Probléme avec security toolbar 7.1

Résolu
samos -  
 afideg -
Bonjour, j'ai un gros souci avec mon ordi
plein de choses sont apparu .que faire?

j'ai "avast" ad-aware"et"spybot"
ils tournent bien et ils placent bien les problémes en quarantaine
par contre j'ai
*une nouvelle barre qui est apparu "security toolbar" en haut de ma page internet;

*j'ai 2 raccourcis nouveaux qui sont apparu sur mon bureau"online security guide" et "live safety center"

comment les supprimer et surtout ou les retrouver pour les supprimer définitivement
ils n'apparaissent pas dans"modifier ou suprimer".

*en bas a droite dans ma barre j'ai un triangle jaune avec un "!" dedans il est ecrit:

"your computer is infected with a black door trojan that allows the remote attackerto perform various malcious actions .
click this ballon to dowload malware removal software."

un autre mesage apparait ensuite:

"type:virus/network,worm.
damage level:hight
description:virus that infects executable files
recommedation immediately:delete:quarantine
protection:click this ballon to dowload certified antivirus software
system performance monitor: warning summary"

mais encore..

"summary:system performance sowed down by:47 pour cent
internet connection speed dereased by:39 pour cent
probable reason: spyware applications/adware popup windows.
click this ballon to dowload spywre scan tool to remove spyware/adware applications"

et aussi..

"security alert:spyware found
computer is infected whith last versions of psw .x-vir trojan
psw trojan seals your privat informaton such as:passwords,ip-adresses,credit card information,registration,detais,documents ,etc
click the baloon to remove psw.x-vir spware"

et enfin...

"system alert:trojan-spy.win 32 @mx
type:spyware/trojan
vulnerable:windows 95/98/me/nt/2003/windows.xp
description/spyware program that sends confidential information to a remote attacker
protection/click the baloon to download official security"


et en même temps des pages internet s'ouvre toujours

voici les sites:

"http://www.savetheinformation.com/v6/?gai=hamm_h5_pop&gli=pop_1&gff=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&eai=hamm_h5_pop&eli=pop_1&eaf=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&air=hamm_h5_pop&lir=pop_1&afr=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E"

et...

http://www.savetheinformation.com/v5/?gai=hamm_h5_pop&gli=pop_1&gff=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&eai=hamm_h5_pop&eli=pop_1&eaf=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&air=hamm_h5_pop&lir=pop_1&afr=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E

et....
http://www.savetheinformation.com/v1/?gai=hamm_h5_pop&gli=pop_1&gff=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&eai=hamm_h5_pop&eli=pop_1&eaf=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E&air=hamm_h5_pop&lir=pop_1&afr=hamm_15005_90b5ee3f%202604973B67134AF2BC342D5EB471B60E


alors pouvez vous me dire si tout ça est lié
et surtout ce que je peut faire pour rétablir les erreurs qui arrivent ?

merci encore j'attend une réponse avec impatience
aurevoir
A voir également:

123 réponses

Précédent
Réponse 41 / 123
samos
 
j'ai trouvé dans:
hp_pavillon (c:)
program files
ccleaner


il ya 7 fichiers ,le rapport est il là dedans?
history, install, lang-1036,dll,uninst,winapp et bien sur ccleaner
merci je sais pas si vous comprenez?
0
Réponse 42 / 123
samos
 
ok
0
Réponse 43 / 123
samos
 
AVG tourne pour l'instant il en a dejà détécté 7
dans l'attente......
0
Réponse 44 / 123
samos
 
voici le premier rapport AVG:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 12:21:45 17/11/2007

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\image05.zip/image05.JPG-www.photobucket.com -> Backdoor.IRCBot.amw : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078109.exe -> Backdoor.IRCBot.amw : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078183.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078184.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078185.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078186.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078187.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078188.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078189.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078190.dll -> Downloader.ConHook.hl : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078191.dll -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\__c0062747.dat.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\__c00CBA0.dat.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\aiediflg.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\airssnng.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\auhfofqy.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\desgvkyi.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\dmwfaoat.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\hrmdmtex.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\hxxqwbii.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\kdwngjiu.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\C\WINDOWS\system32\xoutresw.dll.vir -> Downloader.ConHook.hl : Ignoré.
C:\qoobox\Quarantine\catchme2007-11-16_200747.73.zip/__c0094F9E.dat -> Downloader.ConHook.hl : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Bureau\salut\SDFix\backups\backups.zip/backups/kler.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071265.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071267.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071398.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071400.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071420.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071421.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071443.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071450.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071572.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071573.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078137.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078458.exe -> Trojan.KillAV.mc : Ignoré.
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078466.exe -> Trojan.KillAV.mc : Ignoré.


Fin du rapport




bideffender va être tés long alors voici déjà le premier rapport de avg
(j'ai tout supprimer!)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 123
samos
 
voici le rapport de bideffender:

BitDefender Online Scanner - Real Time Virus Report



Generated at: Sat, Nov 17, 2007 - 13:48:41


--------------------------------------------------------------------------------





Scan Info



Scanned Files
338825

Infected Files
58








Virus Detected



DeepScan:Generic.Malware.SP!VPk!.21478FEC
4

GenPack:Generic.Sdbot.C14F2D7F
3

GenPack:Generic.Sdbot.E153B6B5
8

Trojan.Fotomoto.F
1

Trojan.Conhook.CX
5

Trojan.Agent.AFQY
28

Trojan.Qhosts.B
3

Generic.Qhost.DAEBA34F
3

Generic.Qhost.3AFB17AB
1

Trojan.Qhost.ABW
2










--------------------------------------------------------------------------------



This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.




BitDefender Online Scanner



Scan report generated at: Sat, Nov 17, 2007 - 13:41:02





Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;







Statistics

Time
01:11:17

Files
331003

Folders
7151

Boot Sectors
3

Archives
15815

Packed Files
17438




Results

Identified Viruses
10

Infected Files
58

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
58




Engines Info

Virus Definitions
878095

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-10B4-51C1E773B3F8}\DATA.CAB=>RESOURCE1
Infected with: Trojan.Qhosts.B

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-10B4-51C1E773B3F8}\DATA.CAB=>RESOURCE1
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-10B4-51C1E773B3F8}\DATA.CAB=>RESOURCE1
Deleted

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-10B4-51C1E773B3F8}\DATA.CAB
Update failed

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-94DE-9791413D0329}\DATA.CAB=>RESOURCE1
Infected with: Trojan.Qhosts.B

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-94DE-9791413D0329}\DATA.CAB=>RESOURCE1
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-94DE-9791413D0329}\DATA.CAB=>RESOURCE1
Deleted

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-94DE-9791413D0329}\DATA.CAB
Update failed

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-B705-96EAB57E94C4}\DATA.CAB=>RESOURCE1
Infected with: Trojan.Qhosts.B

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-B705-96EAB57E94C4}\DATA.CAB=>RESOURCE1
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-B705-96EAB57E94C4}\DATA.CAB=>RESOURCE1
Deleted

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003A92-D50C-1867-B705-96EAB57E94C4}\DATA.CAB
Update failed

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{47E05D7F-690B-4EC8-BFF9-76E65F7F1DC6}
Infected with: Trojan.Qhost.ABW

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{47E05D7F-690B-4EC8-BFF9-76E65F7F1DC6}
Disinfection failed

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{47E05D7F-690B-4EC8-BFF9-76E65F7F1DC6}
Deleted

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{AF2B489E-103A-43B2-8D9F-119EFCC8799F}
Infected with: Trojan.Qhost.ABW

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{AF2B489E-103A-43B2-8D9F-119EFCC8799F}
Disinfection failed

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{AF2B489E-103A-43B2-8D9F-119EFCC8799F}
Deleted

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{DB4F5A5B-FD33-4A67-9F65-509109BF154F}
Infected with: Generic.Qhost.3AFB17AB

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{DB4F5A5B-FD33-4A67-9F65-509109BF154F}
Disinfection failed

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{DB4F5A5B-FD33-4A67-9F65-509109BF154F}
Deleted

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>helper.exe
Deleted

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)
Update failed

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>zm.exe
Infected with: Trojan.Conhook.CX

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>zm.exe
Disinfection failed

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)=>zm.exe
Deleted

C:\qoobox\Quarantine\C\prkc.exe.vir=>(RAR Sfx o)
Update failed

C:\qoobox\Quarantine\C\vont.exe.vir
Infected with: GenPack:Generic.Sdbot.C14F2D7F

C:\qoobox\Quarantine\C\vont.exe.vir
Disinfection failed

C:\qoobox\Quarantine\C\vont.exe.vir
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP263\A0071215.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP263\A0071215.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP263\A0071215.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071225.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071225.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071225.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071264.exe=>(RAR Sfx o)=>kler.exe
Infected with: DeepScan:Generic.Malware.SP!VPk!.21478FEC

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071264.exe=>(RAR Sfx o)=>kler.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071264.exe=>(RAR Sfx o)=>kler.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP264\A0071264.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP265\A0071339.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP265\A0071339.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP265\A0071339.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071369.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071369.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071369.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071396.exe=>(RAR Sfx o)=>kler.exe
Infected with: DeepScan:Generic.Malware.SP!VPk!.21478FEC

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071396.exe=>(RAR Sfx o)=>kler.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071396.exe=>(RAR Sfx o)=>kler.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071396.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071418.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071418.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071418.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071419.exe=>(RAR Sfx o)=>kler.exe
Infected with: DeepScan:Generic.Malware.SP!VPk!.21478FEC

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071419.exe=>(RAR Sfx o)=>kler.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071419.exe=>(RAR Sfx o)=>kler.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071419.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071440.exe=>(RAR Sfx o)=>kler.exe
Infected with: DeepScan:Generic.Malware.SP!VPk!.21478FEC

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071440.exe=>(RAR Sfx o)=>kler.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071440.exe=>(RAR Sfx o)=>kler.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071440.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071442.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071442.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP266\A0071442.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071448.exe=>(RAR Sfx o)=>hst.exe=>(RAR Sfx o)=>hosts
Infected with: Generic.Qhost.DAEBA34F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071448.exe=>(RAR Sfx o)=>hst.exe=>(RAR Sfx o)=>hosts
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071448.exe=>(RAR Sfx o)=>hst.exe=>(RAR Sfx o)=>hosts
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071448.exe=>(RAR Sfx o)=>hst.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071449.exe=>(RAR Sfx o)=>hosts
Infected with: Generic.Qhost.DAEBA34F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071449.exe=>(RAR Sfx o)=>hosts
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071449.exe=>(RAR Sfx o)=>hosts
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071449.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071524.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071524.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071524.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071570.exe
Infected with: GenPack:Generic.Sdbot.C14F2D7F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071570.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071570.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071571.exe=>(RAR Sfx o)=>hosts
Infected with: Generic.Qhost.DAEBA34F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071571.exe=>(RAR Sfx o)=>hosts
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071571.exe=>(RAR Sfx o)=>hosts
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP267\A0071571.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071719.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071719.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071719.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071719.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071721.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071721.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP270\A0071721.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071738.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071738.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071738.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071738.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071739.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071739.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP271\A0071739.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071755.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071755.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071755.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071755.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071756.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071756.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP272\A0071756.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071773.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071773.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071773.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071773.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071775.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071775.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP273\A0071775.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071778.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071778.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071778.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071778.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071779.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071779.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0071779.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072775.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072775.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072775.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072775.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072777.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072777.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072777.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072793.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072793.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072793.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072793.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072795.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072795.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP274\A0072795.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072815.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072815.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072815.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072815.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072817.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072817.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072817.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072847.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072847.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072847.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072847.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072848.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072848.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072848.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>zm.exe
Infected with: Trojan.Conhook.CX

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>zm.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)=>zm.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072864.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072866.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072866.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072866.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>zm.exe
Infected with: Trojan.Conhook.CX

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>zm.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)=>zm.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072896.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072897.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072897.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072897.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>zm.exe
Infected with: Trojan.Conhook.CX

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>zm.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)=>zm.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072918.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072919.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072919.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP275\A0072919.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP286\A0077847.exe
Infected with: GenPack:Generic.Sdbot.E153B6B5

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP286\A0077847.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP286\A0077847.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078126.exe
Infected with: Trojan.Fotomoto.F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078126.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP291\A0078126.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>helper.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>helper.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>helper.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>zm.exe
Infected with: Trojan.Conhook.CX

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>zm.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)=>zm.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078274.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078275.exe
Infected with: GenPack:Generic.Sdbot.C14F2D7F

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078275.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078275.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078457.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078457.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078457.exe
Deleted

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078465.exe
Infected with: Trojan.Agent.AFQY

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078465.exe
Disinfection failed

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP292\A0078465.exe
Deleted

BitDefender Online Scanner - Real Time Virus Report



Generated at: Sat, Nov 17, 2007 - 13:48:41


--------------------------------------------------------------------------------





Scan Info



Scanned Files
338825

Infected Files
58








Virus Detected



DeepScan:Generic.Malware.SP!VPk!.21478FEC
4

GenPack:Generic.Sdbot.C14F2D7F
3

GenPack:Generic.Sdbot.E153B6B5
8

Trojan.Fotomoto.F
1

Trojan.Conhook.CX
5

Trojan.Agent.AFQY
28

Trojan.Qhosts.B
3

Generic.Qhost.DAEBA34F
3

Generic.Qhost.3AFB17AB
1

Trojan.Qhost.ABW
2

........et voici l'autre:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:25, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://qumaron.com/?bj_programs?bj_programs
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {a9cb26fb-3eb0-4cdb-8c85-82360be1dd34} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 2)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1194016384468
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O20 - Winlogon Notify: ciyjbwsi - ciyjbwsi.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 46 / 123
samos
 
j'ai relancer une deuxiéme fois avg anti-spyware,il a trouvé un "truc" ,voici le rapport:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:57:38 17/11/2007

+ Résultat de l'analyse:



C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.


Fin du rapport
0
Réponse 47 / 123
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Très bien !

ce n'est qu'une cookie, rien de méchant, tu en auras souvent du à ton surf sur le net

comment se comporte le pc à présent ??

++
0
Réponse 48 / 123
samos
 
impecable ,je n'ai plus toutes les pubs
tout me semble normal
il est toujours un peu lent mais c'est peut -être le fait qu'il est un peu chargé ,j'ai plein de photos et quelques fims..
0
Réponse 49 / 123
samos
 
par contre j'ai malheureusement un soucis lorsque j'ouvre ma messagerie "msn"

alerte de sécurité: la connexion que vous allez utiliser n'est pas sécurisée.d'autres utilisateurs du web pourront dorénavant accéder aux infos que vous envoyer


j'ai aussi une nouvelle barre en haut de la page internet : c'est un "y" tout rouge et le même symbole que ccleaner

peut tu me dire quoi faire pour rétablir?

merci d'avance
0
Réponse 50 / 123
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :


O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/

O20 - Winlogon Notify: ciyjbwsi - ciyjbwsi.dll (file missing)

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)

ensuite, repasse un coup de ccleaner et dis moi quoi !

++
0
Réponse 51 / 123
samos
 
j'ai toujours les 2 même soucis que le message précédent

ccleaner a trouvé plein de truc j'ai tout supprimé
j'ésper que j'ai pas "déconnée"
0
Réponse 52 / 123
samos
 
si tu as besoin voici un rerapport:


ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:57:57, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://qumaron.com/?bj_programs?bj_programs
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {a9cb26fb-3eb0-4cdb-8c85-82360be1dd34} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 2)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 53 / 123
samos
 
coucou
je vais éteindre mon ordi
car ce soir je suis pas chez moi
j'éspere vivement que l'on puissent venir a bout de toutes les imperférctions
en ésperant ce retrouver demain ou trés rapidement

bonne soirée
et merci pour tout


ps: tu as les derniers rapport j'attend pour le vérdict!!!!!

bye
0
Réponse 54 / 123
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
re

tu veux supprimer le toolbar ccleaner ??

pour msn, tu as ce message quand ?? quand tu connectes ??

++
0
Réponse 55 / 123
samos
 
coucou ,oui je veut suprimer la barre ccleaner,elle ne me sert à rien

et en ce qui concerne le message d'erreur je l'ai lorsque je suis sur ma page "msn" avec tout mes contact et dès que je clic sur l'enveloppe pour voir mes messages ,il apparaît

lorsqu'on aura fini tu pourras me dire quoi supprimer ou quoi garder de tout les logiciels qu'on a télecharger

merci d'avance pour ta réponse
0
Réponse 56 / 123
samos
 
en plus....
quand j'allume l'ordi ,la page du bureau s'affiche rapidement mais par contre la connexion avec internet mais au moins 5 minutes a ce lancer.

je suis désolée de t'ennuier avec tout mes problémes et de te prendre autant de ton temps mais je souhaiterais en finir avec tout ça!

j'attend de tes nouvelles !

a+
0
Réponse 57 / 123
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Salut

Ok, cette alerte de sécurité me rappelle celle que l'on a la 1er fois que l'on va sur le net ... " les infos ne sont pas cryptés etc. ..."

en général, il y a une case à cocher : " ne plus m'avertir à l'avenir" ... c'est pas très grave ..., une bonne protection et ça ne pose pas de problème !

mais par contre la connexion avec internet mais au moins 5 minutes a ce lancer.

c'est une connexion automatique, ou il faut que tu l'as lance toi même ???

++
0
Réponse 58 / 123
samos
 
elle est automatique
0
Réponse 59 / 123
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Salut

Tu veux dire que le session s'ouvre plus rapidement mais que ça page internet met 5min à apparaitre ?!


Je ne sais pas trop ... faudrai voir au niveau des paramètres de connections ...


encore une chose : installe un parefeu si tu n'en as pas !!

@ +
0
Réponse 60 / 123
samos
 
coucou

c'est le "gestionnaire internet " (le cadre avec les touches connecter / deconnecter) je l'ai sur mon ecran quand le bureau s'affiche et dessus il y a écrit "veuillez patientez "c'est à partir de là que ça dure longtemps.


*****pour ce qui est du pare feu , j'en ai peut-être un je crois;

j'ai avast :l'anti virus

j'ai spybot ;je sais pas si c'est le pare feu ou anti spam

j'ai ad aware; même chose pour celui-ci je sais pas

alors dit moi s'il te plait

si j'en ai pas lequel dois-je mettre?

merci tchao
0

Discussions similaires

SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses
Security boot fail lors du démarrage
Steu -
NBK -

4 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses
Security Health Service qui pompe 25% de mon CPU
mimirte -
bazfile -

6 réponses