Sujet Précédent Sujet Suivant

Suite à un virus, ne peux plus ''Exécuter''

Jey -  
 Utilisateur anonyme -
Bonjour,
Voilà je travaille sur PC et j'ai attrapé un virus il y a peu dans mon ordinateur, heureusement j'ai pu le virer grâce a un nouvel antivirus, mais le problème est que je n'ai plus le fichier '' Exécuter '' Dans mon programme ''Démarrer '', j'imagine que le virus l'a gicler au passage, ou je ne sais pas comment on dis dans le langage informatique, je ne peux donc plus mettre à jour mon ordinateur par internet, ne pouvant plus exécuter les mises à jour.

Merci d'avance de vos réponses, je vous souhaites une bonne soirée !
A voir également:

37 réponses

  • 1
  • 2
Réponse 1 / 37
Utilisateur anonyme
 
Salut,

Est ce que tu as une version professionnelle ou bien familiale de Windows XP ?
0
Réponse 2 / 37
Jey
 
Je possède la version familiale :)
0
Utilisateur anonyme
 
Commence par installer gpedit en suivant ce lien : https://1map.com/fr/astwindscom
Puis on continuera !
0
Réponse 3 / 37
Jey
 
Voilà c'est bon, du moins je crois, lorsque j'ai doublecliqué sur le dossier d'installation, une petite fenêtre s'est ouverte en me disant de presser une touche afin de continuer l'installation, mais rien de plus.
0
Utilisateur anonyme
 
Va dans le menu démarrer > exécuter et tape gpedit.msc et tu valide. Une console s'est elle ouverte ?
0
Réponse 4 / 37
Jey
 
Justement le problème est là, je me suis peut être mal expliqué dans mon sujet initial, mais quand j'ouvre le menu démarrer, je ne peux pas Exécuter car je n'ai plus la fonction, elle a disparu en même temps que le virus.
0
Utilisateur anonyme
 
Ah désolé :-|

Menu démarrer tous les programmes > accessoires > invite de commande, et tu tape gpedit.msc.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 37
Jey
 
Celà me dis que ce n'est pas reconnu comme programme interne ou externe, je vais réessayer de l'installer, pour information, j'ai télécharger, et ouvert avec WinRar, je ne sais pas si ca influance, mais j'ai fais comme indiquer sur le site, extraire les fichier, doublecliquer sur le lien pour installer ... je ne vois pas ce qui cloche :(
0
Réponse 6 / 37
Jey
 
C'est bon ça marche, celà m'ouvre une fenêtre ''Stratégie de groupe'' avec plusieurs fichier à l'intérieur, pas besoin de les énumérer je pense que tu t'attendais justement à ce que je tombe sur cette fenêtre !
0
Réponse 7 / 37
Utilisateur anonyme
 
Voilà, tu vas dans : configuration utilisateur > Modèles d'administration > Menu démarrer et barre des tâches >
cherche "Supprimer le menu exécuter du menu démarrer", tu fais double clic > tu coches désactivé et tu valides.
Vérifie si le menu exécuter est de retour ou pas, sinon redémarre ton PC et revérifie encore.
@ +
0
Réponse 8 / 37
Jey
 
Malheureusement ca ne marche toujours pas après 2 redémarrages, si il y a un autre moyen possible je suis preneur, sinon je te remercie quand même de ton attention pour ce problème :)
0
Réponse 9 / 37
Utilisateur anonyme
 
Alors, tu es encore infecté :
* Télécharge hijackthis et installes le.
* Choisis "Do un scan with log", à la fin du scan, un rapport va s'ouvrir, tu copies et tu colles son contenu dans ta prochaine réponse.
@ +
0
Réponse 10 / 37
Jey
 
Je dois bien effectuer ''Do a system scan and save a logfile '' ?

Dans ce cas en effet je dois être bien contaminé ... pourtant mon pc tourne bien mis à part le manque d''Exécuter'' dans le menu démarrer.

Je sais pas si je vais tout copier, a la fin du rapport il y a écrit 'End of file - 20959 bytes'' ... et il comprend environ
200 lignes si ce n'est pas plus ce fameux rapport.
0
Réponse 11 / 37
Jey
 
Voilà le rapport en question :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17:02, on 09.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Octoshape Streaming Services\HP_Administrateur\OctoshapeClient.exe
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB55.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [\YUR331.exe] C:\Windows\system32\YUR331.exe
O4 - HKLM\..\Run: [\YUR35C.exe] C:\Windows\system32\YUR35C.exe
O4 - HKLM\..\Run: [\YUR3F2.exe] C:\Windows\system32\YUR3F2.exe
O4 - HKLM\..\Run: [\YUR499.exe] C:\Windows\system32\YUR499.exe
O4 - HKLM\..\Run: [\YUR8E1.exe] C:\Windows\system32\YUR8E1.exe
O4 - HKLM\..\Run: [\YUR8ED.exe] C:\Windows\system32\YUR8ED.exe
O4 - HKLM\..\Run: [\YUR930.exe] C:\Windows\system32\YUR930.exe
O4 - HKLM\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKLM\..\Run: [\YUR2C.exe] C:\Windows\system32\YUR2C.exe
O4 - HKLM\..\Run: [\YUR2D.exe] C:\Windows\system32\YUR2D.exe
O4 - HKLM\..\Run: [\YUR2E.exe] C:\Windows\system32\YUR2E.exe
O4 - HKLM\..\Run: [\YUR8E3.exe] C:\Windows\system32\YUR8E3.exe
O4 - HKLM\..\Run: [\YUR8E0.exe] C:\Windows\system32\YUR8E0.exe
O4 - HKLM\..\Run: [\YUR918.exe] C:\Windows\system32\YUR918.exe
O4 - HKLM\..\Run: [\YUR944.exe] C:\Windows\system32\YUR944.exe
O4 - HKLM\..\Run: [\YUR8DB.exe] C:\Windows\system32\YUR8DB.exe
O4 - HKLM\..\Run: [\YUR910.exe] C:\Windows\system32\YUR910.exe
O4 - HKLM\..\Run: [\YUR960.exe] C:\Windows\system32\YUR960.exe
O4 - HKLM\..\Run: [\YUR97F.exe] C:\Windows\system32\YUR97F.exe
O4 - HKLM\..\Run: [\YUR981.exe] C:\Windows\system32\YUR981.exe
O4 - HKLM\..\Run: [\YUR8DA.exe] C:\Windows\system32\YUR8DA.exe
O4 - HKLM\..\Run: [\YUR8F5.exe] C:\Windows\system32\YUR8F5.exe
O4 - HKLM\..\Run: [\YUR8F8.exe] C:\Windows\system32\YUR8F8.exe
O4 - HKLM\..\Run: [\YUR11FD.exe] C:\Windows\system32\YUR11FD.exe
O4 - HKLM\..\Run: [\YUR8EC.exe] C:\Windows\system32\YUR8EC.exe
O4 - HKLM\..\Run: [\YUR8EE.exe] C:\Windows\system32\YUR8EE.exe
O4 - HKLM\..\Run: [\YUR8EF.exe] C:\Windows\system32\YUR8EF.exe
O4 - HKLM\..\Run: [\YUR8F0.exe] C:\Windows\system32\YUR8F0.exe
O4 - HKLM\..\Run: [\YUR8F7.exe] C:\Windows\system32\YUR8F7.exe
O4 - HKLM\..\Run: [\YUR8FD.exe] C:\Windows\system32\YUR8FD.exe
O4 - HKLM\..\Run: [\YURA06.exe] C:\Windows\system32\YURA06.exe
O4 - HKLM\..\Run: [\YUR906.exe] C:\Windows\system32\YUR906.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\HP_Administrateur\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Run] "C:\Documents and Settings\HP_Administrateur\Application Data\Adobe\Manager.exe"
O4 - HKCU\..\Run: [\YUR331.exe] C:\Windows\system32\YUR331.exe
O4 - HKCU\..\Run: [\YUR35C.exe] C:\Windows\system32\YUR35C.exe
O4 - HKCU\..\Run: [\YUR3F2.exe] C:\Windows\system32\YUR3F2.exe
O4 - HKCU\..\Run: [\YUR499.exe] C:\Windows\system32\YUR499.exe
O4 - HKCU\..\Run: [\YUR8E1.exe] C:\Windows\system32\YUR8E1.exe
O4 - HKCU\..\Run: [\YUR8ED.exe] C:\Windows\system32\YUR8ED.exe
O4 - HKCU\..\Run: [\YUR930.exe] C:\Windows\system32\YUR930.exe
O4 - HKCU\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKCU\..\Run: [\YUR2C.exe] C:\Windows\system32\YUR2C.exe
O4 - HKCU\..\Run: [\YUR2D.exe] C:\Windows\system32\YUR2D.exe
O4 - HKCU\..\Run: [\YUR2E.exe] C:\Windows\system32\YUR2E.exe
O4 - HKCU\..\Run: [\YUR8E3.exe] C:\Windows\system32\YUR8E3.exe
O4 - HKCU\..\Run: [\YUR8E0.exe] C:\Windows\system32\YUR8E0.exe
O4 - HKCU\..\Run: [\YUR918.exe] C:\Windows\system32\YUR918.exe
O4 - HKCU\..\Run: [\YUR944.exe] C:\Windows\system32\YUR944.exe
O4 - HKCU\..\Run: [\YUR8DB.exe] C:\Windows\system32\YUR8DB.exe
O4 - HKCU\..\Run: [\YUR910.exe] C:\Windows\system32\YUR910.exe
O4 - HKCU\..\Run: [\YUR960.exe] C:\Windows\system32\YUR960.exe
O4 - HKCU\..\Run: [\YUR97F.exe] C:\Windows\system32\YUR97F.exe
O4 - HKCU\..\Run: [\YUR981.exe] C:\Windows\system32\YUR981.exe
O4 - HKCU\..\Run: [\YUR8DA.exe] C:\Windows\system32\YUR8DA.exe
O4 - HKCU\..\Run: [\YUR8F5.exe] C:\Windows\system32\YUR8F5.exe
O4 - HKCU\..\Run: [\YUR8F8.exe] C:\Windows\system32\YUR8F8.exe
O4 - HKCU\..\Run: [\YUR11FD.exe] C:\Windows\system32\YUR11FD.exe
O4 - HKCU\..\Run: [\YUR8EC.exe] C:\Windows\system32\YUR8EC.exe
O4 - HKCU\..\Run: [\YUR8EE.exe] C:\Windows\system32\YUR8EE.exe
O4 - HKCU\..\Run: [\YUR8EF.exe] C:\Windows\system32\YUR8EF.exe
O4 - HKCU\..\Run: [\YUR8F0.exe] C:\Windows\system32\YUR8F0.exe
O4 - HKCU\..\Run: [\YUR8F7.exe] C:\Windows\system32\YUR8F7.exe
O4 - HKCU\..\Run: [\YUR8FD.exe] C:\Windows\system32\YUR8FD.exe
O4 - HKCU\..\Run: [\YURA06.exe] C:\Windows\system32\YURA06.exe
O4 - HKCU\..\Run: [\YUR906.exe] C:\Windows\system32\YUR906.exe
O4 - HKCU\..\Policies\Explorer\Run: [NT Printing Services3] chkdskss.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: fqpsqk.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 12 / 37
Utilisateur anonyme
 
Télécharge MalewareByte's ici : http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
Installe-le et suis le tutoriel ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Tu me donnes le rapport.
@ +
0
Réponse 13 / 37
Jey
 
Désolé si je ne répond plus, je n'arrive pas à poster le rapport sur le site, je bloque à la page de confirmation, il essaye de charger les publicités mais elles ne viennent pas, et le message de confirmation n'apparait pas, je vais réessayer quelques fois, sinon j'esseyerai d'envoyer le rapport sur un autre ordinateur afin de pouvoir poster avec ce dernier, du moin essayer.
0
Réponse 14 / 37
Jey
 
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1248
Windows 5.1.2600 Service Pack 2

10.10.2008 07:17:59
mbam-log-2008-10-10 (07-17-59).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 336739
Temps écoulé: 6 hour(s), 24 minute(s), 5 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 7
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 68
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 317

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\jkkLFuut.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fqpsqk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\byXnMeBu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\akxqvfti.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\oeunya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\WinNB55.dll (Adware.Mirar) -> Delete on reboot.
C:\WINDOWS\system32\mmx25807.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15fb41f1-9560-427f-b214-ef7e321978cf} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{15fb41f1-9560-427f-b214-ef7e321978cf} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b56aa6-9b9f-450c-a0f7-c658e45e1bdd} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b56aa6-9b9f-450c-a0f7-c658e45e1bdd} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6cbe6300-759b-447a-b406-31b86293e390} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxnmebu (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6cbe6300-759b-447a-b406-31b86293e390} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09dc6d43-5ac8-44bc-aadc-806ffffbad93} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09dc6d43-5ac8-44bc-aadc-806ffffbad93} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ee36a1e-5ac8-44bc-aadc-806ffffbad93} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4ee36a1e-5ac8-44bc-aadc-806ffffbad93} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1037b06c-84b7-4240-8d80-485810a0497d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{54b287f9-fd90-4457-b65e-cb91560c021d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8a0dcbda-6e20-489c-9041-c1e8a0352e75} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0b79a5c2-da96-3662-b2a7-aee3446f279e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca4f7ab-ccca-3f86-a72f-d94e219e5903} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e0fb7a74-76fd-3631-9bd4-81d9b9a7d045} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0fb7a74-76fd-3631-9bd4-81d9b9a7d045} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6cbe6300-759b-447a-b406-31b86293e390} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur331.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur35c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3f2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur499.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ed.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur930.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2b.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur918.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur944.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8db.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur910.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur960.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur97f.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur981.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8da.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f5.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur11fd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ec.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ee.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ef.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8fd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura06.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur331.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur35c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3f2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur499.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ed.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur930.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2b.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8e0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur918.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur944.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8db.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur910.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur960.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur97f.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur981.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8da.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f5.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur11fd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ec.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ee.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8ef.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8f7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur8fd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura06.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Run (Backdoor.Bot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkklfuut -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\jkklfuut -> Delete on reboot.

Dossier(s) infecté(s):
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\jkkLFuut.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\tuuFLkkj.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\tuuFLkkj.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeunya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\byXnMeBu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bqbqnjcm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcjnqbqb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hvytnatd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dtantyvh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imuhwmwq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qwmwhumi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwsabofi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifobaswi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlekifew.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wefikelm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olhqtyph.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hpytqhlo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oosbuviv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vivubsoo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqjknsxo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oxsnkjqo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owexywat.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tawyxewo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pkhjorqs.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sqrojhkp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qaiaqmil.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\limqaiaq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ugpmcxhp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phxcmpgu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xktbcgjn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\njgcbtkx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anudimed.dll (Trojan.BHO.H) -> Delete on reboot.
C:\WINDOWS\system32\fqpsqk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\akxqvfti.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\WinNB55.dll (Adware.Mirar) -> Delete on reboot.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\is21.6371.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\YZDA2VWV\nd82m0[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
Réponse 15 / 37
Jey
 
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP505\A0090961.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP505\A0090962.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP505\A0090963.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP505\A0090964.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP505\A0090965.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090977.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090978.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090979.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090981.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090983.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090984.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090985.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090987.cpl (Rogue.MSantivirus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090988.exe (Rogue.MSantivirus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090992.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090993.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090994.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090996.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090997.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090998.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091011.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091012.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091014.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091016.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091017.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091018.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091024.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091025.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091026.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091028.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091029.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091030.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091031.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091032.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091033.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091034.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091035.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091036.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091037.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091062.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091064.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091065.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091066.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091068.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091069.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091070.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091071.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091072.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091073.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091074.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091079.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0090991.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091027.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091063.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091099.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091083.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091084.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091085.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091094.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091095.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091096.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091097.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091098.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091100.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091122.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091123.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091128.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091129.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091130.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091131.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091142.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091173.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP506\A0091188.cpl (Rogue.MSantivirus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091189.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091212.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091234.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091243.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091264.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091311.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091291.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091329.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP507\A0091372.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0092996.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0091954.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0091955.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0091982.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0091996.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0091997.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0093032.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP508\A0092997.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP509\A0093297.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP510\A0093523.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP510\A0093525.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP510\A0093526.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP510\A0093528.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0094538.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0094539.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0094540.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096140.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096158.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096079.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096125.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096128.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096131.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096133.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096136.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096138.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096139.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096142.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096143.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096146.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096147.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096148.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096149.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096151.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096152.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096153.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096154.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096155.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096156.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096160.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096162.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096165.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096166.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096167.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096168.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096171.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096172.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP511\A0096213.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP512\A0096244.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP512\A0096248.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP512\A0096249.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP512\A0096250.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP514\A0097860.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP517\A0097910.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP517\A0097946.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP517\A0098941.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP517\A0098962.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP518\A0098965.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP519\A0099131.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0100274.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0100275.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0100276.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101509.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101510.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101511.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101512.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101513.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB1807A3-5658-415C-A04D-480ADCD1D7C2}\RP527\A0101514.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\coreuhha.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cpkuntuh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cpqakmay.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hemnugvi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ivwbvygj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jadvjobh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\maenurhn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgvafrdi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\plbyffog.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qwogmlhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bbqswoyb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjgpiiab.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bquxaw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsiljo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXQGwxx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cwawcy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkvxsenr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmqthqgg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\doboviyo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dusjlqqh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eegmhkxs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehwygy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ejyeko.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekvobkuw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\exeoeqef.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffniwtga.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fggvxcht.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fhpvavbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fqulymuv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hubvyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kbgjud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\keitsftp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kertmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfikdgxa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kigrtjop.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mmx25807.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\system32\mqhjqrqi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqwvgheq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nugzmp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyrost.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oahxfssg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdahfo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\riahxs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rpawxmbk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\snjvfs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqOHaAt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqRkKef.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swkwtckm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sxkveh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\szffwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uupcbe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uvfxnxhq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdxvvtaj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wlaohmmx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wlbidtda.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wonmxong.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqltrxvp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqyzuq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gdplmr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBssssS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geqqgscj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggmhbk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glkairpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gmbctnqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnfwkvid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wupqyeay.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lleawbwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\llgbwmkx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\llmimiwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lqivcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lsjxpjkj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abppkrit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adnukhhi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptngbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\miduexcr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xegogaby.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jhexqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpqxlr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jutqkajn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccrbyjim.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mvexpvkh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mx25807.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\napsidqc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awfgpaqu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtrOGVL.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttfeybba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ubmcbs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uftcpqln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clcxkeyj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnnojn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xubsqg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xuiydqop.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xvwvegph.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zddceq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zhzhry.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ooobxqik.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ounnpz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oywmrwhm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lbhekbsv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gsvbxlkc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\igcchspv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\igmyqbdq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihxccdyx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ikslgd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\MSA.ooo (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\Adobe\Manager.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQkKcb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBSiFYq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXPGWqP.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXRLEUM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM68642cd8.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM68642cd8.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfGwVNd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUmJBSk.dll (Trojan.vundo) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
Réponse 16 / 37
Jey
 
Finalement le rapport devait être trop long, je viens de le mettre en deux fois, j'attend donc les instructions suivantes ;) Au passage merci déjà pour l'aide que tu m'offre fahd_zboot :)
0
Réponse 17 / 37
Utilisateur anonyme
 
Après avoir redémarrer ton PC, reposte moi un autre rapport hijackthis.
0
Réponse 18 / 37
Jey
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38:37, on 11.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Octoshape Streaming Services\HP_Administrateur\OctoshapeClient.exe
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\HP_Administrateur\Mes documents\VirtualDJ\virtualdj.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://worldofwarcraft.judgehype.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\HP_Administrateur\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Policies\Explorer\Run: [NT Printing Services3] chkdskss.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1223720792995&h=460e904ac742bf696a91a66f83bfe996/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: oeunya.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 19 / 37
Utilisateur anonyme
 
> Lance Hijackthis :
- Puis sélectionne <Do a system scan only>
- Coche les cases des lignes suivantes :

O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"

Ensuite,
- Clic sur <Fixe checked>

> Télécharge OTMoveIT (de Old_Timer) : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe sur ton bureau...
- Double-clique sur OTMoveIt.exe pour le lancer.
- Assure toi que la case "Unregister Dll's and Ocx's" est bien cochée !!!
- Copie le texte qui se trouve ci-dessous et colle-le dans le cadre de gauche de OTMoveIt nommé <Paste standard List of Files/Folders to be moved>.

C:\Windows\System32\chkdskss.exe

- Clique sur < MoveIt! > pour lancer la suppression.
- Lorsqu'un résultat apparaît dans le cadre Results clique sur Exit
N.B :Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
Un rapport est créé dans %SYSTEMDRIVE%\_OTMoveIt\MovedFiles\date du jour (C:\_OTMoveIt\MovedFiles\), copie-colle-le dans ta réponse suivante stp. (merci DllD)

Une question, Norton est-il vraiment indispensable, c'est une vraie m**** ?
0
Réponse 20 / 37
Jey
 
Une petite question, où je trouve %SYSTEMDRIVE%\_OTMoveIt\MovedFiles\date du jour (C:\_OTMoveIt\MovedFiles\) ?

Sinon pour Norton, quelques personnes m'ont déjà dis qu'il était limite, mais ça fait un moment que je l'ai et j'ai jamais eu de problème avec à part il y a 2semaines environ quand j'ai chopé ces infections.
0
Utilisateur anonyme
 
C'est ce dossier : C:\_OTMoveIt\MovedFiles\

En ce qui concerne Norton, désinstalle-le ainsi que Norton Sécurity machin ... et je te conseille Antivir.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses