Aifind.info me rend folle
virginie
-
bernie61 -
bernie61 -
Bonjour à tous,
je lutte moi aussi contre le virus qui impose la page de aifind.info. Je ne connais rien en informatique mais j'ai lu vos discussions alors je mets le rapport de scan. Si quelqu'un peut m'aider, ce serait vraiment sympa!
Virginie
CWShredder v1.57.0 scan only report
Please understand that a CWShredder 'Scan only' report
might not be sufficient to troubleshoot an infected system.
You can use HijackThis for that:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Windows 98 (4.10.2222 A)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\system
AppData folder: C:\WINDOWS\Application Data
Username: Standard
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\TypedURLs,url8
Infected data: http://www.nkvd.us/1510/www.wanadoo.fr
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,www,http://
Infected data: http://www.nkvd.us/1510/
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,home,http://
Infected data: http://www.nkvd.us/1510/
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,mosaic,http://
Infected data: http://www.nkvd.us/1510/
Found Hosts file: C:\WINDOWS\hosts (20 bytes, R)
Found CWS.Control (if filesize is over 50k) file: C:\WINDOWS\control.exe (2183 bytes, A)
Registry value: DefaultPrefix (should be http://) [] http://www.nkvd.us/1510/
Registry value: WWW Prefix (should be http://) [www] http://www.nkvd.us/1510/
Registry value: Mosaic Prefix (should be http://) [mosaic] http://www.nkvd.us/1510/
Registry value: Home Prefix (should be http://) [home] http://www.nkvd.us/1510/
Found Win.ini file: C:\WINDOWS\win.ini (11128 bytes, A)
Found line in Win.ini: load=
Found line in Win.ini: run=
Found System.ini file: C:\WINDOWS\system.ini (2883 bytes, A)
Found line in System.ini: shell=Explorer.exe
Found CWS.Xplugin file: C:\WINDOWS\system\xplugin.dll (98304 bytes, AH)
CWS.Smartfinder Registry value: HKLM\..\SSODL [DDE Control Module] {3F143C3A-1457-6CCA-03A7-7AA23B61E40F}
Found CWS.Smartfinder file: C:\WINDOWS\system\mtwirl32.dll (11264 bytes, A)
Found CWS.Smartfinder file: C:\WINDOWS\system\mtwcnl32.dll (210 bytes, A)
- END OF REPORT -
je lutte moi aussi contre le virus qui impose la page de aifind.info. Je ne connais rien en informatique mais j'ai lu vos discussions alors je mets le rapport de scan. Si quelqu'un peut m'aider, ce serait vraiment sympa!
Virginie
CWShredder v1.57.0 scan only report
Please understand that a CWShredder 'Scan only' report
might not be sufficient to troubleshoot an infected system.
You can use HijackThis for that:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Windows 98 (4.10.2222 A)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\system
AppData folder: C:\WINDOWS\Application Data
Username: Standard
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Infected data: res://C:\WINDOWS\SYSTEM\ILIKCEA.DLL/sp.html (obfuscated)
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Infected data: http://www.nkvd.us/s.htm
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\TypedURLs,url8
Infected data: http://www.nkvd.us/1510/www.wanadoo.fr
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,www,http://
Infected data: http://www.nkvd.us/1510/
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,home,http://
Infected data: http://www.nkvd.us/1510/
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,mosaic,http://
Infected data: http://www.nkvd.us/1510/
Found Hosts file: C:\WINDOWS\hosts (20 bytes, R)
Found CWS.Control (if filesize is over 50k) file: C:\WINDOWS\control.exe (2183 bytes, A)
Registry value: DefaultPrefix (should be http://) [] http://www.nkvd.us/1510/
Registry value: WWW Prefix (should be http://) [www] http://www.nkvd.us/1510/
Registry value: Mosaic Prefix (should be http://) [mosaic] http://www.nkvd.us/1510/
Registry value: Home Prefix (should be http://) [home] http://www.nkvd.us/1510/
Found Win.ini file: C:\WINDOWS\win.ini (11128 bytes, A)
Found line in Win.ini: load=
Found line in Win.ini: run=
Found System.ini file: C:\WINDOWS\system.ini (2883 bytes, A)
Found line in System.ini: shell=Explorer.exe
Found CWS.Xplugin file: C:\WINDOWS\system\xplugin.dll (98304 bytes, AH)
CWS.Smartfinder Registry value: HKLM\..\SSODL [DDE Control Module] {3F143C3A-1457-6CCA-03A7-7AA23B61E40F}
Found CWS.Smartfinder file: C:\WINDOWS\system\mtwirl32.dll (11264 bytes, A)
Found CWS.Smartfinder file: C:\WINDOWS\system\mtwcnl32.dll (210 bytes, A)
- END OF REPORT -
A voir également:
- Aifind.info me rend folle
- Invention folle - Accueil - Technologies
- Problème de contour qui me rend folle... - Forum Illustrator
- Patte folle spoof movie - Forum Cinéma / Télé
- Imprimante folle ✓ - Forum Imprimante
- Cherche un film du genre "Spoof Movie" ✓ - Forum Cinéma / Télé
3 réponses
Salut
1. faire PestPatrol en ligne ici
http://www.pestscan.com/ScanOrTrial.asp
2. puis AdAware là à charger (free) et lancer:
http://www.lavasoftusa.com/
3. il y a aussi SpyBot SD 1.3 là
http://www.safer-networking.org/
A+
1. faire PestPatrol en ligne ici
http://www.pestscan.com/ScanOrTrial.asp
2. puis AdAware là à charger (free) et lancer:
http://www.lavasoftusa.com/
3. il y a aussi SpyBot SD 1.3 là
http://www.safer-networking.org/
A+
salut je rajoute si ca ne suffit pas
http://www.spywareinfo.com/~merijn/files/CWShredder.exe
il faut l'ouvrir (absolument) toutes fenêtres fermées et hors connexion et faire fix- next - next
http://www.spywareinfo.com/~merijn/files/CWShredder.exe
il faut l'ouvrir (absolument) toutes fenêtres fermées et hors connexion et faire fix- next - next
