Sujet Précédent Sujet Suivant

Antispychek

Résolu
lpoloc -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour à vous tous,

vous pouvez peux etre maidée ;o)
j'ai un programme que je n'arrive pas a retiré, (antispychek) vous connaissez?
il fait un chek a tous les 2 minute kwissssss ;o( et il na pas de place pour le désactivé ;o(
il me sort toute sorte de trogent que j'ai supposément dans mon ordi ;o( comme la il me dit ( attacked port:13023 Threat: Win32.worm.bagel.fj) j'avais jamais de trouble avant d'avoir se programe la ;o(
est-ce que vous pouvez m'aidée S.V.P.

merci beaucoup d'avance ;o)

8 réponses

Réponse 1 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

_______________

colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
0
lpoloc
 
Salut,

Ouin ben pour moi mon ordi est ben malade hihiih
merci de m'aidée tres apprecié ;o)

rapport MalwareByte's Anti-Malware

Malwarebytes' Anti-Malware 1.17
Version de la base de données: 862

16:59:46 2008-06-17
mbam-log-6-17-2008 (16-59-33).txt

Type de recherche: Examen rapide
Eléments examinés: 42282
Temps écoulé: 7 minute(s), 22 second(s)

Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 50
Valeur(s) du Registre infectée(s): 20
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 36

Processus mémoire infecté(s):
C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe (Rogue.VirusHeat) -> No action taken.
C:\Program Files\NetProject\sbmntr.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbsm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\scit.exe (Trojan.Zlob) -> No action taken.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\psqnuvo.dll (Trojan.Zlob) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{257f6f44-2c64-46bb-acb4-55f9b9e0ae08} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\iewarning.warningbho (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\iewarning.warningbho.1 (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{95667a7a-03b3-4ee0-91ae-a4de74d25729} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95667a7a-03b3-4ee0-91ae-a4de74d25729} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f10587e9-0e47-4cbe-84ae-7dd20b8685cc} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d2608046-dd09-a225-01bf-70c1edd8b2e8} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd0-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd1-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd2-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd3-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd4-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd5-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd8-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bd9-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bda-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06290bdb-48aa-11d2-8432-006008c3fbfc} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6d335adf-8270-4805-a044-2b6a09476396} (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdidrv32.sys (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tdidrv32.sys (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdidrv32.sys (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr.1 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\AntiSpyCheck (Rogue.AntiSpyCheck) -> No action taken.
HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Service (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Browsing (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\E404.e404mgr (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ugac (Rogue.PCSecureSystem) -> No action taken.
HKEY_CURRENT_USER\Software\Online Add-on (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpyCheck 2.1.0 (Rogue.VirusHeat) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\some (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{257f6f44-2c64-46bb-acb4-55f9b9e0ae08} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpyCheck (Rogue.VirusHeat) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\rdomain (Rogue.PCVirusless) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\prodname (Rogue.PCVirusless) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\compname (Rogue.PCVirusless) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger) -> Data: kdpaq.exe -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\NetProject (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinSecureAv (Rogue.WinSecureAv) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinSecureAv\Logs (Rogue.WinSecureAv) -> No action taken.
C:\Program Files\Online Add-on (Trojan.Zlob) -> No action taken.
C:\Program Files\Helper (Adware.BHO) -> No action taken.
C:\Program Files\AntiSpyCheck (Rogue.AntiSpyCheck) -> No action taken.
C:\WinSecureAv (Rogue.WinSecureAv) -> No action taken.
C:\WinSecureAv\AVQuar (Rogue.WinSecureAv) -> No action taken.
C:\WINDOWS\system32\162123 (Trojan.BHO) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe (Rogue.VirusHeat) -> No action taken.
C:\Program Files\NetProject\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\myv.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\ot.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbmdl.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbmntr.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbsm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\scit.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\scu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\ts.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\wamdl.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\waun.exe (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\psqnuvo.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe (Rogue.VirusHeat) -> No action taken.
C:\WINDOWS\system32\162123\162123.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\scrobj.dll (Rogue.AntiSpyCheck) -> No action taken.
C:\WINDOWS\system32\tdidrv32.sys (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\install_en[1].exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinSecureAv\Logs\threats.log (Rogue.WinSecureAv) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinSecureAv\Logs\update.log (Rogue.WinSecureAv) -> No action taken.
C:\Program Files\Online Add-on\icmntr.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\ictun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\icun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\isfmm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\isfun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\ot.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Online Add-on\ts.ico (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\zfe1.exe (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Administrateur\Favoris\Online Security Test.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Bureau\Security Troubleshooting.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Bureau\Online Security Guide.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Security Troubleshooting.url (Rogue.Link) -> No action taken.





voici mon rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:01:07, on 2008-06-17
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetProject\scit.exe
C:\Program Files\NetProject\sbmntr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\NetProject\sbsm.exe
C:\WINDOWS\System32\devldr32.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\CFusionMX\runtime\bin\jrunsvc.exe
C:\CFusionMX\runtime\bin\jrun.exe
C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe
C:\CFusionMX\db\slserver52\bin\swagent.exe
C:\CFusionMX\db\slserver52\bin\swstrtr.exe
C:\CFusionMX\db\slserver52\bin\swsoc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Avant Browser\avant.exe
C:\PROGRA~1\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://internetsearchservice.com/
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = https://internetsearchservice.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://internetsearchservice.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: leechvideo.com - {1B7445F8-3774-4E7D-AF54-8B933C554B1C} - C:\Program Files\LeechVideoConvert\leechmon.dll
O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C92CBD8D6} - (no file)
O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - C:\Program Files\AntiSpyCheck\IEWarning.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: 162123 helper - {95667A7A-03B3-4EE0-91AE-A4DE74D25729} - C:\WINDOWS\system32\162123\162123.dll
O2 - BHO: (no name) - {99BA268B-4021-4739-9945-3C774217FE75} - C:\Program Files\NetProject\sbmdl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8685CC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {C4DFA6F3-1245-41E5-8E60-7D31427F01B3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AntiSpyCheck 2.1.0] "C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AntiSpyCheck] C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/229?0b174876a6434c43bb8caa696bdaa392
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/230?0b174876a6434c43bb8caa696bdaa392
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolpro.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolpro.com/redirect.php (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACA499DE-E793-4BF0-9042-4EB8EFB464E9}: NameServer = 85.255.115.114,85.255.112.142
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE9A6D13-D16D-477A-978B-182F3569B9CF}: NameServer = 85.255.115.114,85.255.112.142
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.114 85.255.112.142
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.114 85.255.112.142
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.114 85.255.112.142
O22 - SharedTaskScheduler: chaplin - {257f6f44-2c64-46bb-acb4-55f9b9e0ae08} - C:\WINDOWS\system32\psqnuvo.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe
O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
0
Réponse 2 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu es gavé!

ton windows n'est pas a jour ! pourquoi?

_________

installe deja avant de debuté si tu n'en as pas un parefeu

mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

___________
ensuite tu es détourné en ukraine quand tu surf:

* Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt
_____________

smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais sélectionne l'option 2 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée

_________________

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

__________________

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

__________________
recolle un hijkahcits et dis tes soucis actuels
0
lpoloc
 
Salut et un gros merci ;o)

je vais essayé de faire ce que tu me dit ;o)
mais si ca devien trops compliqué je vais formaté, pense tu qu'il va en resté?

les mise a jour de windos XP professional marche tu toujour?

je te remerci encore ;o))))))

Lpoloc
0
Réponse 3 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
non il ne devrait pas en rester mais il me faudra les rapport
formater c'est bien mais il faut remettre tous les pilotes parfois manuellement et il faut avoir téléchragé avant d'aller sur le net un parefeu et un antivirus, sinon en quelques minutes tu sera de nouveau infécté
0
lpoloc
 
resalut,

bon ben la je n'ai plus le choix, car mon ordi ferme tous seul ;o(
aussitot qu'il tombe sur windows xp, l'ecran devien bleu ;o(
je vais essayé téléchargé un parfeu et un antivirus et les metres sur cd, quel parfeu et antivirus tu me conseil?
j'avais comme antivirus AVG est-qu'il est bon? mon parfeu il viens avec mon routeur je pense,
bon ben je te remerci pour tous.

lpoloc
0
Réponse 4 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
il te faut formater mais avant d'aller sur le net il te faut avoir installé un parefeu et un antivirus

par la suite mets a jour windows avec le sp2 (DEMARRER puis TOUS LES PROGRAMMES puis WINDOWS UPDATE)

bonne suite

pour protéger gratos ton ordi

https://www.commentcamarche.net/telecharger/ 4 securite

mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
malwarebytes antimalware + SPYBOT

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.commentcamarche.net/telecharger/ 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
nungesser Messages postés 1 Statut Membre
 
Malwarebytes' Anti-Malware 1.19
Version de la base de données: 899
Windows 5.1.2600 Service Pack 1

14:47:36 01/07/2008
mbam-log-7-1-2008 (14-47-36).txt

Type de recherche: Examen rapide
Eléments examinés: 77954
Temps écoulé: 19 minute(s), 40 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 21
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 29

Processus mémoire infecté(s):
C:\Program Files\AntiSpyCheck 2.1\AntiSpyCheck 2.1.exe (Rogue.VirusHeat) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Web Technologies\iebr.dll (Trojan.Zlob) -> Unloaded module successfully.
C:\Program Files\Web Technologies\iebt.dll (Trojan.Zlob) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7bc9c2e2-73a6-4fcf-b73d-cbaa20b31c9b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7bc9c2e2-73a6-4fcf-b73d-cbaa20b31c9b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2b2a8719f0d73b540683675697e40b6f8c7c9a8c (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\c48d3b9bca9b3a5a04bc26f729ee0c6e389dde2e (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2c5eceb3d45147eb99fa51120e7c7adebe213de6 (Adware.123Mania) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\a6a50b0ebf885a7dd4fb6927f1388592138fffe6 (Adware.123Mania) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2608046-dd09-a225-01bf-70c1edd8b2e8} (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{85bdd81d-31fd-4a6b-a73c-3955b128d2ec} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8301af7-d00e-4ea4-87c1-5ff4644fbba1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8301af7-d00e-4ea4-87c1-5ff4644fbba1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AntiSpyCheck 2.1 (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Technologies (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpyCheck 2.1 (Rogue.VirusHeat) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AUTORUN_VAL (Rogue.VirusHeat) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{2a7a8ce2-1eaf-4fc0-9158-958bb6bfa5c4} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{85bdd81d-31fd-4a6b-a73c-3955b128d2ec} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{85bdd81d-31fd-4a6b-a73c-3955b128d2ec} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\AntiSpyCheck 2.1 (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\788877 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\AntiSpyCheck 2.1\AntiSpyCheck 2.1.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\Program Files\AntiSpyCheck 2.1\AntiSpyCheck 2.1.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\iebr.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Web Technologies\iebt.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\scui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\iebtm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\iebtmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\iebtu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\iebu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\wcm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\wcs.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Web Technologies\wcu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080629111249968.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080629114128140.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080630003447562.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080630092230375.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080630094704937.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080630105559437.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcqyqflpwo_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcqyqflpwo_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\dufourmentel herve\Favoris\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.
0
Réponse 6 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt il est préférable que tu cré ta propre question et que tu explique ton problème.
0
Réponse 7 / 8
youyou
 
salut, je n arrive pas a désinstaller antivirus antispychek merci de me m aide svp
0
Réponse 8 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0