Utilisateur anonyme
7 mai 2011 à 14:25
Re,

*Télécharges Malwarebytes' (mbam)

ICI >> Malwarebytes' (mbam)

* installes + mise a jour
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) sans les ouvrir
* Lances--> Malwarebytes (MBAM)
* Puis vas dans l'onglet "Recherche", coche >>Exécuter un examen complet
* puis "Rechercher"
* Sélectionnes tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
*Si MalwareBytes' détecte des infections, clique sur ==>Afficher les résultats, puis sur ==>Supprimer la sélection
* S'il t' es demandé de redémarrer, clique sur "oui "
* aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici
!!! Ne pas vider la quarantaine de MBAM sans avis !!!
0
Réponse 9 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 17:08
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 6526

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07/05/2011 17:03:38
mbam-log-2011-05-07 (17-03-38).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 287758
Temps écoulé: 26 minute(s), 26 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 218

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files (x86)\ZHPDiag\quarantine\installer.dir\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\00365e9e_900acc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\010eeada_07bacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0123fe12_88f8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0397cbc2_62d6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\069d0063_c4b8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\08780c65_08a5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0895096f_3803cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\098e119b_bb02cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0a347d24_28d4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0b029aa0_bae5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0bcb6034_06d1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0d2e5d11_86f8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0d654321_5cd0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\0fe55033_1ae7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\105b6fc6_a8f5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\107d353f_8bd9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\10f54e29_50d0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1122c2f6_49b7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\11e64bb0_c5facb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\12d278ff_35a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\13358add_0ee4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\13e9941b_30fdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\14af481f_0ac7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\15b4ea34_6de2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1648d84b_5fc0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\16fe9db2_69dfcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\17add297_30e5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\18a724f0_0cfacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\190bda34_23adcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1b7200ce_cedccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1d263e26_89cacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1eff7e0c_70dbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\1f1f634e_a4aacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\20ef44de_b3c4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\21678445_0aebcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\223ff9a3_1ce7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2341b604_d9bfcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\24360eb6_b6e4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\258e4bd6_6dcccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\26082c6d_1cedcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2731f09c_5f0acc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\282debaa_30e7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\28928628_aaf0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2aa6c4a8_3de6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2b25128a_89e4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2bb6074c_81ddcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2cc010a2_7caacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2cd2adb6_56f5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2d4e6829_d6a8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2ec626cc_55e8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\2f99ba18_e9d9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\30ec88c3_8dd5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\316bf71d_f107cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\328e039e_65b5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\34935809_06bccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\35de75b4_32f5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\360492d5_c1c0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\37840d95_07a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\3871f1fb_0da9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\3cf444e7_c5b1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\3e54888d_2b03cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\401840e2_ecf9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\417ae654_61c9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4265335a_44d8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4287aed8_91ffcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\42b52980_10b4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\43139881_e6adcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\44714ca4_62f4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\458cf6af_29d7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\45b26c5c_57fccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\49ec31a3_62f8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4b3bc3ab_ead8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4b4eb8a4_340ccc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4b8ec39e_69b6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4bc24e51_b4c4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\4e3d79a1_e101cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\5081b9a1_80a8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\5092271b_15f1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\5113cdaf_dcc6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\52761a87_e7e9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\52c50bc8_cee4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\52cded48_f8d7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\52e875a1_ccdfcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\559fc3b4_3fb9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\59e3f5a0_ffc5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\59f6d56c_ddebcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\5b201701_45e3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\5ce29d4b_07e8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\60bfb114_80decb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\63869a02_e8a4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\640d0bc3_32eccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\64bcd5db_f5e7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\6569c0f8_bbf3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\6bd01e62_7cf0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\6d06d9e2_dbcecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\6fc5800b_d2c1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\71173a88_13bacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\71516eff_7ad9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\71bea20f_ffe3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\71c90c3d_8acbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7375c0c2_ab08cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\74c8b957_f0dccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\75879aad_92b9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\777db208_a7b4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7841c29e_88f0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7884fc29_b6c0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\78eaa002_8c09cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7ada1dbe_ffaccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7b4b3a45_c9bccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7b5b1e56_75bdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7b6d595b_4df9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7bb0cdf1_c4c3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7ca7b049_cdcecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7d1741af_1dc8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7ecd3f3c_ed08cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\7fb462af_b3aacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\816670d7_73d3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\838a9279_c2fecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8469efb4_89c0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\84e9cdfc_90e1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\84f6f8ec_e6c3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8871472e_33fdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\88a1f36a_35bfcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\897975b4_8ce7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8a720363_71ffcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8ad83388_05cecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8dda9f65_f807cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8eed9b2f_f7fdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\8f990358_25b0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\91e16975_38b4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\92a03e1c_e4fccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\92d6acf9_6e06cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\9334ca08_24d9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\9357f673_a3c4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\9587e200_0fbbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\9629cc9e_feb2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\97f4ddd4_1ed3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\99c09de3_0de8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\9e75bf60_40a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a0eb884e_81b2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a1e72c3f_3100cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a4ce511f_e1edcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a510b216_4cfecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a5461cd5_89edcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a554174a_81f4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a602f0ea_5fddcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\a81cc483_32f6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ab76f2b8_80abcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ac0271e1_a6a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ac350687_c0f3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ad5136b1_1deecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ad5ede92_6909cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\aef9b6f3_45dacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\af13ab19_cbc3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b13655cb_0408cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b15627c7_ed0bcc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b4077b42_30c4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b4fda4cb_ebfdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b583888c_e2d8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b64cdf4c_44eecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b760526c_01e8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\b848a533_a7f6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\be2f6b56_c3accb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\bff3defd_cf0bcc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\c2276360_aed2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\c24aed72_b4eccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\c39dd8dd_3bcdcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\c63da49d_48becb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\c8441c98_88e9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\cb87ff5f_2ed7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\cc5c41b2_dde4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ce47df91_23afcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d148d210_3e0acc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d2269aec_08f3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d2ea6e80_5bf7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d30e3dc8_01bccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d42a692e_d5b6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d47912ea_62dacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d661baf1_5a07cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\d8558bd4_eec6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\db044ee3_9b05cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\dd97e763_e5e6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\df5c07d2_97f7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\dfbae304_10a4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e2564eea_3de0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e258ebe7_61d4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e47f3811_b4e5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e4968d8f_00aacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e4e40465_1ae6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e76944e3_7ec1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e7ddf72d_41f9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e8e32c82_d4c1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\e98b6a09_37dccb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ec7a1976_81a6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ec9bb64f_7df1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ece94a0b_95a3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ecf7089d_88ddcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\edacab33_5e00cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ee7687ca_f0b7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ef4fdf1f_f603cc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f2f6e129_29fbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f52d5a8d_dec3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f5f3eb92_5fa4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f68c3ed7_47c9cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f6990197_b8efcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f7cbd7e1_15d5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f89d4d4e_50b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f8fdb882_52d0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\f90ac93f_40decb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\fa0278ed_6be1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\fa092c26_2fa8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\fa48e93f_00e7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\fb1b2bc3_950ccc01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\fe189baa_edd1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ff686ce3_e9b0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\AppData\Local\assembly\dl3\TXQDWVDN.BM5\TOQQWTGG.D5T\f843ae02\ffc3ca0f_51d7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\SUPER\downloads\VLC.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
0
Réponse 10 / 34
Utilisateur anonyme
7 mai 2011 à 17:36
Re,

Le rapport est long, pour cela :

Héberge le rapport de malwarebytes sur pjjoint.malekal.com

* Rends toi sur http://pjjoint.malekal.com/
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
*Clique sur le bouton Envoyer
* Un message de confirmation s'affiche, copie le lien dans ta prochaine réponse.

@+
0
Réponse 11 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 17:50
https://pjjoint.malekal.com/files.php?id=b7y9s6i14f12r6t9z12e11

Désolé ;)
0
Réponse 12 / 34
Utilisateur anonyme
7 mai 2011 à 18:38
Re,

218 fichiers infectés :o


Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )



[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
R3 - URLSearchHook: Audacity-tools Toolbar [64Bits] - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} . (.Conduit Ltd. - Conduit Toolbar.) (5, 6, 0, 23) -- C:\Program Files (x86)\Audacity-tools\tbAuda.dll
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-2361508863-3086355369-3943274793-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
[MD5.00000000000000000000000000000000] [APT] [{30D4D90B-9E04-42DA-A380-1B76281B44A7}] (.Pas de propriétaire.) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6D610375-2A37-4D1A-8984-5D33D1ECDEAF}] (.Pas de propriétaire.) -- C:\Users\SUPER\Downloads\sismol.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{9DC9C4C3-EF3D-45CD-948A-641C8A706A0C}] (.Pas de propriétaire.) -- C:\Users\SUPER\Downloads\sismol.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{AE760D56-FA71-47A2-B9E6-97E28CEFC305}] (.Pas de propriétaire.) -- C:\Users\SUPER\AppData\Local\Temp\AION\Aion Launcher.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E22D8A60-8773-42E4-8E0E-F791CC0FD31E}] (.Pas de propriétaire.) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E9E2B558-24F6-49A3-8543-6E3A114214EE}] (.Pas de propriétaire.) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
O42 - Logiciel: AC2 server emulator 0.44 by Dormine - (.bjamikel.) [HKLM][64Bits] -- {675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
[HKCU\Software\AppDataLow\Software\Audacity-tools]
[HKLM\Software\Audacity-tools]
O43 - CFD: 07/05/2011 - 00:58:34 - [43593] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/09/2010 - 19:45:56 - [2883459] ----D- C:\Program Files (x86)\Audacity-tools
O43 - CFD: 25/04/2011 - 13:13:38 - [71868534] ----D- C:\Program Files (x86)\Spybot - Search & Destroy
O87 - FAEL: "{51C8EC39-9F6E-4C07-BC8B-501EF57F90FE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
O87 - FAEL: "{B157CBD2-1BFE-42D9-B763-D3A1269BF5D2}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
O87 - FAEL: "{09B36451-BEBB-4060-A6D5-75F29B1368C2}" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
O87 - FAEL: "{2AA2E91D-FA3D-4F13-869A-FA79BEF589AB}" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\The Witcher Enhanced Edition\launcher.exe (.not file.)
O87 - FAEL: "TCP Query User{FE2B6DBC-1703-47AB-AE2D-C79AFE601BE4}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "UDP Query User{49CDBA08-E86F-4F6A-AE10-6F42FF6F2A35}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "{5588A001-4EA0-4A9D-AA3B-5ACE026BE81B}" |In - Private - P6 - TRUE | .(...) -- C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe (.not file.)
O87 - FAEL: "{4F70E24F-BBA8-4AF4-B949-B0FC3C585A84}" |In - Private - P17 - TRUE | .(...) -- C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe (.not file.)
O87 - FAEL: "{919D5976-54BB-4899-B5FD-9CAEF4953458}" |In - Private - P6 - TRUE | .(...) -- C:\World of Warcraft\Blizzard Downloader.exe (.not file.)
O87 - FAEL: "{CA2AA961-CED2-4A1C-A771-90FF952617CF}" |In - Private - P17 - TRUE | .(...) -- C:\World of Warcraft\Blizzard Downloader.exe (.not file.)





Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.
0
Réponse 13 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 18:44
Oui,comme tu dis, :o ^^"

Rapport de ZHPFix 1.12.3280 par Nicolas Coolman, Update du 02/05/2011
Fichier d'export Registre : C:\ZHPExportRegistry-07-05-2011-18-44-15.txt
Run by SUPER at 07/05/2011 18:44:02
Windows 7, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
O42 - Logiciel: AC2 server emulator 0.44 by Dormine - (.bjamikel.) [HKLM][64Bits] -- {675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1 => Logiciel déjà supprimé
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 => Logiciel déjà supprimé

========== Clé(s) du Registre ==========
HKCU\Software\AppDataLow\Software\Audacity-tools => Clé supprimée avec succès
HKLM\Software\Audacity-tools => Clé absente

========== Valeur(s) du Registre ==========
R3 - URLSearchHook: Audacity-tools Toolbar - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} . (.Conduit Ltd. - Conduit Toolbar.) (5, 6, 0, 23) -- C:\Program Files (x86)\Audacity-tools\tbAuda.dll => Valeur supprimée avec succès
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe => Valeur absente
O4 - HKUS\S-1-5-21-2361508863-3086355369-3943274793-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe => Valeur absente
{51C8EC39-9F6E-4C07-BC8B-501EF57F90FE} => Valeur absente
{B157CBD2-1BFE-42D9-B763-D3A1269BF5D2} => Valeur absente
{09B36451-BEBB-4060-A6D5-75F29B1368C2} => Valeur absente
{2AA2E91D-FA3D-4F13-869A-FA79BEF589AB} => Valeur absente
TCP Query User{FE2B6DBC-1703-47AB-AE2D-C79AFE601BE4}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe => Valeur absente
UDP Query User{49CDBA08-E86F-4F6A-AE10-6F42FF6F2A35}C:\users\super\appdata\local\temp\jdic_0_9_5\ieembed.exe => Valeur absente
{5588A001-4EA0-4A9D-AA3B-5ACE026BE81B} => Valeur absente
{4F70E24F-BBA8-4AF4-B949-B0FC3C585A84} => Valeur absente
{919D5976-54BB-4899-B5FD-9CAEF4953458} => Valeur absente
{CA2AA961-CED2-4A1C-A771-90FF952617CF} => Valeur absente

========== Elément(s) de donnée du Registre ==========
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified => Donnée supprimée avec succès

========== Dossier(s) ==========
C:\ProgramData\Spybot - Search & Destroy => Supprimé et mis en quarantaine
C:\Program Files (x86)\Audacity-tools => Supprimé et mis en quarantaine
C:\Program Files (x86)\Spybot - Search & Destroy => Fichier supprimé au reboot

========== Fichier(s) ==========
c:\program files (x86)\audacity-tools\tbauda.dll => Supprimé et mis en quarantaine

========== Tache planifiée ==========
Task : {30D4D90B-9E04-42DA-A380-1B76281B44A7} => Tâche supprimée avec succès
Task : {6D610375-2A37-4D1A-8984-5D33D1ECDEAF} => Tâche supprimée avec succès
Task : {9DC9C4C3-EF3D-45CD-948A-641C8A706A0C} => Tâche supprimée avec succès
Task : {AE760D56-FA71-47A2-B9E6-97E28CEFC305} => Tâche supprimée avec succès
Task : {E22D8A60-8773-42E4-8E0E-F791CC0FD31E} => Tâche supprimée avec succès
Task : {E9E2B558-24F6-49A3-8543-6E3A114214EE} => Tâche supprimée avec succès


========== Récapitulatif ==========
2 : Clé(s) du Registre
13 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
3 : Dossier(s)
1 : Fichier(s)
2 : Logiciel(s)
6 : Tache planifiée


End of the scan
0
Réponse 14 / 34
Utilisateur anonyme
Modifié par Marmar66 le 7/05/2011 à 20:56
Re,



Stp, vide la quarentaine de Malwarebytes et prépare un nouveau rapport ZHPdiag
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Membre, Contributeur

H.F. : Fish66
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
0
Réponse 15 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 21:40
https://pjjoint.malekal.com/files.php?id=x14j8e15g9n12v12y12i9u11
0
Utilisateur anonyme
7 mai 2011 à 21:45
Je veux un rapport ZHPDiag, regarde ce que tu m'as envoyé ! :)
0
Réponse 16 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 21:55
Oulah,désolé ^^"

https://pjjoint.malekal.com/files.php?id=14t1112w9x911t10h12w8
0
Réponse 17 / 34
Utilisateur anonyme
7 mai 2011 à 22:09
Re,

1/
Tu as installé des logiciels sources d'infection, pour cela tu désinstalles

ces logiciels par ajout/suppression de programme:

* CrazyLoader
* FreeCompressor
* installer

2/
* Télécharge, sur le Bureau, MBRCheck (par a_d_13) en cliquant sur l'un de ces liens:

* http://www.geekstogo.com/forum/files/file/441-mbrcheck/
* https://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe
* http://www.kernelmode.info/MBRCheck.exe

* Fermer tout et cliquer sur MBRCheck.exe

* S'il te demande de taper "Y or N", tapes Y puis valider en tapant sur la touche entrée de ton clavier,
* S'il te demande de taper sur la touche "entrée" seulement, fais le
* S'il te demande 1, 2 ou 3, Appuie sur 2

* Un rapport s'ouvre en fin de scan et sera automatiquement enregistré sur le Bureau. Il sera du type MBRCheck_AA.JJ.MM_hh.mm.ss.txt (i.e. MBRCheck_07.21.10_18.08.06.txt).


0
Réponse 18 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 22:17
Pour crazyloader et "installer",il me dit qu'il y a une erreur,et que les programmes étaient déjà désinstallés,donc ça les a juste supprimer de la liste,c'est normal?




https://pjjoint.malekal.com/files.php?id=h9s14n12j510k7u8s5s10
0
Réponse 19 / 34
Utilisateur anonyme
7 mai 2011 à 22:33
Re,

D'accord on va vérifier

Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )



O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader => Infection BT (Adware.SPointer)
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM][64Bits] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847} => Infection BT (Adware.SPointer)
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM][64Bits] -- installer => Infection BT (Adware.InstallPedia)
O4 - HKCU\..\Run: [PlayNC Launcher] Clé orpheline
OPT:O4 - HKLM\..\Wow6432Node\Run: [vspdfprsrv.exe] . (...) -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKUS\S-1-5-21-2361508863-3086355369-3943274793-1000\..\Run: [PlayNC Launcher] Clé orpheline
O42 - Logiciel: AC2 server emulator 0.44 by Dormine - (.bjamikel.) [HKLM][64Bits] -- {675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1
[HKCU\Software\SpywareBlaster]
[HKLM\Software\Audacity-tools]
[HKLM\Software\SpywareBlaster]
[HKCR\Installer\Features\5B4758C25396ECF468E04F8E063287FF]
[HKCR\Installer\UpgradeCodes\5B4758C25396ECF468E04F8E063287FF]
[HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF]
C:\Users\SUPER\AppData\Roaming\Widestream



Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

2/
Relance Malwarebytes, fais une analyse complète puis poste le rapport
0
Réponse 20 / 34
Lokee Messages postés 17 Date d'inscription samedi 7 mai 2011 Statut Membre Dernière intervention 11 mai 2011
7 mai 2011 à 23:10
Rapport de ZHPFix 1.12.3280 par Nicolas Coolman, Update du 02/05/2011
Fichier d'export Registre : C:\ZHPExportRegistry-07-05-2011-22-40-24.txt
Run by SUPER at 07/05/2011 22:40:24
Windows 7, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader => Logiciel déjà supprimé
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM][64Bits] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847} => Logiciel déjà supprimé
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM][64Bits] -- installer => Logiciel déjà supprimé
O42 - Logiciel: AC2 server emulator 0.44 by Dormine - (.bjamikel.) [HKLM][64Bits] -- {675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1 => Logiciel déjà supprimé

========== Clé(s) du Registre ==========
HKCU\Software\SpywareBlaster => Clé supprimée avec succès
HKLM\Software\Audacity-tools => Clé absente
HKLM\Software\SpywareBlaster => Clé absente
HKCR\Installer\Features\5B4758C25396ECF468E04F8E063287FF => Clé supprimée avec succès
HKCR\Installer\UpgradeCodes\5B4758C25396ECF468E04F8E063287FF => Clé supprimée avec succès
HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF => Clé absente

========== Valeur(s) du Registre ==========
O4 - HKCU\..\Run: [PlayNC Launcher] Clé orpheline => Valeur supprimée avec succès
O4 - HKLM\..\Wow6432Node\Run: [vspdfprsrv.exe] . (...) -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe => Valeur supprimée avec succès
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe => Valeur supprimée avec succès
O4 - HKUS\S-1-5-21-2361508863-3086355369-3943274793-1000\..\Run: [PlayNC Launcher] Clé orpheline => Valeur absente

========== Dossier(s) ==========
c:\users\super\appdata\roaming\widestream => Supprimé et mis en quarantaine

========== Fichier(s) ==========
c:\users\super\appdata\roaming\widestream => Fichier absent







Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 6526

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07/05/2011 23:09:39
mbam-log-2011-05-07 (23-09-39).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 287847
Temps écoulé: 28 minute(s), 37 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0

Discussions similaires

pc bloque
nico -
NICO -

33 réponses
mon ordi est bloquer sur american megatrends
kpointe -
doudous -

23 réponses
PC bloqué sur American megatrend
Sabrina -
Sabrina -

2 réponses
[PHP] Créer un pop up
ChtiChris -
ChtiChris -

6 réponses
Application popup
xavier -
cpd -

11 réponses