Sujet Précédent Sujet Suivant

J'ai un virus

vinz71 -  
 Utilisateur anonyme -
Bonjour,

j'ai un virus qui a envahi mon ordi,j'ai eu comme des cafards ce matin qui ont apparus sur l'ordi et j'ai un écran bleu avec inscrit sur fond jaune que mon ordi est infecté...je l'ai débranché ce matin et la je viens de le rallumer...

je n'y connaiis pas grand chose et j'ai vraiment besoin d'aide pour m'en sortir ,mon ordi marche tres mal maintenant et je vous remercie d'avance de m'aider.

vinz71
A voir également:

11 réponses

Réponse 1 / 11
Utilisateur anonyme
 
*Télécharge http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis sur ton Bureau.
*Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connexion Internet.
*Double clique dessus pour lancer l installation . Accepte la licence qui va apparaître par " I agree" .
*Puis clique sur "Do a system scan and save a logfile"
*Ferme HijackThis et fais un copier-coller du rapport en entier et poste le ici en réponse.(Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Colle le rapport que tu viens de copier sur ce forum
*Note : le rapport se trouve dans C:\Program Files\Trend Micro\HijackThis
*Tuto : "générer un rapport" http://pageperso.aol.fr/balltrap34/demohijack.htm
0
vinz71
 
merci je vais essayer mon ordi marche trp trp mal et est trp trp long....

par contre j'ai winspywareprotect je peus pas le fermer?

MERCI
0
vinz71
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:15, on 28/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: atfxqogp - {736569A1-1F42-4ECD-A4E5-2B05341D41FF} - C:\WINDOWS\atfxqogp.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKLM\..\Run: [antiviirus] C:\Program Files\antiviirus.exe
O4 - HKLM\..\Run: [AXPFixer] C:\Program Files\AXPFixer\AXPFixer.exe
O4 - HKLM\..\Run: [804fa5fa] rundll32.exe "C:\WINDOWS\system32\klnppqfi.dll",b
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [zbpdqb] c:\windows\system32\zbpdqb.exe zbpdqb
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?46c9a365e57e44608322892161ad3ae0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?46c9a365e57e44608322892161ad3ae0
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56CBAA65-508F-4564-912C-DC2779031029}: NameServer = 80.10.246.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{56CBAA65-508F-4564-912C-DC2779031029}: NameServer = 80.10.246.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{56CBAA65-508F-4564-912C-DC2779031029}: NameServer = 80.10.246.1
O21 - SSODL: altvxvm - {A5B614B0-B2A9-4C07-ABE3-79E8E9426F5A} - C:\WINDOWS\altvxvm.dll (file missing)
O21 - SSODL: bokpkov - {9C7C5FC4-22BD-4B38-BF03-65A3306CF656} - C:\WINDOWS\bokpkov.dll (file missing)
O21 - SSODL: vltdfabw - {3B62B11E-F49F-4C42-B062-E89AD29D861A} - C:\WINDOWS\vltdfabw.dll (file missing)
O21 - SSODL: vregfwlx - {82AE00EB-EB13-47E7-BC72-C29F919BFFC4} - C:\WINDOWS\vregfwlx.dll (file missing)
O21 - SSODL: AvpRom - {9ed53a74-2ba9-4bd9-bf6c-a6164f5d0611} - C:\WINDOWS\Resources\AvpRom.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Utilisateur anonyme > vinz71
 
Re alors désinstalle tous tes logiciel de sécurité. Et installe AntiVir,Malwarebytes Anti-Malware,Ccleaner et active le pare-feu XP.

AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/

Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)

PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE.
0
vinz71 > Utilisateur anonyme
 
merci et je suis désolé j'arrive pas a désactivé avast ,je sais faire en mode normal quand il est dans le coin a droite mais la je l'ai pas et je n'y arrive pas,des que j'ai réussi je continue et je poste merci
0
Utilisateur anonyme > vinz71
 
je ne t'es pas demander de désactivé avast mais de le supprimé.
0
Réponse 2 / 11
Utilisateur anonyme
 
Ok pour activé le pare-feu Windows. Vas "Démarrer" puis dans "Panneau de configuration" puis dans "Centre de sécurité" puis sur "Pare-feu Windows"
0
vinz71
 
merci?voila j'ai tt fait,j'ai juste un doute pour la mise a jour d'antivir je sais pas si elle est faite....
0
Utilisateur anonyme > vinz71
 
Oui automatiquement. Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "report" tu redémarre en mode normal puis tu me postes le rapport.

Mode sans Echec:

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
0
vinz71 > Utilisateur anonyme
 
voila me re en mode normal,merci voila le rapport:



Oui

Avira AntiVir Personal
Report file date: mercredi 28 mai 2008 18:35

Scanning for 1165085 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Vincent
Computer name: USER-E8715DA7BF

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, A:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 28 mai 2008 18:35

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'A:\'
[INFO] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
C:\WINDOWS\system32\ctfmona.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!

The registry was scanned ( '38' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Vincent\Application Data\Sun\Java\Deployment\cache\6.0\18\502c7952-45f3ca4f
[0] Archive type: ZIP
--> GetAccess.class
[DETECTION] Contains detection pattern of the Java virus JAVA/OpenConnect.AJ
--> Installer.class
[DETECTION] Contains detection pattern of the Java virus JAVA/OpenConnect.AK
--> NewSecurityClassLoader.class
[DETECTION] Contains detection pattern of the Java virus JAVA/ByteVerify.G.2
--> NewURLClassLoader.class
[DETECTION] Contains detection pattern of the Java virus JAVA/ByteVerify.G.3
[NOTE] The file was deleted!
C:\Documents and Settings\Vincent\Application Data\Sun\Java\Deployment\cache\6.0\25\7f835ad9-62492129
[0] Archive type: ZIP
--> Matrix.class
[DETECTION] Contains detection pattern of the Java virus JAVA/Beyond.D3
--> Counter.class
[DETECTION] Contains detection pattern of the Java script virus JS/OpenConnect.J.1
--> Dummy.class
[DETECTION] Is the Trojan horse TR/Forten.Java.2
--> Parser.class
[DETECTION] Contains detection pattern of the Java script virus JS/OpenConnect.J.3
[NOTE] The file was deleted!
C:\Documents and Settings\Vincent\Local Settings\Temp\jar_cache42716.tmp
[0] Archive type: ZIP
--> OwnClassLoader.class
[DETECTION] Contains detection pattern of the exploits EXP/ByteVerify
--> ProxyClassLoader.class
[DETECTION] Contains detection pattern of the exploits EXP/Java.Bytver.5.A
[NOTE] The file was deleted!
C:\WINDOWS\Resources\AvpRom.dll
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The file was deleted!
C:\WINDOWS\system32\aahphjsjaw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\abnhxxmvpr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\aceopj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\adsswbctr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\agdkiqozvp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ajzqmoafly.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\aknvahr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\anmqyxo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\anwppbpov.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\arqmmjqr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\atoaqoa.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\avvikjjv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\avxpxdobrb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\aznkfc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bgwojt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bhtugtq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bjtgjem.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\blbuhxbag.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bmnwvcpt.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bpvnqo.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\btyyfv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\bulylrj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ceffva.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\cenxlytfdh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\chzayzjni.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\cjpaglf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\cjvbyssho.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ckpdkfbf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ckyrnym.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\comiojtug.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\cqhpnvbc.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ctkfgksvp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ctxksbvbp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\czajctr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\czswibb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dangnhu.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dbeuypdyp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ddvskxcjv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\defzend.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dfdsszlqx.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dgshpkp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dlfqssq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dmllax.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\doozhiosaw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\drgceasfq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dwhdcoyxzf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\dwmcfvvps.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ealcrha.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\eaxapfwsj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ebawqhl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ecdbavrqi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ecnxagy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\egbpkbylq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\egtigot.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ejvesy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ejvgzk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\emqwpdktwv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\enxfnds.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\eprxjyi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\eschqryo.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\essibvb.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\exklnvk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ezmyzwu.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ezvqij.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fehkoyocg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ffrmtfgedf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fivqyqdboa.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fivuowcjle.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fkyzncego.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fnifbgtn.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fonbaq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fpjsbqc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fqmtcen.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fsijqjcv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fwlrli.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\fyebumdhy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ghcrsktk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ghrhbj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ghufgcj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gtmkyik.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gtsont.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gualsffxoo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gwtyzunlt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gxlfec.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gzdvuaxxl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\gzqsvft.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hbejzkgyot.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hhmmmkzhn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hhrgrt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hjcdlxthh.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hkdxso.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hojrvid.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hpjpbhktew.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hreoyfx.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hrqgkk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\hszywy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\icngvjc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\icxefy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ildmqjeqa.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\impgbuzzq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\iozxtor.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ismgnzlaw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\iygrhkz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\izetuno.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jayrub.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jelmizoek.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jfwtzsdnoj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jgjcgew.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jhzwpuh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jitndahw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jnjpljyai.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jphxhn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jpjossxqp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jqlqgy.exe
[DETECTION] Is the Trojan horse TR/Pakes.cid
[NOTE] The file was deleted!
C:\WINDOWS\system32\jtxekei.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jxefth.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\jzhltvbbq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kaqmrgb.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kcdycfmn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kghfcsc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\khcufngyh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\khjgwwhye.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kjulgwln.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kjupdj.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\krafor.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kteevbadf.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ktemnkwdm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ktkaft.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ktneri.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\kuacuo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lbdvxrp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lferruk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ljknoawkhb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lpqjqbc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lrhggleipz.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lshbokwm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lwbjzro.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\lzcyph.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\manplvu.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mgpxkjkw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\miootr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mkapdvr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mnpgll.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\muvfwxici.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\mvgviqe.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nekzrconf.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nhpjow.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\njpzjkodw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\njsiqbbdy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\njwfowcbu.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nmbspkm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nmpfudq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nqmcyacpt.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nsxvdpg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ntvqmdl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nvryscvjv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nxlzffmns.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nxobijy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nybobqtx.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nynjsbjcf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\nzyihtrw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\okupyyotq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\onobxf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\opejvqs.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\oqdqkzg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ossdjkyau.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ouxrhjynf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ouyzbhn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\oyiqpsuhhy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ozwrzbpsf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pbqjbd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pcbhpiidq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pdtwum.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pedrjwdh.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\plijhf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pnhpfr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pqkhmuadc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pupybkt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pvgubpp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\pytfgyqlg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qayajlphez.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qdsjebb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qdudfrd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qgtkldlc.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qjmauvuxd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qmejpuu.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qmfdmv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qtvhalo.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qtyqvmz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qulmfzz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\quuxjx.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qvlpjnlfp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\qytxeyxl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rczxhbfv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rdleur.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rgewyicbm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rgnfyi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rhjwatu.exe
[DETECTION] Is the Trojan horse TR/Agent.gtr
[NOTE] The file was deleted!
C:\WINDOWS\system32\rhparm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rjunwi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rlbtpevjdp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rqfchdmuij.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rthidp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rvgugzv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rvnmyn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rvyqknn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rwostg.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rwpljvebs.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rydzdrshq.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ryuqdcb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\rzychh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\sbadzmc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\sgmducr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\simpixi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\sodqsy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\soneownrqr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\swatyphis.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tcbizvb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\teafjh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\telsovyuvm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tjxjmdi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tkaxignh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\trgckbr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tsdersducp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tssgocigo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\turbxtg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\tyeulmwsq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ublfcxsre.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\uhszzgmd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ummlmjvbgo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\unadqxo.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\uninzb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\urqymaob.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vcrkie.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vctkin.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vcuakrg.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vcwhcyh.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vebejqf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vifhkh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vimujf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vomcuuikz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vpizpurr.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vtilrgl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vwquvjypq.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\vybcdvum.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wfeiysk.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wktwatlnc.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wlcptz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wusqxbizo.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wwdeki.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\wymkfxxxz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xagfqmh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xaulvy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xepbgkkohs.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xfguhas.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xgcdlryt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xgsrpjespw.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xlkgyrb.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xltdtobmp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xshlllidbt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xttmipunl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xzrvkoyup.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\xzvxcvhpa.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yckotzi.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yeuivy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ykhrtsajt.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ypupcx.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yspcfiy.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yssoestmm.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yvewdjp.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\ywmuqoq.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\yxleyjl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zagvqtaa.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zcbeqonix.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zcmxgpjh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zetxspyro.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zewhpyity.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\znxdhrzzzh.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zqjbcy.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\zrfwra.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
Begin scan in 'D:\'
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\' <Nouveau>
Begin scan in 'F:\' <Nax&Oyo_CD2vb>


End of the scan: mercredi 28 mai 2008 19:39
Used time: 1:04:33 min

The scan has been done completely.

4118 Scanning directories
169404 Files were scanned
291 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
285 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
169113 Files not concerned
776 Archives were scanned
1 Warnings
285 Notes
0
Réponse 3 / 11
vinz71
 
que dois-je faire maintennant stp?mon ordi rame beaucoup.merci
0
Utilisateur anonyme
 
ok parfait il a détecté et supprimé 285 virus.

1) Redémarre en "Mode sans échec"

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

2) Scan avec Malwarebyte's Anti-Malware

*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"

*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
0
vinz71 > Utilisateur anonyme
 
je le fais de suite encore merci de prendre letemp de m'aider.
0
Utilisateur anonyme > vinz71
 
De rien.
0
vinz71 > Utilisateur anonyme
 
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 794

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 96954
Temps écoulé: 52 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 14
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 61

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\gebrkhbc.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\efcBrPgD.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91b4dcfb-dc4b-4a83-b2ee-8db5c7f44a33} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{91b4dcfb-dc4b-4a83-b2ee-8db5c7f44a33} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cablerouting.cablerouting (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cablerouting.cablerouting.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0f1574a7-9e7c-440c-b2f1-8fe978cf9754} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{7557f13b-f203-4ffd-9d28-c4821cbfb482} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27796771-8d05-4ee6-b478-43ce759f2106} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27796771-8d05-4ee6-b478-43ce759f2106} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcbrpgd (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{736569a1-1f42-4ecd-a4e5-2b05341d41ff} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\atfxqogp.beas (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\atfxqogp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MessengerSkinner.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\804fa5fa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinSpywareProtect (ver. 5.1) (Rogue.MalWarrior) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\Wallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\antiviirus (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{27796771-8d05-4ee6-b478-43ce759f2106} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{736569a1-1f42-4ecd-a4e5-2b05341d41ff} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vltdfabw (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vregfwlx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\altvxvm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bokpkov (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\gebrkhbc -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\gebrkhbc -> Delete on reboot.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\BASE (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\DELETED (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\SAVED (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Program Files\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\dcgtmjtx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xtjmtgcd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gebrkhbc.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\CbHkRBeg.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\CbHkRBeg.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\CableRouting\CableRouting.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt5.tmp (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt7.tmp (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.ttA3.tmp (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\setup_526_1_.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0174819.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0174822.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0175820.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0175821.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0175822.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0175823.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0176818.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0178825.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0178828.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0179826.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0180825.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181948.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528064455390.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528065031671.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528161744453.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528170358468.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528172047250.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528194333968.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080528200522859.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529060835046.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529134914406.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529192344625.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529193207296.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529194924640.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080529195657171.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Application Data\Microsoft\Internet Explorer\Quick Launch\AXPFixer.lnk (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\AXPFixer.lnk (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\antiviirus.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\tmp0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\tmp1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\tmp2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\efcBrPgD.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\xmpstean.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\atfxqogp.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zbpdqb_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zbpdqb_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Vincent\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
0
Utilisateur anonyme > vinz71
 
Ok merci maintenant fais un scan en ligne avec Internet Explorer stp:

BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm

Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
0
Réponse 4 / 11
vinz71
 
non toujours le meme problème des que je veus faire quelques chose antivir me remet le fichier dont je parlais et ce que je veus faire....delete,quarantaine etc...des que j'ouvre un dossier ou autre!
0
Utilisateur anonyme
 
Ok fais un scan en ligne avec Internet Explorer stp:

BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm

Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
vinz71
 
BitDefender Online Scanner

Scan report generated at: Sun, Jun 01, 2008 - 12:36:59

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics

Time
01:43:01

Files
135229

Folders
3132

Boot Sectors
3

Archives
1168

Packed Files
8314

Results

Identified Viruses
5

Infected Files
6

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
6

Engines Info

Virus Definitions
1255491

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
16

Archive plugins
42

Unpack plugins
7

E-mail plugins
6

System plugins
5

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0187268.dll
Infected with: Trojan.Generic.285112

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0187268.dll
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187282.exe
Detected with: Adware.Navipromo.BYT

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187282.exe
Disinfection failed

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187282.exe
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187283.exe
Detected with: Adware.Navipromo.BYT

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187283.exe
Disinfection failed

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187283.exe
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187284.exe
Infected with: Trojan.Generic.140733

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187284.exe
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187285.exe
Detected with: Adware.Navipromo.BYZ

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187285.exe
Disinfection failed

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187285.exe
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187559.exe=>(NSIS o)=>lzma_solid_nsis0005
Detected with: Adware.NaviPromo.BYC

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187559.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\A0187559.exe=>(NSIS o)
Update failed

tjrs le meme pb avec le fichier dont je te parlais,il se manifeste tt le temp!et pendant le scan bitdefender j'ai du cliquer au moins 300fois sur delete et ok car antivir se manifestait non stop quand le scan bitdefender en était au systeme volume...
0
Utilisateur anonyme
 
Ok refais un scan avec AntiVir en mode normal puis tu suis les même truc.
0
Réponse 6 / 11
vinz71
 
Avira AntiVir Personal
Report file date: dimanche 1 juin 2008 13:19

Scanning for 1302620 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Vincent
Computer name: USER-E8715DA7BF

Version information:
BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 17:48:44
ANTIVIR3.VDF : 7.0.4.119 378880 Bytes 01/06/2008 23:11:14
Engineversion : 8.1.0.51
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.37 270715 Bytes 30/05/2008 17:49:39
AESCN.DLL : 8.1.0.20 119157 Bytes 30/05/2008 17:49:36
AERDL.DLL : 8.1.0.20 418165 Bytes 30/05/2008 17:49:35
AEPACK.DLL : 8.1.1.5 364918 Bytes 30/05/2008 17:49:30
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 30/05/2008 17:49:20
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 30/05/2008 17:49:18
AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 17:49:04
AEGEN.DLL : 8.1.0.25 307573 Bytes 31/05/2008 23:11:21
AEEMU.DLL : 8.1.0.6 430451 Bytes 30/05/2008 17:48:59
AECORE.DLL : 8.1.0.30 168311 Bytes 30/05/2008 17:48:57
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, A:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 1 juin 2008 13:19

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'hptskmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'WOOBrowser.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'A:\'
[INFO] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
C:\WINDOWS\system32\efcBrPgD.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.aay
[WARNING] The file could not be deleted!

The registry was scanned ( '34' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\efcBrPgD.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.aay
[WARNING] The file could not be deleted!
Begin scan in 'D:\'
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\' <Nouveau>
Begin scan in 'F:\' <Nax&Oyo_CD2vb>

End of the scan: dimanche 1 juin 2008 14:07
Used time: 48:14 min

The scan has been done completely.

3095 Scanning directories
141465 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
141463 Files not concerned
601 Archives were scanned
4 Warnings
0 Notes
0
Utilisateur anonyme
 
Défragmenter le disque dur:

*Pour l'exécuter, cliquez sur le bouton Démarrer, sur Tous les programmes, sur Accessoires, Outils systèmes puis sur Défragmenteur de disque.

*cliquez sur le bouton Analyser. Le logiciel examine alors votre disque dur.

*Cliquez sur le bouton Afficher le rapport. (enregistre le et poste le moi stp)

*cliquez sur le bouton Défragmenter.
0
Réponse 7 / 11
vinz71
 
Volume (C:)
Taille du volume = 8,87 Go
Taille de cluster = 4 Ko
Espace utilisé = 5,33 Go
Espace libre = 3,54 Go
Pourcentage d'espace libre = 39 %

Fragmentation du volume
Fragmentation totale = 3 %
Fragmentation de fichiers = 5 %
Fragmentation de l'espace libre = 1 %

Fragmentation de fichiers
Total de fichiers = 38 626
Taille moyenne de fichier = 308 Ko
Total de fichiers fragmentés = 1 242
Total de fragments en trop = 3 580
Nombre moyen de fragments par fichier = 1,09

Fragmentation du fichier paginé
Taille du fichier paginé = 768 Mo
Total de fragments = 1

Fragmentation de dossier
Total de dossiers = 3 050
Dossiers fragmentés = 6
Fragments de dossiers en trop = 392

Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 70 Mo
Nombre d'enregistrements dans la MFT = 41 752
Pourcentage d'utilisation de la MFT = 58 %
Total de fragments dans la MFT = 3

--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers les plus fragmentés
631 39 Mo \Program Files\Java\jre1.6.0_02\lib\rt.jar
99 6 Mo \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181820.dll
97 412 Ko \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\VBSPRV9E
96 408 Ko \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\02KUCF29
96 408 Ko \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\0U6CVVYR
95 404 Ko \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\2P98DN7U
75 2 Mo \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\index.dat
39 2 Mo \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181928.dll
38 345 Ko \Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
28 433 Ko \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP242\change.log.3
26 2 Mo \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\VBSPRV9E\16[1].jpg
22 35 Mo \Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\Nokia PC Suite\Nokia PC Suite.msi
22 2 Mo \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\2P98DN7U\245x195[1].flv
18 1 Mo \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181933.dll
17 1 Mo \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181821.dll
17 1 Mo \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\1HLQUZR4\VDO_300x250_HD[1].flv
16 1 Ko \WINDOWS\system32\config\software.LOG
16 928 Ko \Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\0U6CVVYR\caledonie_250_250[1].flv
15 28 Mo \Program Files\Hewlett-Packard\Digital Imaging\Product\2200.msi
15 33 Mo \Program Files\Hewlett-Packard\Digital Imaging\Product\6100.msi
14 888 Ko \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181883.dll
14 1 Ko \Documents and Settings\Vincent\ntuser.dat.LOG
13 782 Ko \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181898.exe
10 126 Ko \Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
10 644 Ko \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181876.dll
9 342 Ko \WINDOWS\Temp\etilqs_kRP8Rl9ahkiK0rT
9 144 Ko \Documents and Settings\Vincent\Local Settings\Historique\History.IE5\MSHist012008060120080602\index.dat
8 176 Ko \Documents and Settings\Vincent\Local Settings\Historique\History.IE5\index.dat
8 488 Ko \System Volume Information\_restore{F0531E4D-50FD-4890-84D4-0C943236A49D}\RP240\A0181823.dll

et

Volume (D:)
Taille du volume = 9,77 Go
Taille de cluster = 4 Ko
Espace utilisé = 640 Mo
Espace libre = 9,14 Go
Pourcentage d'espace libre = 93 %

Fragmentation du volume
Fragmentation totale = 0 %
Fragmentation de fichiers = 0 %
Fragmentation de l'espace libre = 0 %

Fragmentation de fichiers
Total de fichiers = 733
Taille moyenne de fichier = 900 Ko
Total de fichiers fragmentés = 16
Total de fragments en trop = 54
Nombre moyen de fragments par fichier = 1,07

Fragmentation du fichier paginé
Taille du fichier paginé = 0 octets
Total de fragments = 0

Fragmentation de dossier
Total de dossiers = 51
Dossiers fragmentés = 1
Fragments de dossiers en trop = 1

Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 880 Ko
Nombre d'enregistrements dans la MFT = 799
Pourcentage d'utilisation de la MFT = 90 %
Total de fragments dans la MFT = 2

--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers les plus fragmentés
24 181 Ko \Documents and Settings\Vincent\Mes documents\cc_20080530_1854.reg
6 102 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Thumbs.db
4 392 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo009.jpg
4 444 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo008.jpg
4 329 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo010.jpg
4 349 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo002.jpg
3 411 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo011.jpg
3 446 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo013.jpg
3 440 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo012.jpg
3 138 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo007.jpg
2 14 Ko \Documents and Settings\Vincent\Mes documents\cc_20080530_1856.reg
2 12 Ko \Documents and Settings\Vincent\Mes documents
2 268 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo021.jpg
2 263 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Vidéo004.3gp
2 189 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo027.jpg
2 226 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo023.jpg
2 275 Ko \Documents and Settings\Vincent\Mes documents\Mes images\Nouveau dossier\20080601\Photo003.jpg
0
Réponse 8 / 11
vinz71
 
j'ai un autre soucis les mises a jours windows sont désactivé et impossible de changer meme dans le panneau de configuration alors je vais sur windows update et je suis ca:

"Le site ne peut pas continuer, car un ou plusieurs des services Windows suivants ne sont pas exécutés :

Mises à jour automatiques (permet au site de rechercher, de télécharger et d'installer les mises à jour prioritaires destinées à votre ordinateur)
Service de transfert intelligent en arrière-plan (BITS) (accélère le téléchargement et résout les problèmes liés aux éventuelles interruptions du processus)
Journal des événements (conserve l'historique des opérations de mise à jour pour faciliter la résolution des problèmes le cas échéant)
Pour vérifier que ces services sont exécutés :
1. Cliquez sur Démarrer, puis sur Exécuter.
2. Entrez services.msc, puis cliquez sur OK.
3. Dans la liste de services, double-cliquez sur Mises à jour automatiques, puis cliquez sur Propriétés.
4. Dans la liste Type de démarrage, sélectionnez Automatique et cliquez sur Appliquer.
5. Vérifiez que l'état associé au service est Démarré. Si le service est arrêté, cliquez sur le bouton Démarrer. "

Une fois cliquez sur démarrer il me dit erreur 1058 impossible etc....je sais pas si c'est lié a ce que je te disais plus haut mais c'est embetant
0
Utilisateur anonyme
 
Ok maintenant defragmente.
0
Réponse 9 / 11
vinz71
 
Volume (C:)
Taille du volume = 8,87 Go
Taille de cluster = 4 Ko
Espace utilisé = 5,33 Go
Espace libre = 3,54 Go
Pourcentage d'espace libre = 39 %

Fragmentation du volume
Fragmentation totale = 1 %
Fragmentation de fichiers = 1 %
Fragmentation de l'espace libre = 1 %

Fragmentation de fichiers
Total de fichiers = 38 627
Taille moyenne de fichier = 308 Ko
Total de fichiers fragmentés = 3
Total de fragments en trop = 779
Nombre moyen de fragments par fichier = 1,02

Fragmentation du fichier paginé
Taille du fichier paginé = 768 Mo
Total de fragments = 1

Fragmentation de dossier
Total de dossiers = 3 050
Dossiers fragmentés = 1
Fragments de dossiers en trop = 0

Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 70 Mo
Nombre d'enregistrements dans la MFT = 41 753
Pourcentage d'utilisation de la MFT = 58 %
Total de fragments dans la MFT = 3

--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés
631 39 Mo \Program Files\Java\jre1.6.0_02\lib\rt.jar

et :

Volume (D:)
Taille du volume = 9,77 Go
Taille de cluster = 4 Ko
Espace utilisé = 640 Mo
Espace libre = 9,14 Go
Pourcentage d'espace libre = 93 %

Fragmentation du volume
Fragmentation totale = 0 %
Fragmentation de fichiers = 0 %
Fragmentation de l'espace libre = 0 %

Fragmentation de fichiers
Total de fichiers = 734
Taille moyenne de fichier = 898 Ko
Total de fichiers fragmentés = 0
Total de fragments en trop = 0
Nombre moyen de fragments par fichier = 1,00

Fragmentation du fichier paginé
Taille du fichier paginé = 0 octets
Total de fragments = 0

Fragmentation de dossier
Total de dossiers = 51
Dossiers fragmentés = 1
Fragments de dossiers en trop = 0

Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 880 Ko
Nombre d'enregistrements dans la MFT = 800
Pourcentage d'utilisation de la MFT = 90 %
Total de fragments dans la MFT = 2

--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés
Aucun
0
Utilisateur anonyme
 
Ok ouvre Ccleaner vas dans l'onglet "Option" puis "Avancé" puis decoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures.". Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage". Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée". Tu refais tous ca 4-5 fois.
0
vinz71 > Utilisateur anonyme
 
voila c'est fait.
merci.
0
Utilisateur anonyme > vinz71
 
*Allez sur le poste de travail
*Cliquez sur disque C:\ (c'est le disque ou se trouve votre système d'exploitation)
*Ensuite cliquez sur le dossier Windows C:\Windows
*ouvrez le dossier prefetch C:\Windows\prefetch (Tu fais Edition,Selectionner tout, puis avec ton clavier tu cliques sur Sppr)
*Supprimez tous les fichiers de ce dossier.
*Puis vide la corbeille.
0
Réponse 10 / 11
vinz71
 
c'est fait,j'avais pas vu que ma réponse avait pas été validé...
0
Utilisateur anonyme
 
Ok bon ba voila ton est clean et rapide. Je te conseille de garder AntiVir,Malwarebytes' Anti-Malware,Ccleaner et de laisser activé le pare-feu Windows pour être protégé a 100%. Pense a faire une analyse 1/ par mois mais avant n'oublies pas de mettre a jour Malwarebytes' Anti-Malware qui ne se fait pas automatiquement alors que AntiVir si. Si AntiVir détecte des choses tu cliques sur "delete". voila si tu as un quelconque autres problème je suis toujours la. @+
0
Réponse 11 / 11
vinz71
 
merci beaucoup !
0
Utilisateur anonyme
 
De rien @+.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses