Virus abetterinternet.aurora et mirar
Fermé
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
-
3 sept. 2008 à 15:21
Utilisateur anonyme - 3 sept. 2008 à 19:43
Utilisateur anonyme - 3 sept. 2008 à 19:43
A voir également:
- Virus abetterinternet.aurora et mirar
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Virus mcafee - Accueil - Piratage
- Tinyurl.com virus - Forum Virus
29 réponses
Utilisateur anonyme
3 sept. 2008 à 15:23
3 sept. 2008 à 15:23
Salut,
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D. et choisi executer en tant qu administrateur
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D. et choisi executer en tant qu administrateur
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
3 sept. 2008 à 15:25
3 sept. 2008 à 15:25
pour vista si infection.
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 15:32
3 sept. 2008 à 15:32
ok merci je vais faire ca tout de suite
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
3 sept. 2008 à 15:33
3 sept. 2008 à 15:33
quoi?????????????
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 15:40
3 sept. 2008 à 15:40
excuse moi je ne suis pas très calé mais quand j'ouvre comptes d'utilisateurs, je ne vois pas Activer ou désactiver le contrôle des comptes d'utilisateurs mais seulement ajouter ou supprimer des comptes...
Que dois je faire ?
Que dois je faire ?
Utilisateur anonyme
3 sept. 2008 à 15:43
3 sept. 2008 à 15:43
fais comme cela alors :
télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D. et choisi executer en tant qu administrateur
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D. et choisi executer en tant qu administrateur
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 15:54
3 sept. 2008 à 15:54
Voila, je pense que c'est ca :
-----------\\ ToolBar S&D 1.1.6 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz )
BIOS : BIOS Date: 09/19/07 Ver: V1.60
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Norton Internet Security 2007 (Activated)
"C:\ToolBar SD" ( MAJ : 30-08-2008|00:19 )
Option : [1] ( mer. 03/09/2008|15:53 )
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Windows\System32\WinNB55.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1098640"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - mer. 03/09/2008|15:54 - Option : [1]
-----------\\ Fin du rapport a 15:54:34,67
-----------\\ ToolBar S&D 1.1.6 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz )
BIOS : BIOS Date: 09/19/07 Ver: V1.60
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Norton Internet Security 2007 (Activated)
"C:\ToolBar SD" ( MAJ : 30-08-2008|00:19 )
Option : [1] ( mer. 03/09/2008|15:53 )
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Windows\System32\WinNB55.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1098640"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - mer. 03/09/2008|15:54 - Option : [1]
-----------\\ Fin du rapport a 15:54:34,67
Utilisateur anonyme
3 sept. 2008 à 15:56
3 sept. 2008 à 15:56
Relance Toolbar-S&D en cliquant droit sur le raccourci et executer en tant qu administrateur
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 16:01
3 sept. 2008 à 16:01
voila,
-----------\\ ToolBar S&D 1.1.6 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz )
BIOS : BIOS Date: 09/19/07 Ver: V1.60
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Norton Internet Security 2007 (Activated)
"C:\ToolBar SD" ( MAJ : 30-08-2008|00:19 )
Option : [2] ( mer. 03/09/2008|16:00 )
[ UAC => 1 ]
-----------\\ SUPPRESSION
Echec ! - C:\Program Files\AskSBar\bar
Supprime! - C:\Windows\System32\WinNB55.dll
Echec ! - C:\Program Files\AskSBar
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\Program Files\AskSBar\bar
Echec ! - C:\Program Files\AskSBar
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1098640"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - mer. 03/09/2008|15:54 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - mer. 03/09/2008|16:02 - Option : [2]
-----------\\ Fin du rapport a 16:02:13,33
-----------\\ ToolBar S&D 1.1.6 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz )
BIOS : BIOS Date: 09/19/07 Ver: V1.60
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Norton Internet Security 2007 (Activated)
"C:\ToolBar SD" ( MAJ : 30-08-2008|00:19 )
Option : [2] ( mer. 03/09/2008|16:00 )
[ UAC => 1 ]
-----------\\ SUPPRESSION
Echec ! - C:\Program Files\AskSBar\bar
Supprime! - C:\Windows\System32\WinNB55.dll
Echec ! - C:\Program Files\AskSBar
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\Program Files\AskSBar\bar
Echec ! - C:\Program Files\AskSBar
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1098640"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - mer. 03/09/2008|15:54 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - mer. 03/09/2008|16:02 - Option : [2]
-----------\\ Fin du rapport a 16:02:13,33
Utilisateur anonyme
3 sept. 2008 à 16:04
3 sept. 2008 à 16:04
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip
C:\Users\Manu\'\Cracking kit 2010.zip
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent
C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 16:11
3 sept. 2008 à 16:11
voila, je viens de faire cela mais il ne m'a pas demandé de redémarer...
C:\Program Files\AskSBar\bar\1.bin moved successfully.
C:\Program Files\AskSBar\bar moved successfully.
C:\Program Files\AskSBar moved successfully.
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip moved successfully.
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip moved successfully.
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip moved successfully.
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip moved successfully.
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip moved successfully.
C:\Users\Manu\'\Cracking kit 2010.zip moved successfully.
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip moved successfully.
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip moved successfully.
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip moved successfully.
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip moved successfully.
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip moved successfully.
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip moved successfully.
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip moved successfully.
File/Folder C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent not found.
File/Folder C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09032008_160943
C:\Program Files\AskSBar\bar\1.bin moved successfully.
C:\Program Files\AskSBar\bar moved successfully.
C:\Program Files\AskSBar moved successfully.
C:\Users\Manu\'\Advanced RAR Repair 1.2 (No patch No Crack) version.zip moved successfully.
C:\Users\Manu\'\ALL Xilisoft Products Keygen v 1.00.zip moved successfully.
C:\Users\Manu\'\Bioshock DVD iSO Working Crack-Darkcoder.zip moved successfully.
C:\Users\Manu\'\Crackheads Gone Wild 2006 DVDRip XViD-BELiEVERS.zip moved successfully.
C:\Users\Manu\'\Crackheads Gone Wild DVDRip Xvid.zip moved successfully.
C:\Users\Manu\'\Cracking kit 2010.zip moved successfully.
C:\Users\Manu\'\Folder Lock v5.8.0 Portable Crack.zip moved successfully.
C:\Users\Manu\'\Jethro Back Of Beyond 2007 DVDRip XviD-Crackpots.zip moved successfully.
C:\Users\Manu\'\Jim Davidson Live In Your Face Dvdrip XviD-CrackPots.zip moved successfully.
C:\Users\Manu\'\Nero Micro 8.3.6.0 (No need any Crack).zip moved successfully.
C:\Users\Manu\'\Newlive Products Universal Keygen v1.0.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.24.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.30.zip moved successfully.
C:\Users\Manu\'\Slysoft Products Crack 1.31.zip moved successfully.
C:\Users\Manu\'\Windows XP Genuine Advantage Crack Bypass.zip moved successfully.
C:\Users\Manu\'\Witcobber Products 5 in 1 Multi Keygen.zip moved successfully.
File/Folder C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent not found.
File/Folder C:\Users\Manu\AppData\Roaming\LimeWire\.AppSpecialShare\Test Drive Unlimited Crack.torrent.bak not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09032008_160943
Utilisateur anonyme
3 sept. 2008 à 16:15
3 sept. 2008 à 16:15
Télécharge HijackThis ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
3 sept. 2008 à 16:18
3 sept. 2008 à 16:18
il faudrait aussi changer les habitudes.
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 16:20
3 sept. 2008 à 16:20
Voila je pense que c'est ca :
(merci bcp de ton aide en tout cas chiquitine29)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:07, on 3/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Belgacom ADSL\dragdiag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\VnrPack\VnrPack20.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\GetPack\GetPack20.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Rundll32.exe
C:\Windows\System32\Rundll32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: banneradsgalore browser optimizer - {7b51cdba-b64f-a232-4e10-16fbb0b1478c} - C:\Windows\system32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: DrFlex IE Helper - {8EEB2711-9D21-4f9c-99A1-B7FC5A8CA56A} - C:\Program Files\QdrDrive\QdrDrive20.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: bannerstyles15 browser enhancer - {d1fa3bfa-6e09-7411-8730-725b9b3e8ad2} - C:\Windows\system32\albzinnivrd.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Belgacom ADSL\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{601a6f87-005e-d43f-0a39-c93c21bcbb80}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\albzinnivrd.dll" DllStub
O4 - HKLM\..\Run: [{6466fdec-572b-3ce1-08e8-d5d2a9f825d9}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll" DllStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [VnrPack20] "C:\Program Files\VnrPack\VnrPack20.exe"
O4 - HKCU\..\Run: [GetPack20] "C:\Program Files\GetPack\GetPack20.exe"
O4 - HKCU\..\Run: [Host Process] C:\Users\Manu\svchost.exe
O4 - HKCU\..\Run: [VnrBlock20] "C:\Program Files\VnrBlock\VnrBlock20.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(merci bcp de ton aide en tout cas chiquitine29)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:07, on 3/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Belgacom ADSL\dragdiag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\VnrPack\VnrPack20.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\GetPack\GetPack20.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Rundll32.exe
C:\Windows\System32\Rundll32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: banneradsgalore browser optimizer - {7b51cdba-b64f-a232-4e10-16fbb0b1478c} - C:\Windows\system32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: DrFlex IE Helper - {8EEB2711-9D21-4f9c-99A1-B7FC5A8CA56A} - C:\Program Files\QdrDrive\QdrDrive20.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: bannerstyles15 browser enhancer - {d1fa3bfa-6e09-7411-8730-725b9b3e8ad2} - C:\Windows\system32\albzinnivrd.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Belgacom ADSL\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{601a6f87-005e-d43f-0a39-c93c21bcbb80}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\albzinnivrd.dll" DllStub
O4 - HKLM\..\Run: [{6466fdec-572b-3ce1-08e8-d5d2a9f825d9}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll" DllStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [VnrPack20] "C:\Program Files\VnrPack\VnrPack20.exe"
O4 - HKCU\..\Run: [GetPack20] "C:\Program Files\GetPack\GetPack20.exe"
O4 - HKCU\..\Run: [Host Process] C:\Users\Manu\svchost.exe
O4 - HKCU\..\Run: [VnrBlock20] "C:\Program Files\VnrBlock\VnrBlock20.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Utilisateur anonyme
3 sept. 2008 à 16:22
3 sept. 2008 à 16:22
Telecharge malwarebytes
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 16:35
3 sept. 2008 à 16:35
L'analyse est en cours...
Il a déja détecté 6 éléments infectés. Je poste le rapport dès que c'est terminé.
Merci
Il a déja détecté 6 éléments infectés. Je poste le rapport dès que c'est terminé.
Merci
manu04
Messages postés
13
Date d'inscription
mercredi 3 septembre 2008
Statut
Membre
Dernière intervention
3 septembre 2008
3 sept. 2008 à 18:45
3 sept. 2008 à 18:45
ha voila le scan est enfin terminé... Je pense que tout a été correctement supprimé
voici le rapport :
Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1107
Windows 6.0.6000
3/09/2008 18:36:44
mbam-log-2008-09-03 (18-36-44).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 123443
Temps écoulé: 1 hour(s), 55 minute(s), 4 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Program Files\VnrPack\VnrPack20.exe (Adware.Agent) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\QdrDrive\QdrDrive20.dll (Adware.AdBand) -> Delete on reboot.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll (Trojan.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\icheck (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7fced71-ac73-4131-8836-a13c0fb0385b} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{180175c0-913e-451c-9419-2d5500368d43} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{180175c0-913e-451c-9419-2d5500368d43} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8eeb2711-9d21-4f9c-99a1-b7fc5a8ca56a} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8eeb2711-9d21-4f9c-99a1-b7fc5a8ca56a} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\GetPack (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\banneradsgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VnrPack (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7b51cdba-b64f-a232-4e10-16fbb0b1478c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b51cdba-b64f-a232-4e10-16fbb0b1478c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QdrDrive (Adware.ISM) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getpack20 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnrblock20 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnrpack20 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{6466fdec-572b-3ce1-08e8-d5d2a9f825d9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Host Process (Worm.IRCBot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\QdrDrive (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GetPack (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\iCheck (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack (Adware.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock\VnrBlock20.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\iCheck\iCheck.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\iCheck\Uninstall.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\qdrloader.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ISM3434.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\QdrDrive20.dll (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock\xtarga.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GetPack\trgtame.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack\trgts.gz (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack\VnrPack20.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\84.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll-uninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Manu\Setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
voici le rapport :
Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1107
Windows 6.0.6000
3/09/2008 18:36:44
mbam-log-2008-09-03 (18-36-44).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 123443
Temps écoulé: 1 hour(s), 55 minute(s), 4 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Program Files\VnrPack\VnrPack20.exe (Adware.Agent) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\QdrDrive\QdrDrive20.dll (Adware.AdBand) -> Delete on reboot.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll (Trojan.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\icheck (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7fced71-ac73-4131-8836-a13c0fb0385b} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{180175c0-913e-451c-9419-2d5500368d43} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{180175c0-913e-451c-9419-2d5500368d43} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8eeb2711-9d21-4f9c-99a1-b7fc5a8ca56a} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8eeb2711-9d21-4f9c-99a1-b7fc5a8ca56a} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\GetPack (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\banneradsgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VnrPack (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7b51cdba-b64f-a232-4e10-16fbb0b1478c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b51cdba-b64f-a232-4e10-16fbb0b1478c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QdrDrive (Adware.ISM) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getpack20 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnrblock20 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnrpack20 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{6466fdec-572b-3ce1-08e8-d5d2a9f825d9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Host Process (Worm.IRCBot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\QdrDrive (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GetPack (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\iCheck (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack (Adware.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock\VnrBlock20.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\iCheck\iCheck.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\iCheck\Uninstall.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\qdrloader.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ISM3434.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\QdrDrive20.dll (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\VnrBlock\xtarga.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GetPack\trgtame.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack\trgts.gz (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VnrPack\VnrPack20.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\84.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll-uninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\{cc888401-8fc4-8f15-8e45-01c952853f3d}.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Manu\Setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
