cheval de troie Fermé

Question

Bonjour,
voila mon scan hijack this est-ce que vous pouvez m'aider svp ??


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:16:20, on 26/09/2008
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
D:\Program Files\Wspi\Wspi.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Documents and Settings\giovanni\Mes documents\Nouveau dossier\parametres de zick ne pas effacer\yamipod_1.7_francais_18273\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\system32\drivers\regvcs.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DrvLsnr] D:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Wspi] D:\Program Files\Wspi\Wspi.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

sherred · Answer

Passe un coup de MalwareBytes' Anti-Malware : mette-le à jour avant, puis effectue le scan en mode sans échec) et nettoye tout ce qu'il trouve.
http://site-naheulbeuk.com/
Tuto : http://mickael.barroux.free.fr/securite/malwarebytes.php

Une fois terminé, redémarre ton PC. et pense a changer de navigateur
car si tu utilise encore Explorer 6  , tu n'es pas au bout de tes déboires
passe soit au 7 soit firefox ou opera

bboyzick · Answer

alors voila j'ai fait tout ce que tu ma dit , j'ai installer anti-malware ensuite j'ai fait les 2 scans (2h en tout)
voila ce que sa ma envoyé :


le premier:



Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1127
Windows 5.1.2600 

26/09/2008 13:10:04
mbam-log-2008-09-26 (13-10-04).txt

Type de recherche: Examen rapide
Eléments examinés: 52486
Temps écoulé: 11 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 25

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\secdrv (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\secdrv (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\secdrv (Rootkit.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
D:\WINDOWS\system32\bby.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ccz.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ezx.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\iuz.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\jxl.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\kjv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\lbq.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\msu.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32ud.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32	dv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\upi.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\uzg.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wbl.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wgq.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wmt.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ztt.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\zvu.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings
ath\Local Settings\Temporary Internet Files\Content.IE5\27M96BUV\c12345[3].jpg (Trojan.Unclassified) -> Quarantined and deleted successfully.
D:\Documents and Settings
ath\Local Settings\Temporary Internet Files\Content.IE5\3CWJVOY5\30[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\bryan\Local Settings\Temporary Internet Files\Content.IE5\8XU7W5MF\c12345[2].jpg (Trojan.Unclassified) -> Quarantined and deleted successfully.
D:\Documents and Settings\bryan\Local Settings\Temporary Internet Files\Content.IE5\CDYRKTQ7\30[2].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\bryan\Local Settings\Temporary Internet Files\Content.IE5\K56RC1Y3\c12345[1].jpg (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ashDsp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\drivers\secdrv.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\Photo_SP_P0059.zip (Backdoor.Bot) -> Quarantined and deleted successfully.



et le deuxieme:


Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1127
Windows 5.1.2600 

26/09/2008 14:11:44
mbam-log-2008-09-26 (14-11-43).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 89968
Temps écoulé: 58 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 253

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\parametres\Nouveau dossier\s4j1v4x7t8b1.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0022303.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0022348.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0022361.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0022376.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0023376.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0023402.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0023414.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024426.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024437.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024445.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024467.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024490.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024511.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024536.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0024558.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0025558.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0025579.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP36\A0025595.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP37\A0026590.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP37\A0026600.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP37\A0026615.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP37\A0026654.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP37\A0026662.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027777.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027787.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027815.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027845.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027860.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042930.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042932.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042958.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042959.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042985.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP43\A0042987.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0043005.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0043006.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0043998.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0043999.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044013.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044014.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044025.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044026.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044040.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044041.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044064.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044065.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044076.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0044077.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045076.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045077.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045092.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045093.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045106.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045107.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045126.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045127.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045175.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045176.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045220.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP44\A0045224.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0046244.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0046245.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047247.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047248.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047260.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047261.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047262.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047279.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047280.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047281.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047313.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047314.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047316.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047418.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047419.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047420.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047464.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047469.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048523.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048525.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048526.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048559.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048560.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048586.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048615.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0048617.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0049620.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0049622.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0050623.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0050624.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0058213.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0058214.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0058215.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0058216.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0058217.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP49\A0066671.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP49\A0066672.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP49\A0066673.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0066708.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0066709.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0066728.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0066730.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0067726.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0067727.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0067728.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0068728.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0068729.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0069733.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0069734.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0069735.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070736.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070737.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070738.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070761.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070762.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070763.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070775.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070776.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070777.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070806.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070807.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0070808.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0071809.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0071810.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0071811.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0072823.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0072824.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0072826.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0073823.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP50\A0073828.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074857.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074858.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074859.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074882.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074883.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0074885.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075876.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075877.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075878.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075889.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075890.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075892.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075904.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0075906.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0076908.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0076910.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0076927.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0076928.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP51\A0076950.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0076980.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0076981.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0077988.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0078002.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0078003.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0078025.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0078026.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP52\A0078047.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0078072.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079076.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079097.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079116.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079139.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079158.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0079181.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0080181.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0080202.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0081203.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0082203.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0083199.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0083214.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0084218.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0085217.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086218.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086231.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086249.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086264.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086296.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086328.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086351.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086374.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086398.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP54\A0086418.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0087414.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0087433.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0087448.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0087462.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0088465.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0088480.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP55\A0089490.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0089513.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0089591.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0089606.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0089622.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0090622.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0090644.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0090663.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0091658.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0091698.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP56\A0092698.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092723.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092742.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092762.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092782.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092819.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092833.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092853.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP57\A0092872.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0092888.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0092908.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0093912.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0094911.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0095906.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0095925.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0096925.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0097925.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP58\A0098925.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP59\A0098947.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP59\A0098960.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP59\A0098962.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP59\A0098963.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP59\A0098964.exe (Trojan.Unclassified) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP22\A0013114.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP28\A0013226.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP30\A0013428.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP32\A0013666.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP32\A0013687.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP32\A0013700.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP32\A0014703.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP32\A0014793.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP34\A0018980.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP40\A0027772.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP41\A0028044.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP45\A0047264.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP47\A0055026.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP53\A0078073.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149689.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149690.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149691.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149692.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149693.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149694.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149695.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149696.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149697.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149698.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149699.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149700.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149701.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149702.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149703.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149704.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{80902C13-EF99-412B-A76E-5CF42FEE894E}\RP82\A0149705.exe (Backdoor.Bot) -> Quarantined and deleted successfully.


A chaque fois j'ai supprimer et ensuite j'ai suivi ton plan et je me suis rendu sur quarantaine et j'ai tout supprimer , et bien sur tout sa en mode sans echec , il n'y a que la mise a jour que je n'ai pas reussi a faire car sa me dit que je ne suis pas connecté a internet.bref j'ai pas compris lol et jusqu'a présent avast ne detecte plus de chevaux de troie donc espérons que sa continuera pour etre sur que sa est marché.


encore une question tu m'a dit de changer de navigateur exploreur , mais comment fait t'on ???


merci pour les conseils ^^

sherred · Answer

pour explorer https://support.microsoft.com/fr-fr/allproducts
ensuite refait un hijacthis  je voudrai voir si c'est bon

bboyzick · Answer

voila mon scan hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:42, on 26/09/2008
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\svchost.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
D:\Program Files\Wspi\Wspi.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
D:\Documents and Settings\giovanni\Mes documents\Nouveau dossier\parametres de zick ne pas effacer\yamipod_1.7_francais_18273\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\system32\drivers\regvcs.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DrvLsnr] D:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Wspi] D:\Program Files\Wspi\Wspi.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

sherred · Answer

je repete pour explorer https://support.microsoft.com/fr-fr/allproducts

ensuite 
 Télécharge Toolbar-S&D (Team IDN) sur ton Bureau. 
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2 

* Lance l'installation du programme en exécutant le fichier téléchargé. 
* Double-clique maintenant sur le raccourci de Toolbar-S&D. 
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée. 
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche. 
* Poste le rapport généré. (C:\TB.txt)

bboyzick · Answer

alors voila , je télécharge l'explorer et ce message apparait : 


cette opération ne prend pas en charge la version actuelle du service pack de votre système d'exploitation


aidez moi svp !!!

bboyzick · Answer

-----------\  ToolBar S&D 1.2.1   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) 
   X86-based PC ( Uniprocessor Free :               Intel(R) Pentium(R) 4 CPU 2.60GHz )
   BIOS : 786B2 v2.04
   USER : giovanni ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total : 36 Go Free : 21 Go
   D:\ (Local Disk) - NTFS - Total : 19 Go Free : 8 Go
   E:\ (CD or DVD)

   "D:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
   Option : [1] ( 28/09/2008|12:40 )

   -----------\  Recherche de Fichiers / Dossiers ...

   D:\Program Files\KaZaA

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="D:\WINDOWS\System32\blank.htm"
   "Start Page"="https://www.google.fr/?gws_rd=ssl"
   "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Bar"="https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F"
   "First Home Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
   "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Start Page"="http://lo.st"


   --------------------\  Recherche d'autres infections

   D:\WINDOWS\Pack.epk
   [b]==> EGDACCESS <==/b

   --------------------\  Cracks & Keygens ..

   D:\DOCUME~1\giovanni\Mes documents\Nouveau dossier\parametres de zick ne pas effacer\Avast 4.1 keygen.exe



   1 - "D:\ToolBar SD\TB_1.txt" - 28/09/2008|12:41 - Option : [1]

   -----------\  Fin du rapport a 12:41:16,15

crapoulou · Answer

Salut, je vais avancer ton souci vu que ça fait quelque temps que tu attends si tu le permet sherred.

Télécharge sur le bureau navilog1
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
La console noire de Navilog1 doit s'être ouverte après l'installation.
Sinon, pour l'ouvrir, double-cliquez sur le raccourci "navilog1" sur votre bureau.
Appuyez sur la lettre f de votre clavier puis sur la touche Entrée.
Appuyez sur une touche de votre clavier pour continuer...
Tapez 1, puis appuyez sur la touche Entrée de votre clavier.
Ainsi Navilog1 va effectuer la recherche des fichiers infectieux sur votre PC : NE PAS UTILISER L'OPTION 2, 3, 4 SANS AVIS
soyez patient, cela peut prendre une dizaine de minutes...
Navilog1 vous informe que la recherche est terminée :
Appuyez sur une touche de votre clavier pour afficher le rapport qu'il a généré.
Le rapport sera sauvegardé dans le fichier suivant : "fixnavi.txt" à la racine 
de votre disque dur (ex : C:\fixnavi.txt).Poster le rapport généré.

crapoulou · Answer

ok, parfait.
Nettoyage : 

Relance Navilog en faisant un clic-droit sur le raccourci Navilog présent sur ton bureau et en choisissant "Exécuter en tant qu'administrateur". 
Au menu principal, choisis 2 et valide. 

Le fix va t'informer qu'il va alors redémarrer ton PC 
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts 
Appuie sur une touche comme demandé. 
(si ton Pc ne redémarre pas automatiquement, fais le toi même) 
Au redémarrage de ton PC, choisis ta session habituelle. 

Patiente jusqu'au message : 
*** Nettoyage Termine le ..... *** 

Le bloc note va s'ouvrir, copie/colle ici le rapport, comme tu l’as fait pour l’autre.

crapoulou · Answer

ta session est une session d'administrateur ?
Si oui, pas de souci.

crapoulou · Answer

non je reste ici parce que le forum est là pour cela et si d'autres ont le même problème que toi ils seront contents de trouver une solution.
Lance navilog normalement et choisis l'option 2 !
Ensuite poste le rapport généré.

bboyzick · Answer

jai redouble cliké , une analyse c produite otomatikemen , voila le rapport :

Clean Navipromo version 3.6.5 commencé le 29/09/2008 à 11:32:07,46

Outil exécuté depuis D:\Program Files
avilog1
Session actuelle : "giovanni" 

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2600.0000
Système de fichiers : NTFS

Mode suppression automatique 
avec prise en charge résultats Catchme et GNS


[b] Nettoyage executé en mode normal sans redémarrage
!! Les résultats ne seront pas optimisés !! [/b]

 
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "D:\WINDOWS\System32" *


* Suppression dans "D:\Documents and Settings\giovanni\locals~1\applic~1" * 


* Suppression dans "D:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 

* Suppression dans "D:\DOCUME~1\bryan\locals~1\applic~1" * 

* Suppression dans "D:\DOCUME~1
ath\locals~1\applic~1" * 


*** Suppression dossiers dans "D:\WINDOWS" ***


*** Suppression dossiers dans "D:\Program Files" ***


*** Suppression dossiers dans "D:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "D:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "d:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "D:\Documents and Settings\giovanni\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\ADMINI~1\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\bryan\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1
ath\applic~1" *** 


*** Suppression dossiers dans "D:\Documents and Settings\giovanni\locals~1\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\bryan\locals~1\applic~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1
ath\locals~1\applic~1" *** 


*** Suppression dossiers dans "D:\Documents and Settings\giovanni\menudm~1\progra~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1\bryan\menudm~1\progra~1" *** 


*** Suppression dossiers dans "D:\DOCUME~1
ath\menudm~1\progra~1" *** 



*** Suppression fichiers ***

D:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu D:\WINDOWS\Temp effectué !
Nettoyage contenu D:\Documents and Settings\giovanni\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "D:\WINDOWS\system32" *


* Dans "D:\Documents and Settings\giovanni\locals~1\applic~1" * 


* Dans "D:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 


* Dans "D:\DOCUME~1\bryan\locals~1\applic~1" * 


* Dans "D:\DOCUME~1
ath\locals~1\applic~1" * 


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 29/09/2008 à 12:20:15,27 ***

crapoulou · Answer

ok, parfait.
Postes un nouveau rapport hijackthis stp.

crapoulou · Answer

Télécharge LopS&D (de eric_71) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 
Enregistre le fichier sur ton bureau.
Lance l'installation.
Une fois le programme lancé tape F pour être en Français.
Puis exécute l'option 1 : Recherche.
Un rapport sera généré.
Poste le ici.
(Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\LopR.txt)
Petit tuto ici si besoin : http://www.malekal.com/tutorial_Lop_SD.php

bboyzick · Answer

ok j'ai le rapport mais petite question , c'est normal que j'ai deja fait sa 3 fois ?? toolbarSD navilog1 lopSD ..



mon rapport : 

   --------------------\  Lop S&D 4.2.4-4   XP/Vista

   (  :  )
   USER : giovanni ( Administrator )

   "D:\Lop SD" ( MAJ : 19-09-2008|22:20 )
   Option : [1] ( 29/09/2008|17:48 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [23/07/2008|22:39] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [13/06/2008|15:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [23/07/2008|22:15] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [26/09/2008|12:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [07/09/2008|21:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [12/09/2008|19:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [28/09/2008|13:11] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [23/07/2008|22:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [22/07/2008|14:37] D:\DOCUME~1\bryan\APPLIC~1\Adobe
   [21/06/2008|12:58] D:\DOCUME~1\bryan\APPLIC~1\Ahead
   [26/07/2008|17:20] D:\DOCUME~1\bryan\APPLIC~1\EoRezo
   [24/07/2008|11:11] D:\DOCUME~1\bryan\APPLIC~1\Grisoft
   [16/06/2008|21:36] D:\DOCUME~1\bryan\APPLIC~1\Identities
   [22/07/2008|14:37] D:\DOCUME~1\bryan\APPLIC~1\ItsLabel
   [22/07/2008|14:37] D:\DOCUME~1\bryan\APPLIC~1\Macromedia
   [23/07/2008|02:55] D:\DOCUME~1\bryan\APPLIC~1\Microsoft
   [24/07/2008|14:33] D:\DOCUME~1\bryan\APPLIC~1\Mozilla
   [24/07/2008|11:14] D:\DOCUME~1\bryan\APPLIC~1\vlc
   [17/06/2008|17:25] D:\DOCUME~1\bryan\APPLIC~1\WinRAR

   [13/06/2008|15:25] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [21/07/2008|22:13] D:\DOCUME~1\giovanni\APPLIC~1\Adobe
   [19/06/2008|03:27] D:\DOCUME~1\giovanni\APPLIC~1\AdobeUM
   [13/06/2008|15:59] D:\DOCUME~1\giovanni\APPLIC~1\Ahead
   [13/09/2008|12:43] D:\DOCUME~1\giovanni\APPLIC~1\ArcSoft
   [13/06/2008|15:41] D:\DOCUME~1\giovanni\APPLIC~1\Auslogics
   [23/07/2008|23:30] D:\DOCUME~1\giovanni\APPLIC~1\dvdcss
   [29/09/2008|12:01] D:\DOCUME~1\giovanni\APPLIC~1\EoRezo
   [24/07/2008|17:08] D:\DOCUME~1\giovanni\APPLIC~1\Google
   [23/07/2008|22:16] D:\DOCUME~1\giovanni\APPLIC~1\Grisoft
   [13/06/2008|15:31] D:\DOCUME~1\giovanni\APPLIC~1\Identities
   [22/07/2008|22:56] D:\DOCUME~1\giovanni\APPLIC~1\ItsLabel
   [21/07/2008|23:19] D:\DOCUME~1\giovanni\APPLIC~1\LimeWire
   [21/07/2008|20:27] D:\DOCUME~1\giovanni\APPLIC~1\Macromedia
   [26/09/2008|12:56] D:\DOCUME~1\giovanni\APPLIC~1\Malwarebytes
   [23/07/2008|03:45] D:\DOCUME~1\giovanni\APPLIC~1\Microsoft
   [24/07/2008|12:49] D:\DOCUME~1\giovanni\APPLIC~1\Mozilla
   [25/07/2008|00:11] D:\DOCUME~1\giovanni\APPLIC~1\uTorrent
   [05/09/2008|14:48] D:\DOCUME~1\giovanni\APPLIC~1\vlc
   [13/06/2008|15:49] D:\DOCUME~1\giovanni\APPLIC~1\WinRAR

   [13/06/2008|15:30] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [23/07/2008|02:53] D:\DOCUME~1
ath\APPLIC~1\Adobe
   [29/08/2008|00:38] D:\DOCUME~1
ath\APPLIC~1\EoRezo
   [24/07/2008|14:42] D:\DOCUME~1
ath\APPLIC~1\Grisoft
   [16/06/2008|18:49] D:\DOCUME~1
ath\APPLIC~1\Identities
   [22/07/2008|16:30] D:\DOCUME~1
ath\APPLIC~1\ItsLabel
   [22/07/2008|00:15] D:\DOCUME~1
ath\APPLIC~1\Macromedia
   [04/08/2008|01:57] D:\DOCUME~1
ath\APPLIC~1\Microsoft
   [24/07/2008|14:43] D:\DOCUME~1
ath\APPLIC~1\Mozilla
   [27/07/2008|00:25] D:\DOCUME~1
ath\APPLIC~1\vlc

   [13/06/2008|15:30] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans D:\WINDOWS	asks

   [29/09/2008 12:41][--ah-----] D:\WINDOWS	asks\SA.DAT
   [28/08/2001 14:00][-r-h-----] D:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans D:\Program Files

   [13/06/2008|15:42] D:\Program Files\Adobe
   [13/06/2008|15:56] D:\Program Files\Ahead
   [13/06/2008|16:15] D:\Program Files\Alwil Software
   [13/06/2008|17:04] D:\Program Files\Analog Devices
   [29/09/2008|12:17] D:\Program Files\ArcSoft
   [13/06/2008|15:41] D:\Program Files\Auslogics
   [13/06/2008|17:11] D:\Program Files\Broadcom
   [13/06/2008|15:40] D:\Program Files\CCleaner
   [07/09/2008|13:49] D:\Program Files\Circle Developement
   [13/06/2008|15:22] D:\Program Files\ComPlus Applications
   [29/07/2008|21:35] D:\Program Files\Corel
   [13/06/2008|15:41] D:\Program Files\DivX
   [26/09/2008|12:33] D:\Program Files\eMule
   [29/09/2008|12:13] D:\Program Files\EoRezo
   [12/09/2008|18:54] D:\Program Files\Fichiers communs
   [21/07/2008|20:27] D:\Program Files\Free
   [24/07/2008|17:07] D:\Program Files\Google
   [23/07/2008|22:15] D:\Program Files\Grisoft
   [23/07/2008|03:36] D:\Program Files\ICQ AIM Hider
   [29/09/2008|12:17] D:\Program Files\InstallShield Installation Information
   [13/06/2008|17:08] D:\Program Files\Intel
   [13/06/2008|15:24] D:\Program Files\Internet Explorer
   [23/07/2008|03:36] D:\Program Files\Java
   [26/07/2008|10:51] D:\Program Files\KAZAA
   [26/09/2008|13:12] D:\Program Files\Malwarebytes' Anti-Malware
   [07/09/2008|18:34] D:\Program Files\Messenger
   [07/09/2008|13:49] D:\Program Files\Messenger Plus! Live
   [13/06/2008|15:25] D:\Program Files\microsoft frontpage
   [13/06/2008|15:37] D:\Program Files\Microsoft Office
   [13/06/2008|15:23] D:\Program Files\Movie Maker
   [29/09/2008|17:29] D:\Program Files\Mozilla Firefox
   [13/06/2008|15:22] D:\Program Files\MSN
   [13/06/2008|15:22] D:\Program Files\MSN Gaming Zone
   [07/09/2008|13:49] D:\Program Files\MSN Messenger
   [23/07/2008|03:36] D:\Program Files\MSN Messenger(2)
   [21/07/2008|22:18] D:\Program Files\MSN Toolbar
   [29/09/2008|12:20] D:\Program Files\Navilog1
   [13/06/2008|15:23] D:\Program Files\NetMeeting
   [13/06/2008|15:23] D:\Program Files\Outlook Express
   [23/07/2008|00:10] D:\Program Files\Real
   [13/06/2008|15:24] D:\Program Files\Services en ligne
   [24/07/2008|16:19] D:\Program Files\Spybot - Search & Destroy
   [13/06/2008|15:31] D:\Program Files\Uninstall Information
   [05/09/2008|14:47] D:\Program Files\VideoLAN
   [12/09/2008|19:51] D:\Program Files\Webcam 1200
   [07/09/2008|13:49] D:\Program Files\Windows Live
   [13/06/2008|15:57] D:\Program Files\Windows Media Player
   [13/06/2008|15:22] D:\Program Files\Windows NT
   [24/07/2008|14:38] D:\Program Files\WindowsUpdate
   [16/09/2008|00:24] D:\Program Files\WinRAR
   [26/09/2008|15:21] D:\Program Files\Wspi
   [13/06/2008|15:25] D:\Program Files\xerox
   [23/07/2008|22:04] D:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans D:\Program Files\Fichiers communs

   [13/06/2008|15:43] D:\Program Files\Fichiers communs\Adobe
   [13/06/2008|15:56] D:\Program Files\Fichiers communs\Ahead
   [15/09/2008|13:41] D:\Program Files\Fichiers communs\ArcSoft
   [13/06/2008|15:37] D:\Program Files\Fichiers communs\DESIGNER
   [29/07/2008|21:33] D:\Program Files\Fichiers communs\InstallShield
   [23/07/2008|03:36] D:\Program Files\Fichiers communs\Java
   [23/07/2008|03:45] D:\Program Files\Fichiers communs\Microsoft Shared
   [13/06/2008|15:23] D:\Program Files\Fichiers communs\MSSoap
   [13/06/2008|16:12] D:\Program Files\Fichiers communs\ODBC
   [13/06/2008|15:23] D:\Program Files\Fichiers communs\Services
   [13/06/2008|16:12] D:\Program Files\Fichiers communs\SpeechEngines
   [13/06/2008|15:23] D:\Program Files\Fichiers communs\System

   --------------------\  Process

   ( 38 Processes )

   iexplore.exe ~ [PID:1092]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_08bd.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_0a44.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_1ca4.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_4d85.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_5c53.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_76e6.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_b269.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_b3f0.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_be5e.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_e2b1.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_f505.tmp
   D:\DOCUME~1\giovanni\LOCALS~1\Temp\msgpl_fd11.tmp
   D:\Program Files\Circle Developement
   D:\Program Files\Circle Developement\Uninstall.exe
   D:\DOCUME~1\giovanni\Cookies\giovanni@adopt.euroclick[2].txt
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-29 17:48:41
   Windows 5.1.2600  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 62
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   D:\DOCUME~1\giovanni\Mes documents\Nouveau dossier\parametres de zick ne pas effacer\Avast 4.1 keygen.exe


   [F:54][D:2]-> D:\DOCUME~1\giovanni\LOCALS~1\Temp
   [F:35][D:0]-> D:\DOCUME~1\giovanni\Cookies
   [F:416][D:4]-> D:\DOCUME~1\giovanni\LOCALS~1\TEMPOR~1\content.IE5

   1 - "D:\Lop SD\LopR_1.txt" - 29/09/2008|17:49 - Option : [1]

   --------------------\  Fin du rapport a 17:49:13

crapoulou · Answer

tu n'avais pas fait lop.
Connais tu le fichier blabla.exe qui est sur ton bureau ?

bboyzick · Answer

oui c hijackthis , quelqu'un ma conseiller de le renomer

crapoulou · Answer

ah ok tout s'explique alors!
met à jour intenet explorer en téléchargeant cette version ici :
https://support.microsoft.com/fr-fr/allproducts   (version 7, tu as la version 6)

et met à jur également adobe acrobat reader ici :
www.adobe.com/fr/products/reader/   (version 9, tu as la version 7)

Fixe ces lignes avec hijackthis :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - :\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)

Ensuite :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau. 

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. 

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici : 
• Redémarre ton ordinateur 
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde). 
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître. 
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée". 
• Choisis ton compte. 

Déroule la liste des instructions ci-dessous : 
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. 
• Appuie sur Y pour commencer le processus de nettoyage. 
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
• Appuie sur une touche pour redémarrer le PC. 

• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

Si t’as besoin d’un tuto : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ 

bon boulot !

crapoulou · Answer

ok on verra ça plus tard, passe surtout à SD fix.

crapoulou · Answer

lol ouais.

crapoulou · Answer

ok, repasse un coup de malwarebytes avant pour faire un peu de ménage.
quel fichier de sdfix as tu ouvert ??

bboyzick · Answer

ba le fichier sur le bureau , av un carton jaune et trois livre dedans , ok je lance malwarebyte mais la derniere fois sa a durer tré lontem lol

crapoulou · Answer

Essaie de supprimer sd fix et de le retélécharger.

crapoulou · Answer

en parlant de mises a jour, il faudra mettre a jour internet explorer!
réessaye sd fix

crapoulou · Answer

Télécharge MSNFix.zip (de !aur3n7 et Regis59) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip

Décompresse-le (clic droit >> Extraire ici) et place les fichiers dans C:\MSNFix (très important).

Double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

Petit tuto ici : https://www.malekal.com/supprimer-virus-desinfecter-pc/

Cheval de troie

25 réponses

Discussions similaires