Problème de troyens et interprétation hidjack

nanou50500 Messages postés 3 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
J'ai des petits problèmes avec des troyens dont je n'arrive pas à me débarasser quelqu'un aurait il la gentillesse d'interpréter mon log hijackthis et de me donner quelques conseils pour réussir à me débarasser de ces vius ?
Je pense avoir été infestée par le virus qui circule sur msn "T'as vu ta tof sur ce site".
Merci d'avance !!!
Voici mon rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:24:55, on 29/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro\vk_service.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro\VirusKeeper.exe
C:\WINDOWS\system32\rundll32.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Fichiers communs\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2008 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S90.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{47b26636-6b5c-ed38-db34-ef3f86d41fd2}.dll" DllInit
O4 - HKLM\..\Run: [34693614] rundll32.exe "C:\WINDOWS\system32\psrosvon.dll",b
O4 - HKLM\..\Run: [BM375a0588] Rundll32.exe "C:\WINDOWS\system32\lqgbmeww.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\KAY LINE\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [trtzojjfep] c:\windows\system32\trtzojjfep.exe trtzojjfep
O4 - HKCU\..\Run: [nahdaouxpi] c:\windows\system32\nahdaouxpi.exe nahdaouxpi
O4 - HKCU\..\Run: [oikwujlhq] c:\windows\system32\oikwujlhq.exe oikwujlhq
O4 - HKCU\..\Run: [hxzwwjqof] c:\windows\system32\hxzwwjqof.exe hxzwwjqof
O4 - HKCU\..\Run: [ruprtal] c:\windows\system32\ruprtal.exe ruprtal
O4 - HKCU\..\Run: [cdeasqy] c:\windows\system32\cdeasqy.exe cdeasqy
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Acmw] "C:\WINDOWS\system32\DOBE~1\cmd.exe" -vt yazb
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\lcntqkdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jpwnw64q.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Alice ADSL - {E1DF7BAA-A9E0-4086-B1CE-38954B687049} - https://portail.free.fr/ (file missing) (HKCU)
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=https://portail.free.fr/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2008 Pro\vk_service.exe

--
End of file - 12014 bytes
Configuration: Windows XP
Internet Explorer 7.0

2 réponses

  1. zorinho Messages postés 829 Statut Membre 51
     
    Salut,

    je vais te proposer la solution miracle qui fonctionne très bien pour l'ensemble des trojans...

    Malwarebytes Antimalware (MBAM)

    https://www.pcparadise.fr

    Installe ce logiciel, fais les mises à jour
    Fais un scan en mode sans échec (scan complet)
    A la fin de l'analyse, clique sur "Supprimer la sélection"
    Puis, dans l'onglet quarantaine, supprime les fichiers qui s'y trouvent
    Redémarre l'ordi. N'oublie pas non plus un petit rapport

    Bonne chance

    Zor
    0
    1. zorinho Messages postés 829 Statut Membre 51
       
      Je t'envoye le chapitre consacré spécialement pour le sujet dans la section "Astuces"

      Tu trouveras tout ici

      http://www.commentcamarche.net/faq/sujet 6862 supprimer le trojan vundo virtumonde

      Applique ceci après malwarebytes

      A plus

      Zor
      0
      1. nanou50500 Messages postés 3 Statut Membre > zorinho Messages postés 829 Statut Membre
         
        Merci beaucoup de m'avoir répondu si rapidement je doit partir travailler je m'occupe de ça ce soir et je poste mon rapport.
        Bonne journée
        0
      2. nanou5500 > zorinho Messages postés 829 Statut Membre
         
        Bonsoir,
        Voila j'ai fait tout ce que tu m'as conseillé mais les troyens sont toujours là je te met mon rapport hijackthis, si j'ai bien tout compris ce qu'il y a de noté dans le chapitre que tu m'as conseillé il confirme que les virus sont toujours là :

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 23:36:37, on 29/05/2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16640)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\system32\spoolsv.exe
        c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
        C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
        C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
        C:\WINDOWS\System32\FTRTSVC.exe
        c:\APPS\HIDSERVICE\HIDSERVICE.exe
        C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        C:\WINDOWS\system32\slmdmsr.exe
        C:\WINDOWS\system32\svchost.exe
        C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
        C:\WINDOWS\system32\VTTimer.exe
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
        C:\WINDOWS\system32\drivers\STDSB.exe
        C:\Program Files\QuickTime\qttask.exe
        C:\WINDOWS\system32\drivers\Icon.exe
        C:\Program Files\AxBx\VirusKeeper 2008 Pro\vk_service.exe
        C:\Program Files\Windows Live\Contrôle parental\fssui.exe
        C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
        C:\Program Files\AxBx\VirusKeeper 2008 Pro\VirusKeeper.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
        C:\Program Files\Messenger\msmsgs.exe
        c:\APPS\Powercinema\Kernel\TV\CLSched.exe
        C:\Program Files\Microsoft ActiveSync\wcescomm.exe
        C:\WINDOWS\system32\wscntfy.exe
        C:\PROGRA~1\MI3AA1~1\rapimgr.exe
        C:\Program Files\Windows Live\Messenger\usnsvc.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
        R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: (no name) - {0612D893-497B-41AB-99EE-6A9F1C71A157} - C:\WINDOWS\system32\vtUllLbB.dll (file missing)
        O2 - BHO: (no name) - {129FA2A1-408C-4824-83A4-5001581FD01E} - C:\WINDOWS\system32\cbXqQjKD.dll
        O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: (no name) - {64fcd8d5-667b-44cf-b8e7-07d6576973a1} - C:\WINDOWS\system32\rlmugjif.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: (no name) - {83C969D1-B80C-4A43-AAD1-636E3C41F5D6} - C:\WINDOWS\system32\mlJYpMff.dll (file missing)
        O2 - BHO: (no name) - {892BB2A0-2092-4ED1-A812-FD533598F85E} - C:\WINDOWS\system32\card.dll
        O2 - BHO: (no name) - {9017E084-2BEC-409A-9183-99DBCD8F2889} - C:\WINDOWS\system32\card.dll
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: adzgalore - {dd3dd4bf-38f9-fb33-1524-86d7a4cb9d1a} - C:\WINDOWS\system32\nsy4A.dll
        O2 - BHO: adzgalore - {E14BC640-4070-47C6-94E4-24E70D1A1800} - C:\WINDOWS\system32\nsq1D.dll
        O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
        O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
        O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Fichiers communs\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
        O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
        O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
        O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
        O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
        O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
        O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
        O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
        O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
        O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
        O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
        O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2008 Pro\VirusKeeper.exe
        O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S90.tmp" /EF "HKLM"
        O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
        O4 - HKLM\..\RunOnce: [SpybotDeletingA6260] command /c del "C:\WINDOWS\system32\mlJYpMff.dll_old"
        O4 - HKLM\..\RunOnce: [SpybotDeletingC3986] cmd /c del "C:\WINDOWS\system32\mlJYpMff.dll_old"
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
        O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
        O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\KAY LINE\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
        O4 - HKCU\..\Run: [trtzojjfep] c:\windows\system32\trtzojjfep.exe trtzojjfep
        O4 - HKCU\..\Run: [nahdaouxpi] c:\windows\system32\nahdaouxpi.exe nahdaouxpi
        O4 - HKCU\..\Run: [oikwujlhq] c:\windows\system32\oikwujlhq.exe oikwujlhq
        O4 - HKCU\..\Run: [hxzwwjqof] c:\windows\system32\hxzwwjqof.exe hxzwwjqof
        O4 - HKCU\..\Run: [ruprtal] c:\windows\system32\ruprtal.exe ruprtal
        O4 - HKCU\..\Run: [cdeasqy] c:\windows\system32\cdeasqy.exe cdeasqy
        O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
        O4 - HKCU\..\Run: [Acmw] "C:\WINDOWS\system32\DOBE~1\cmd.exe" -vt yazb
        O4 - HKCU\..\RunOnce: [SpybotDeletingB6538] command /c del "C:\WINDOWS\system32\mlJYpMff.dll_old"
        O4 - HKCU\..\RunOnce: [SpybotDeletingD833] cmd /c del "C:\WINDOWS\system32\mlJYpMff.dll_old"
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\lcntqkdm.exe
        O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jpwnw64q.exe
        O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
        O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe
        O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
        O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
        O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
        O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
        O9 - Extra button: Alice ADSL - {E1DF7BAA-A9E0-4086-B1CE-38954B687049} - https://portail.free.fr/ (file missing) (HKCU)
        O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
        O14 - IERESET.INF: START_PAGE_URL=https://portail.free.fr/
        O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
        O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
        O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
        O20 - Winlogon Notify: cbXqQjKD - C:\WINDOWS\SYSTEM32\cbXqQjKD.dll
        O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
        O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
        O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
        O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
        O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
        O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
        O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
        O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
        O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
        O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
        O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2008 Pro\vk_service.exe
        0
      3. zorinho Messages postés 829 Statut Membre 51 > nanou5500
         
        Malwarebytes Antimalware (MBAM)

        https://www.pcparadise.fr

        Installe ce logiciel, fais les mises à jour
        Fais un scan en mode sans échec (scan complet)
        A la fin de l'analyse, clique sur "Supprimer la sélection"
        Puis, dans l'onglet quarantaine, supprime les fichiers qui s'y trouvent
        Redémarre l'ordi. N'oublie pas non plus un petit rapport prouvant que la désinfection a bien eu lieu

        Zor
        0
      4. nanou50500 Messages postés 3 Statut Membre > zorinho Messages postés 829 Statut Membre
         
        Voici le rapport :
        Malwarebytes' Anti-Malware 1.12
        Version de la base de données: 799

        Type de recherche: Examen complet (C:\|)
        Eléments examinés: 101262
        Temps écoulé: 1 hour(s), 5 minute(s), 59 second(s)

        Processus mémoire infecté(s): 0
        Module(s) mémoire infecté(s): 2
        Clé(s) du Registre infectée(s): 30
        Valeur(s) du Registre infectée(s): 10
        Elément(s) de données du Registre infecté(s): 2
        Dossier(s) infecté(s): 32
        Fichier(s) infecté(s): 169

        Processus mémoire infecté(s):
        (Aucun élément nuisible détecté)

        Module(s) mémoire infecté(s):
        C:\WINDOWS\system32\mlJYpMff.dll (Trojan.Vundo) -> Unloaded module successfully.
        C:\WINDOWS\system32\cbXqQjKD.dll (Trojan.Vundo) -> Unloaded module successfully.

        Clé(s) du Registre infectée(s):
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49049a17-6709-40bf-bb7f-e6a8af5d7d47} (Trojan.Vundo) -> Delete on reboot.
        HKEY_CLASSES_ROOT\CLSID\{49049a17-6709-40bf-bb7f-e6a8af5d7d47} (Trojan.Vundo) -> Delete on reboot.
        HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Interface\{ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Interface\{1601d447-7424-4866-8dcc-acf98a2a41e1} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\Typelib\{c3c0ec2c-2c1c-495c-9ad0-1f0ef833d7b5} (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\pbfrv2.pbfrv2 (Adware.2020Search) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxqqjkd (Trojan.Vundo) -> Delete on reboot.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

        Valeur(s) du Registre infectée(s):
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\34693614 (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Adware.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM375a0588 (Trojan.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.

        Elément(s) de données du Registre infecté(s):
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljypmff -> Delete on reboot.
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljypmff -> Delete on reboot.

        Dossier(s) infecté(s):
        C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
        C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\PopupBlocker (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Recipes (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\BrowserSearch(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ErrorSearch(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Layouts(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Manager(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\PopupBlocker(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Recipes(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Reference(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\RelatedSearch(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\SearchMatch(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Toolbar(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarLogo(2) (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarSearch(2) (Adware.Starware) -> Quarantined and deleted successfully.

        Fichier(s) infecté(s):
        C:\WINDOWS\system32\akabjviu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\uivjbaka.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\dpoauern.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\nreuaopd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\mlJYpMff.dll (Trojan.Vundo) -> Delete on reboot.
        C:\WINDOWS\system32\ffMpYJlm.ini (Trojan.Vundo) -> Delete on reboot.
        C:\WINDOWS\system32\ffMpYJlm.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temp\outerinfo.ico (Malware.Trace) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temp\temB8.tmp.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temp\temC1.tmp.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temp\tmp3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temporary Internet Files\Content.IE5\1TS9RFFQ\kb713501[1] (Trojan.LowZones) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Local Settings\Temporary Internet Files\Content.IE5\IVNYLHR1\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\Program Files\AxBx\VirusKeeper 2008 Pro\Quarantaine\fxwotsij.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
        C:\Program Files\AxBx\VirusKeeper 2008 Pro\Quarantaine\mrofinu1000106.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
        C:\Program Files\AxBx\VirusKeeper 2008 Pro\Quarantaine\mrofinu1000106.exe.2 (Trojan.Downloader) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP238\A0134488.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP255\A0137958.dll (Adware.BHO) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140127.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140128.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140130.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140148.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140149.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140151.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140178.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP268\A0140192.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0140334.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0140335.dll (Adware.TargetSaver) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0140339.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0140340.vbs (Malware.Trace) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0140343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP269\A0141134.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141495.dll (AdWare.CommAd) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141501.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141502.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141509.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141517.dll (AdWare.CommAd) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141518.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141538.exe (AdWare.CommAd) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141539.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP274\A0141541.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP276\A0141578.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP276\A0141581.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP277\A0143715.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\lnpigqkb.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\myss_sb_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\service.exe (Adware.Mirar) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\ErrorLog.txt (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\PBFRV2TB0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Recipes\RecipesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Recipes\RecipesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\kay-line\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\BrowserSearch(2)\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\BrowserSearch(2)\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ErrorSearch(2)\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ErrorSearch(2)\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Layouts(2)\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Layouts(2)\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Layouts(2)\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Layouts(2)\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Manager(2)\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Manager(2)\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\PopupBlocker(2)\PopupBlockerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\PopupBlocker(2)\PopupBlockerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Recipes(2)\RecipesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Recipes(2)\RecipesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Reference(2)\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Reference(2)\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\RelatedSearch(2)\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\RelatedSearch(2)\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\SearchMatch(2)\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\SearchMatch(2)\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Toolbar(2)\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\Toolbar(2)\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarLogo(2)\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarLogo(2)\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarSearch(2)\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
        C:\Documents and Settings\KAY LINE\Application Data\Starware(2)\ToolbarSearch(2)\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
        C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\rundll32.exe (Adware.Agent) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\wsectoii.dll (Trojan.Agent) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
        C:\Program Files\outlook\p.zip (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\cmd.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\netstat.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\ping.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\regedit.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\tasklist.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\tracert.com (Worm.Alcra) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\cbXqQjKD.dll (Trojan.Vundo) -> Delete on reboot.
        C:\WINDOWS\system32\jkkhedAQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\cdeasqy_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\hxzwwjqof_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\nahdaouxpi_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\oikwujlhq_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\trtzojjfep_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\zhnhriz_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\cdeasqy_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\hxzwwjqof_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\nahdaouxpi_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\oikwujlhq_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\trtzojjfep_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\zhnhriz_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
        0
  2. zorinho Messages postés 829 Statut Membre 51
     
    Vas dont l'onglet quarantaine et supprime ce qui s'y trouve!!!

    Recolle un rapport Hijackthis réalisé en mode sans écjec...

    Zor
    0
    1. Utilisateur anonyme
       
      euh y'a rien dans la quarantaine ^^ les fichiers ont déjà été supprimé xD
      Sinon bah j'en profite pour suivre :D
      0