Aide pour nettoyer mon ordinateur (virus,...)
LeGuitaristePacifiste
Messages postés
29
Statut
Membre
-
LeGuitaristePacifiste Messages postés 29 Statut Membre -
LeGuitaristePacifiste Messages postés 29 Statut Membre -
Bonjour,
J'ai constater de nombreux problèmes sur mon ordinateur depuis l'installation de l'antivirus Avira Antivir Personal Edition Classic et d'un spyware. Auparavant j'avait avast installer sur mon ordinateur mais j'ai lu que ce dernier était moin bon que avrira j'ai donc décider de le remplacer. Mais depuis l'installation de ce nouvel antivirus j'ai constater l'apparition de nombreux problèmes sur ma machine. Mon firefox plante tout le temps, je n'arrive plus a ouvrir windows live messenger et je ne peut non plus plus l'installer, ma clé usb wifi ne marche plus qu'une fois sur deux ( lorsque j'allume mon pc je suis obliger de le redémarrer pour que celle ci marche).
Avira détectait de nombreux virus sur ma machine un peu partout et aussi dans le system 32 je demandait alors de les mettres en quarantaines mais je ne sait pas pourquoi cela a créer des problèmes.
A noter que depuis j'ai réinstaller avast et il détecte lui aussi de nombreux virus qu'il ne détectait pas aupravant
J'écrit donc ce post afin de pouvoir régler ce problème, merci d'avance pour tout vos réponses :)
J'ai constater de nombreux problèmes sur mon ordinateur depuis l'installation de l'antivirus Avira Antivir Personal Edition Classic et d'un spyware. Auparavant j'avait avast installer sur mon ordinateur mais j'ai lu que ce dernier était moin bon que avrira j'ai donc décider de le remplacer. Mais depuis l'installation de ce nouvel antivirus j'ai constater l'apparition de nombreux problèmes sur ma machine. Mon firefox plante tout le temps, je n'arrive plus a ouvrir windows live messenger et je ne peut non plus plus l'installer, ma clé usb wifi ne marche plus qu'une fois sur deux ( lorsque j'allume mon pc je suis obliger de le redémarrer pour que celle ci marche).
Avira détectait de nombreux virus sur ma machine un peu partout et aussi dans le system 32 je demandait alors de les mettres en quarantaines mais je ne sait pas pourquoi cela a créer des problèmes.
A noter que depuis j'ai réinstaller avast et il détecte lui aussi de nombreux virus qu'il ne détectait pas aupravant
J'écrit donc ce post afin de pouvoir régler ce problème, merci d'avance pour tout vos réponses :)
A voir également:
- Aide pour nettoyer mon ordinateur (virus,...)
- Nettoyer ordinateur portable lent - Guide
- Nettoyer son mac - Guide
- Réinitialiser ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Parametres de mon ordinateur - Guide
12 réponses
Bonjour,
Tout d'abord, Avast est le meilleur ntivirus gratuit.
Si tu cherche une méthode de nettoyage complet, va sur http://krisinfo.skyrock.com
J'ai créé un article spécialement là dessus pour un nettoyage complet du PC. Il est en deuxième page mais tu peux utiliser le sommaire.
Tout les liens des logiciels sont disponnibles et les étapes sont détaillées.
Chris
Tout d'abord, Avast est le meilleur ntivirus gratuit.
Si tu cherche une méthode de nettoyage complet, va sur http://krisinfo.skyrock.com
J'ai créé un article spécialement là dessus pour un nettoyage complet du PC. Il est en deuxième page mais tu peux utiliser le sommaire.
Tout les liens des logiciels sont disponnibles et les étapes sont détaillées.
Chris
Re alors désinstalle tous tes logiciel de sécurité. Et installe AntiVir,Malwarebytes Anti-Malware et Kerio.(désactive alors le pare-feu Windows).
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
Kerio: https://www.01net.com/outils/telecharger/windows/Securite/firewall/fiches/tele22418.html
Tutoriel Kerio: https://forums.cnetfrance.fr
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE. --
Un travail réglé et des victoires après des victoires, voilà sans doute la formule du bonheur.
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
Kerio: https://www.01net.com/outils/telecharger/windows/Securite/firewall/fiches/tele22418.html
Tutoriel Kerio: https://forums.cnetfrance.fr
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE. --
Un travail réglé et des victoires après des victoires, voilà sans doute la formule du bonheur.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re, merci de m'aider a résoudre mon problème : )
Alors j'ai installer tout ce que tu m'as demander d'installer.
j'ai des tonnes d'alertes virus de avira et quand j'essaye de me connecter avec firerox kerio essaye de bloquer une tentative d'intrusion
Euh mon parefeu ne s'apelle pas kerio mais sunbelt personal firewall le nom a changé ? :O
Alors j'ai installer tout ce que tu m'as demander d'installer.
j'ai des tonnes d'alertes virus de avira et quand j'essaye de me connecter avec firerox kerio essaye de bloquer une tentative d'intrusion
Euh mon parefeu ne s'apelle pas kerio mais sunbelt personal firewall le nom a changé ? :O
Pour te donner des exemples d'infections trouver par avira:
system32 hgGwVlIX.dll, tuvwxyVN.dll, svewdnfq.dll etc ..
Ah oui une autre question comment fait t-on pour metre a jour kerio s'il te plait je n'ai pas trouver dans le tutoriel comment faire.
system32 hgGwVlIX.dll, tuvwxyVN.dll, svewdnfq.dll etc ..
Ah oui une autre question comment fait t-on pour metre a jour kerio s'il te plait je n'ai pas trouver dans le tutoriel comment faire.
Pas demise jour Kerio.
Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "report" tu redémarre en mode normal puis tu me postes le rapport.
Mode sans Echec:
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "report" tu redémarre en mode normal puis tu me postes le rapport.
Mode sans Echec:
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
okay je le fait de suite merci beaucoup, juste une question ou est-ce que je trouverait le rapport ?
Salut j'ai un gros problème depuis le scan je n'arrive pas a me connecter je ne sait pas c'est lier a quoi. Windows m'affiche connecter mais je n'arrive pas a charger de pages. Avira n'a pas réussi a supprimer tous les virus, j'ai toujours des alertes a propos de ceux de system 32 je ne peut pas les suprimer ils sont bloquer.
Il faudrait que j'arrive a régler mon problème de connexion. Lorsque je fait réparer la connexion sans fil, sa reste planter sur désactivation de la clé.
Merci d'avance
Il faudrait que j'arrive a régler mon problème de connexion. Lorsque je fait réparer la connexion sans fil, sa reste planter sur désactivation de la clé.
Merci d'avance
1) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
Personnellement, je trouve que tu aurais été bien plus vite avec ma méthode et ça aurait été moins compliqué !
Surtout qu'Avast m'a toujours viré les virus Win32. Dans un des programmes que je propose sur le blog, il y a un Avast mais pas l'Anti-virus : c'est le programme pour analyser direct les virus et les dégager !
Enfin fais comme tu veux mais je t'aurais conseillé ma méthode ! T'aurais vite été fixé.
Chris
Surtout qu'Avast m'a toujours viré les virus Win32. Dans un des programmes que je propose sur le blog, il y a un Avast mais pas l'Anti-virus : c'est le programme pour analyser direct les virus et les dégager !
Enfin fais comme tu veux mais je t'aurais conseillé ma méthode ! T'aurais vite été fixé.
Chris
Antivir :
Avantages :
- Mises à jour réactives (plusieurs par jour) et efficaces.
- Un module heuristique réglable (détection de variantes), peu de faux positifs.
- Centralisation des modules, en nombre réduit.
- Moins lourd en mémoire.
- Un scan de rootkits (fichiers), mais peu évolué.
Inconvénients :
- Anglais seulement.
- Une popup de pub énorme (800 pixels de large) de temps en temps en faisant une mise à jour.
- Mises à jour à lancer manuellement (icône systray), et les serveurs de mises à jour peuvent être très encombrés.
- Deux modules communiquent en tcp-ip localement, des firewalls peuvent mettre cette activité en évidence. (voir plus bas)
- Pas de scan des emails.
Avast :
Avantages :
- En français.
- Scan des emails, messageries, etc...
- Mises à jour entièrement automatisées.
- Interface skinnable et en courbes (mouais...).
Inconvénients :
- Ne détecte pas les derniers virus aussi vite qu'il pourrait.
- Des faux positifs dans les détections d'exécutables packed (upx, etc).
- Grand nombre de modules (nombre de boucliers).
- Procédure de numéro de série gratuit peu évidente pour les néophytes.
- Le module VRDB, peu intuitif, et peu utilisé.
Avantages :
- Mises à jour réactives (plusieurs par jour) et efficaces.
- Un module heuristique réglable (détection de variantes), peu de faux positifs.
- Centralisation des modules, en nombre réduit.
- Moins lourd en mémoire.
- Un scan de rootkits (fichiers), mais peu évolué.
Inconvénients :
- Anglais seulement.
- Une popup de pub énorme (800 pixels de large) de temps en temps en faisant une mise à jour.
- Mises à jour à lancer manuellement (icône systray), et les serveurs de mises à jour peuvent être très encombrés.
- Deux modules communiquent en tcp-ip localement, des firewalls peuvent mettre cette activité en évidence. (voir plus bas)
- Pas de scan des emails.
Avast :
Avantages :
- En français.
- Scan des emails, messageries, etc...
- Mises à jour entièrement automatisées.
- Interface skinnable et en courbes (mouais...).
Inconvénients :
- Ne détecte pas les derniers virus aussi vite qu'il pourrait.
- Des faux positifs dans les détections d'exécutables packed (upx, etc).
- Grand nombre de modules (nombre de boucliers).
- Procédure de numéro de série gratuit peu évidente pour les néophytes.
- Le module VRDB, peu intuitif, et peu utilisé.
J'ai fait le scan avec maleware byte's mais je n'arrive toujours pas a me connecter, enfin je suis afficher connecter mais je n'arrive pas a lancer une page internet je ne peut donc pas envoyer les rapports : (
Salut j'ai enfin réussi a régler mon problème de connection, je peut maintenant retourner a mon problèeme de virus : D
Tu veut que je te donnes quel rapportt j'en ai 3
Celui d'avira, celui de malware avant supression ou celui de malwara après supression ? :O
Merci d'avance : )
Tu veut que je te donnes quel rapportt j'en ai 3
Celui d'avira, celui de malware avant supression ou celui de malwara après supression ? :O
Merci d'avance : )
Re, ma connection remarche enfin alleluiaaa !!!!!
je peut donc retourner a mes problèmes de virus, juste un truc avant ca, avira antivir personal m'assaille de message de virus dans le system 32 mais c'est tout le temps les memes et c'est sans arret je doit donc désactiver l'antivirus pour qu'il me laisse tranquille : '(.
Bon je te donne les 3 rapports :
Avira :
Avira AntiVir Personal
Report file date: jeudi 8 mai 2008 13:02
Scanning for 1255800 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Julien
Computer name: JUJU
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 09:58:28
ANTIVIR3.VDF : 7.0.4.15 60416 Bytes 08/05/2008 09:58:28
Engineversion : 8.1.0.39
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.28 233851 Bytes 08/05/2008 09:58:37
AESCN.DLL : 8.1.0.16 119156 Bytes 08/05/2008 09:58:37
AERDL.DLL : 8.1.0.20 418165 Bytes 08/05/2008 09:58:36
AEPACK.DLL : 8.1.1.4 364918 Bytes 08/05/2008 09:58:35
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 08/05/2008 09:58:34
AEHEUR.DLL : 8.1.0.21 1196407 Bytes 08/05/2008 09:58:34
AEHELP.DLL : 8.1.0.14 115063 Bytes 08/05/2008 09:58:32
AEGEN.DLL : 8.1.0.20 299380 Bytes 08/05/2008 09:58:31
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 09:58:30
AECORE.DLL : 8.1.0.28 168310 Bytes 08/05/2008 09:58:29
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, K:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 8 mai 2008 13:02
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'K:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\tuvwxyVN.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\atgban.dll
[DETECTION] Is the Trojan horse TR/Agent.58880
[NOTE] The file was deleted!
C:\WINDOWS\system32\fxieawdl.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
The registry was scanned ( '60' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Julien\Local Settings\Temp\ddaybgnx.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\ejptqfcf.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\elndnnuo.dll
[DETECTION] Is the Trojan horse TR/Monder.95296
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\girccxui.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\goplfptu.dll
[DETECTION] Is the Trojan horse TR/Monder.107584
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\hfcirycv.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\jjraboyu.dll
[DETECTION] Is the Trojan horse TR/Monder.96768
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\jvyuqafq.dll
[DETECTION] Is the Trojan horse TR/Monder.108544
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\kpofjbpn.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\kumbfyli.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\lgjullwm.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\pbdqyujy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\slpgvkvw.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\vktoipak.dll
[DETECTION] Is the Trojan horse TR/Monder.DB
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\LMZQ9MET\glas[2]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\LMZQ9MET\yaypalassamosvala[1]
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\TX9TDMLL\kriv[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Mes documents\Ma musique\ADOBE Premiere Pro 2.0 Keygen.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\Fonts\a.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\system32\agyungrh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bdhjsaad.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bhcgutoa.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bxypdkyk.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fqoujdsg.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gjndufsu.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gpdfvles.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hgGwVlIX.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\kdyavkcw.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.96256.2
[NOTE] The file was deleted!
C:\WINDOWS\system32\lwovwijf.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mnifqpwo.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.105472
[NOTE] The file was deleted!
C:\WINDOWS\system32\sfhbfwcv.dll
[DETECTION] Is the Trojan horse TR/Monder.105472
[NOTE] The file was deleted!
C:\WINDOWS\system32\svewdnfq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tuvwxyVN.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\wdbvwrqq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\aqVreo18\aqVreo182328.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.dht
[NOTE] The file was deleted!
C:\WINDOWS\system32\DL\TGbn1dll.exe
[DETECTION] Is the Trojan horse TR/Drop.Agen.139457
[NOTE] The file was deleted!
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'K:\' <LACIE>
K:\Start.exe
[DETECTION] Contains detection pattern of the dropper DR/IRCBot.ABUF
[NOTE] The file was deleted!
K:\Mes documents\Ma musique\ADOBE Premiere Pro 2.0 Keygen.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
End of the scan: jeudi 8 mai 2008 13:57
Used time: 54:39 min
The scan has been done completely.
7936 Scanning directories
444569 Files were scanned
42 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
39 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
444527 Files not concerned
9374 Archives were scanned
8 Warnings
39 Notes
Malware avant supression :
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 730
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117483
Temps écoulé: 46 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 51
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\iesearch.tchongabho (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cfcec0a5-e1da-4049-bdb6-8b461e7e1bf3} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{2386c4d3-e53a-4fd6-952b-89cbca337c83} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\quantic.plug (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\quantic.plug.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{16b435f6-b6ce-4f24-a568-944b27ed919c} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvwxyvn (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\targetedbanner (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\onestepsearch (Adware.OneStepSearch) -> No action taken.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\OneStepSearch (Adware.OneStepSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> No action taken.
C:\Program Files\Helper (Adware.BHO) -> No action taken.
C:\Program Files\OneStepSearch (Adware.OneStepSearch) -> No action taken.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\XIlVwGgh.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\XIlVwGgh.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> No action taken.
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129291.exe (Trojan.Inject) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129296.dll (Adware.TargetSaver) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129301.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP354\A0131803.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153109.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153110.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153111.dll (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153112.exe (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153114.exe (Trojan.Peed) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153115.exe (Adware.ZeroSearch) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153116.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153117.dll (Spyware.Banker) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153118.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153120.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153121.exe (Adware.TTC) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153122.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP371\A0156144.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP374\A0163192.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181655.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181656.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181657.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181662.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181668.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181669.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181670.exe (Adware.Trafficsol) -> No action taken.
C:\WINDOWS\system32\ilonetkfadon.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\kjitofmlsrat.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\targetedbanner-uninst.exe (Trojan.Agent) -> No action taken.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> No action taken.
C:\Program Files\OneStepSearch\home.js (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\osopt.exe (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\readme.html (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\uninstall.exe (Adware.OneStepSearch) -> No action taken.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> No action taken.
C:\Program Files\setup.exe (Rogue.Installer) -> No action taken.
Malware après supression
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 730
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117483
Temps écoulé: 46 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 51
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\iesearch.tchongabho (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cfcec0a5-e1da-4049-bdb6-8b461e7e1bf3} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2386c4d3-e53a-4fd6-952b-89cbca337c83} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\quantic.plug (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\quantic.plug.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16b435f6-b6ce-4f24-a568-944b27ed919c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvwxyvn (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\targetedbanner (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\onestepsearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OneStepSearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Helper (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\XIlVwGgh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XIlVwGgh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129291.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129296.dll (Adware.TargetSaver) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129301.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP354\A0131803.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153109.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153110.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153111.dll (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153112.exe (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153114.exe (Trojan.Peed) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153115.exe (Adware.ZeroSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153116.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153117.dll (Spyware.Banker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153120.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153121.exe (Adware.TTC) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153122.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP371\A0156144.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP374\A0163192.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181655.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181656.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181657.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181662.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181668.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181669.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181670.exe (Adware.Trafficsol) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ilonetkfadon.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjitofmlsrat.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\targetedbanner-uninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\home.js (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\osopt.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\readme.html (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\uninstall.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Voila voila merci d'avance :D
je peut donc retourner a mes problèmes de virus, juste un truc avant ca, avira antivir personal m'assaille de message de virus dans le system 32 mais c'est tout le temps les memes et c'est sans arret je doit donc désactiver l'antivirus pour qu'il me laisse tranquille : '(.
Bon je te donne les 3 rapports :
Avira :
Avira AntiVir Personal
Report file date: jeudi 8 mai 2008 13:02
Scanning for 1255800 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Julien
Computer name: JUJU
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 09:58:28
ANTIVIR3.VDF : 7.0.4.15 60416 Bytes 08/05/2008 09:58:28
Engineversion : 8.1.0.39
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.28 233851 Bytes 08/05/2008 09:58:37
AESCN.DLL : 8.1.0.16 119156 Bytes 08/05/2008 09:58:37
AERDL.DLL : 8.1.0.20 418165 Bytes 08/05/2008 09:58:36
AEPACK.DLL : 8.1.1.4 364918 Bytes 08/05/2008 09:58:35
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 08/05/2008 09:58:34
AEHEUR.DLL : 8.1.0.21 1196407 Bytes 08/05/2008 09:58:34
AEHELP.DLL : 8.1.0.14 115063 Bytes 08/05/2008 09:58:32
AEGEN.DLL : 8.1.0.20 299380 Bytes 08/05/2008 09:58:31
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 09:58:30
AECORE.DLL : 8.1.0.28 168310 Bytes 08/05/2008 09:58:29
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, K:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 8 mai 2008 13:02
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'K:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\tuvwxyVN.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\atgban.dll
[DETECTION] Is the Trojan horse TR/Agent.58880
[NOTE] The file was deleted!
C:\WINDOWS\system32\fxieawdl.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
The registry was scanned ( '60' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Julien\Local Settings\Temp\ddaybgnx.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\ejptqfcf.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\elndnnuo.dll
[DETECTION] Is the Trojan horse TR/Monder.95296
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\girccxui.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\goplfptu.dll
[DETECTION] Is the Trojan horse TR/Monder.107584
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\hfcirycv.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\jjraboyu.dll
[DETECTION] Is the Trojan horse TR/Monder.96768
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\jvyuqafq.dll
[DETECTION] Is the Trojan horse TR/Monder.108544
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\kpofjbpn.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\kumbfyli.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\lgjullwm.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\pbdqyujy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\slpgvkvw.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temp\vktoipak.dll
[DETECTION] Is the Trojan horse TR/Monder.DB
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\LMZQ9MET\glas[2]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\LMZQ9MET\yaypalassamosvala[1]
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\TX9TDMLL\kriv[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\Documents and Settings\Julien\Mes documents\Ma musique\ADOBE Premiere Pro 2.0 Keygen.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\Fonts\a.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
C:\WINDOWS\system32\agyungrh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bdhjsaad.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bhcgutoa.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bxypdkyk.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fqoujdsg.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gjndufsu.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gpdfvles.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hgGwVlIX.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\kdyavkcw.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.96256.2
[NOTE] The file was deleted!
C:\WINDOWS\system32\lwovwijf.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mnifqpwo.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.105472
[NOTE] The file was deleted!
C:\WINDOWS\system32\sfhbfwcv.dll
[DETECTION] Is the Trojan horse TR/Monder.105472
[NOTE] The file was deleted!
C:\WINDOWS\system32\svewdnfq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tuvwxyVN.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\wdbvwrqq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\aqVreo18\aqVreo182328.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.dht
[NOTE] The file was deleted!
C:\WINDOWS\system32\DL\TGbn1dll.exe
[DETECTION] Is the Trojan horse TR/Drop.Agen.139457
[NOTE] The file was deleted!
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'K:\' <LACIE>
K:\Start.exe
[DETECTION] Contains detection pattern of the dropper DR/IRCBot.ABUF
[NOTE] The file was deleted!
K:\Mes documents\Ma musique\ADOBE Premiere Pro 2.0 Keygen.zip
[0] Archive type: ZIP
--> Crack.exe
[DETECTION] Is the Trojan horse TR/Agent.cmn.1
[NOTE] The file was deleted!
End of the scan: jeudi 8 mai 2008 13:57
Used time: 54:39 min
The scan has been done completely.
7936 Scanning directories
444569 Files were scanned
42 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
39 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
444527 Files not concerned
9374 Archives were scanned
8 Warnings
39 Notes
Malware avant supression :
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 730
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117483
Temps écoulé: 46 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 51
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\iesearch.tchongabho (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cfcec0a5-e1da-4049-bdb6-8b461e7e1bf3} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{2386c4d3-e53a-4fd6-952b-89cbca337c83} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\quantic.plug (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\quantic.plug.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{16b435f6-b6ce-4f24-a568-944b27ed919c} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvwxyvn (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\targetedbanner (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\onestepsearch (Adware.OneStepSearch) -> No action taken.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\OneStepSearch (Adware.OneStepSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> No action taken.
C:\Program Files\Helper (Adware.BHO) -> No action taken.
C:\Program Files\OneStepSearch (Adware.OneStepSearch) -> No action taken.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\XIlVwGgh.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\XIlVwGgh.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> No action taken.
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129291.exe (Trojan.Inject) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129296.dll (Adware.TargetSaver) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129301.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP354\A0131803.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153109.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153110.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153111.dll (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153112.exe (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153114.exe (Trojan.Peed) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153115.exe (Adware.ZeroSearch) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153116.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153117.dll (Spyware.Banker) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153118.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153120.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153121.exe (Adware.TTC) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153122.dll (Trojan.AVKiller) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP371\A0156144.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP374\A0163192.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181655.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181656.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181657.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181662.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181668.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181669.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181670.exe (Adware.Trafficsol) -> No action taken.
C:\WINDOWS\system32\ilonetkfadon.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\kjitofmlsrat.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\targetedbanner-uninst.exe (Trojan.Agent) -> No action taken.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> No action taken.
C:\Program Files\OneStepSearch\home.js (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\osopt.exe (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\readme.html (Adware.OneStepSearch) -> No action taken.
C:\Program Files\OneStepSearch\uninstall.exe (Adware.OneStepSearch) -> No action taken.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> No action taken.
C:\Program Files\setup.exe (Rogue.Installer) -> No action taken.
Malware après supression
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 730
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117483
Temps écoulé: 46 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 51
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{555b8f08-41f4-497f-a626-6d060154aed9} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\iesearch.tchongabho (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cfcec0a5-e1da-4049-bdb6-8b461e7e1bf3} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2386c4d3-e53a-4fd6-952b-89cbca337c83} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\quantic.plug (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\quantic.plug.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16b435f6-b6ce-4f24-a568-944b27ed919c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvwxyvn (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\targetedbanner (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\onestepsearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OneStepSearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5af49a2-94f3-42bd-f434-2604812c897d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwvlix -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Helper (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hgGwVlIX.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\XIlVwGgh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XIlVwGgh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvwxyVN.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129291.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129296.dll (Adware.TargetSaver) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP351\A0129301.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP354\A0131803.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153109.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153110.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153111.dll (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153112.exe (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153114.exe (Trojan.Peed) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153115.exe (Adware.ZeroSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153116.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153117.dll (Spyware.Banker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153120.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153121.exe (Adware.TTC) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP369\A0153122.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP371\A0156144.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP374\A0163192.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181655.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181656.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181657.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181662.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181668.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181669.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0181670.exe (Adware.Trafficsol) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ilonetkfadon.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjitofmlsrat.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\targetedbanner-uninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\home.js (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\osopt.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\readme.html (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\OneStepSearch\uninstall.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Voila voila merci d'avance :D
