Comment supprimer des trojans ?

darkwinnie Messages postés 127 Statut Membre -  
darkwinnie Messages postés 127 Statut Membre -
Bonjour,
bon et bien je viens ici car j'ai le pc de mon ptit cousin qui grouille de trojan mais je ne sais pas trop par ou commencer, j'ai installé avira mais je sais que ses logiciel antivirus ne font rien sur les trojan.
j'en ai un qui s'ouvre quand j'allume mon pc en .dll je voudrai savoir comment m'en debarrasser
est ce quelqu'un peu m'aider s'il vous plai ?
merci d'avance.
Configuration: Windows XP
Internet Explorer 6.0

58 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Un utilisateur doit éliminer un cheval de Troie qui se lance au démarrage avec un fichier .dll sur un PC sous Windows XP, malgré une protection antivirus Avira.
Plusieurs conseils préconisent d'utiliser Avast Free pour la désinfection et de s'assurer qu'Antivir est à jour, puis de démarrer en mode sans échec pour lancer une analyse complète du disque C.
Après le balayage, mettre en quarantaine les éléments détectés, redémarrer normalement et, si possible, partager le rapport pour vérification; une alternative utile consiste à exécuter Malwarebytes en mode sans échec.
D'autres cas plus tenaces peuvent nécessiter des outils complémentaires comme Malwarebytes ou HijackThis pour obtenir des rapports détaillés et guider une suppression plus approfondie, voire une réinstallation propre si nécessaire.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. jorginho67 Messages postés 15447 Statut Contributeur sécurité 1 169
     
    Salut !

    facile instale avast version familiale gratuit tape ca sur google

    N'importe quoi....

    95 % des pcs que je désinfecte ici ont avast en AV.

    Avira est très bien

    Assure toi qu'Antivir est bien à jour, ( clic droit et " start update ")

    Redémarre en mode sans échec !
    Pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

    - Ouvre Antivir par le menu Démarrer / Programmes
    - Cliquez sur l'onglet Scanner.
    - Sélectionne Manual Selection
    - Sélectionne le disque C
    - Lance le scan - Mets en quarantaine tous les éléments détectés.
    - Une fois le scan terminé Enregistre le rapport.

    Redémarre en mode normal.

    Poste le rapport ici.
    3
  2. ric025
     
    Mais non, pour faire avancer Jorginho-->>

    Passe a malwarebytes en mode sans échec , Merci

    Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/­­­

    . sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
    . enregistres le sur le bureau
    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
    . Une fois la mise à jour terminée,fermes Malwarebytes
    . redémarres en mode sans échec pour savoir comment au cas ou tu ne saurais pas regarde plus bas
    . une fois en mode sans échec tu double-cliques sur l'icône de malwarebytes
    . une fois ouvert rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, cliques sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . redemarre le pc
    . une fois redémarré en mode normal double-cliques sur malwarebytes
    . rends toi dans l'onglet rapport/log
    . tu cliques dessus pour l'afficher une fois affiché
    . tu cliques sur édition en haut du bloc notes,et puis sur sélectionner tous
    . tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . tu cliques droit dans le cadre de la réponse et coller

    Si tu as besoin d'aide regarde ce tutoriel :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    (attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)

    pour redémarrer en mode sans échec : /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

    . Cliques sur Démarrer
    . Cliques sur Arrêter
    . Sélectionnes Redémarrer et au redémarrage
    . Appuis sur la touche F8 sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
    . Utilises les touches de direction pour sélectionner mode sans échec
    . puis appuis sur ENTRÉE
    . Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre
    une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude

    tuto:http://www.vista-xp.fr/forum/topic93.html
    1
  3. roh2f-du-94 Messages postés 220 Statut Membre 9
     
    facile instale avast version familiale gratuit tape ca sur google
    -1
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. darkwinnie Messages postés 127 Statut Membre 2
     
    salut, tout d'abord merci de me repondre alors oui je me doutai qu'avast ne ferai rien de plus a mes trojan je sais qu'il les detecte mais sont incapable de les supprimer alors j'ai bien fait l'analyse de C en mode sans echec je te poste le rapport.

    Avira AntiVir Personal
    Report file date: samedi 25 octobre 2008 10:52

    Scanning for 1707161 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 1) [5.1.2600]
    Boot mode: Save mode
    Username: PIERRE
    Computer name: ALIDIERE-P

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
    ANTIVIR2.VDF : 7.0.7.59 4366336 Bytes 19/10/2008 21:41:07
    ANTIVIR3.VDF : 7.0.7.89 186880 Bytes 24/10/2008 21:41:10
    Engineversion : 8.2.0.9
    AEVDF.DLL : 8.1.0.6 102772 Bytes 24/10/2008 21:41:47
    AESCRIPT.DLL : 8.1.1.9 319867 Bytes 24/10/2008 21:41:46
    AESCN.DLL : 8.1.1.3 123252 Bytes 24/10/2008 21:41:43
    AERDL.DLL : 8.1.1.2 438644 Bytes 24/10/2008 21:41:42
    AEPACK.DLL : 8.1.2.4 369014 Bytes 24/10/2008 21:41:38
    AEOFFICE.DLL : 8.1.0.29 196988 Bytes 24/10/2008 21:41:34
    AEHEUR.DLL : 8.1.0.63 1479032 Bytes 24/10/2008 21:41:32
    AEHELP.DLL : 8.1.1.2 115062 Bytes 24/10/2008 21:41:21
    AEGEN.DLL : 8.1.0.42 319861 Bytes 24/10/2008 21:41:20
    AEEMU.DLL : 8.1.0.9 393588 Bytes 24/10/2008 21:41:17
    AECORE.DLL : 8.1.2.8 172406 Bytes 24/10/2008 21:41:14
    AEBB.DLL : 8.1.0.3 53618 Bytes 24/10/2008 21:41:12
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 24/10/2008 21:41:11
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

    Configuration settings for the scan:
    Jobname..........................: BootSectorTest
    Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVCENTER_4902de3c\06c53995.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Process scan.....................: off
    Scan registry....................: off
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 25 octobre 2008 10:52

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    End of the scan: samedi 25 octobre 2008 10:52
    Used time: 00:10 Minute(s)

    The scan has been done completely.

    0 Scanning directories
    0 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    0 Files cannot be scanned
    0 Files not concerned
    0 Archives were scanned
    0 Warnings
    0 Notes
    alors j'ai pas tout compri car j'ai des trojan mais sur cette analyse il me les a pas trouvé...
    0
  6. roh2f-du-94 Messages postés 220 Statut Membre 9
     
    nn il trouve rien du tout ben fait une analyse en ligne
    0
  7. darkwinnie Messages postés 127 Statut Membre 2
     
    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1316
    Windows 5.1.2600 Service Pack 1

    25/10/2008 18:48:34
    mbam-log-2008-10-25 (18-48-33).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 146644
    Temps écoulé: 55 minute(s), 21 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 4
    Clé(s) du Registre infectée(s): 112
    Valeur(s) du Registre infectée(s): 26
    Elément(s) de données du Registre infecté(s): 19
    Dossier(s) infecté(s): 148
    Fichier(s) infecté(s): 320

    Processus mémoire infecté(s):
    C:\documents and settings\PIERRE\local settings\application data\cuees.exe (Adware.Navipromo.H) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\geBttTkh.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\mnoqsdqw.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\kxbyao.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\cbXNHXol.dll (Trojan.Vundo.H) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12f80537-3fc9-4885-9ba7-5a53fdaaef1b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{12f80537-3fc9-4885-9ba7-5a53fdaaef1b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d0dc2547-df58-4cf2-8fa2-25dee29426f6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxnhxol (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{d0dc2547-df58-4cf2-8fa2-25dee29426f6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e2eccecf-b0e1-4862-82e0-ac6062f6512c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{e2eccecf-b0e1-4862-82e0-ac6062f6512c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\vrext.vrshlext (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\vrext.vrshlext.1 (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{0dfba66b-db48-4292-831a-e7186d8a61ae} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{139c109e-08c6-4b60-9142-860b8cd5d000} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{46f309ae-9d11-4c10-9d20-2c084b1c8bce} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4cb95561-af37-4bbd-823c-1e355a744a43} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{598ca4d5-6870-47f0-b513-e3efba809b22} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{679b00b5-0783-4de4-a478-7227fdd50825} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{76157861-4996-4711-90e4-6d868b877b24} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{81da01db-8100-4865-b9b0-a83f54378435} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{910ef37b-a486-41fc-8a1b-28c5581ab3ac} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a6b2bc38-7f2a-4202-9b43-a28615727fee} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b11da4c8-52dc-44a2-b21b-02bf7a93eb5b} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b5adbfca-c6de-4e5a-a2da-70aa2933b696} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b5ae5932-f1b3-45e4-842a-59eea65b13a8} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{ba18ba7b-9567-4408-9b87-3d3990c3969e} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d56509ab-9821-4db0-bf2f-115159804140} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{dff203ea-222c-44fa-8b78-ed88b4587aa2} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{eb22b708-e0d3-4fce-800b-6dd0c5b30d42} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f1ea02f8-e536-4828-bfb7-3de7fa4d4b09} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f6e18622-dfa8-4dba-b05e-d3d147e16d44} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{963916cd-6311-485d-93dc-3bd1b9e2d2cb} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cf79dab6-0afe-4678-856d-44574d91915c} (Rogue.VirusRanger) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{13901470-5bcf-0ea6-a762-ad195455772b} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0b1511cd-37ee-4f0a-9647-cb2785b68a29} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0edcdb7d-cd9e-44e6-9e9a-adbaa85540e8} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1c613f47-70c5-4551-a264-f7254139854c} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2607facc-5c6c-443c-8d49-3bf0b0005ee3} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{612fbd09-aad2-4f1c-ba97-f56658b1161b} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6c373d24-7575-4507-972c-1814914570c9} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{712a2867-02b2-402b-8f8d-74437494dcfb} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7b9717b1-2d9b-4d14-b2da-d4bf5a28c6af} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{940f79d9-2062-41b7-a22f-9e99ffdd1b85} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9871f8af-152a-4651-834c-cdc5fe61c14c} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9e42f1b8-de23-4af5-a79a-0976e9ec5781} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a861a366-0c7a-484b-9116-f366bf0fa23f} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bc91ed21-e702-44e5-aa88-9f2f70e986c6} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e5b2709a-0e6b-45d3-83c8-ef90c2ed5340} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e6028af3-ee0a-4e49-a043-c44437680ad8} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ec39bf14-ca12-46cd-8ea2-b48d5a44350a} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f1f2ece6-0289-4992-a536-f82dfc6f6d6e} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f495ebbe-a068-41fb-89b6-c605d20a2df3} (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2a7a8ce2-1eaf-4fc0-9158-958bb6bfa5c4} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4d51e91c-e917-4b7f-89ff-abe471e16927} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{41f328e2-5e46-f5b8-0160-020188931f32} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f7f6584c-864b-411d-a410-bb2de0d33ca1} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{598ca4d5-6870-47f0-b513-e3efba809b22} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{753d7ded-2454-44a3-959d-dc3700fc6b6e} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1d0a339e-315d-4dfe-b4ee-ddd494bb31ea} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{201b9b37-848f-40bd-90ea-7b8f0aa89d6a} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{fda26383-c0cf-4d32-ac37-769d7e14581f} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{2e88f662-2027-421d-9874-f3dbc2207bab} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{c7df0578-d732-4bfb-a65b-89c1ccea01cc} (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{23624bd0-2a69-4f91-be6a-9f1f22b72c13} (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{53a8703f-53bf-4c44-8daf-fa254a1e1b8c} (Rogue.VirusRanger) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{cf79dab6-0afe-4678-856d-44574d91915c} (Rogue.VirusRanger) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d0a339e-315d-4dfe-b4ee-ddd494bb31ea} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{201b9b37-848f-40bd-90ea-7b8f0aa89d6a} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{fda26383-c0cf-4d32-ac37-769d7e14581f} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\MalwareWar.EXE (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\malwarewar 7.3 (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\virusheat 4.4 (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Web Technologies (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\VRExt.DLL (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\VRShlExt (Rogue.Virus.Rescue) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VRSVC (Rogue.VirusRescue) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\WinPGI.DLL (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\VirusRanger (Rogue.Virus.Ranger) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vrsvc (Rogue.Virus.Ranger) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8c6d7df1 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cuees (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{d0dc2547-df58-4cf2-8fa2-25dee29426f6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{2a7a8ce2-1eaf-4fc0-9158-958bb6bfa5c4} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Fichiers communs\Ahead\Lib\NeroCBUI.dll (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft inet xp.. (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm8f5e4e6d (Trojan.Agent) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\default_search_url (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\searchurl (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\search page (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\search bar (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\searchurl (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\some (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\gebtttkh -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdjsj.exe -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\gebtttkh -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (https://internetsearchservice.com/606/search-engine-optimization-seo-specialist-in-phoenix-az/?q{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.Search) -> Bad: (http://internetsearchservice.com/ie6.html) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (https://internetsearchservice.com/606/search-engine-optimization-seo-specialist-in-phoenix-az/?q{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.209 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a51fc279-2163-445f-b948-f3afab949f6d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91,85.255.112.209 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.209 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a51fc279-2163-445f-b948-f3afab949f6d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91,85.255.112.209 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.209 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{a51fc279-2163-445f-b948-f3afab949f6d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.91,85.255.112.209 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\Ultimate Fixer (Rogue.Ultimate.Fixer) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access (Adware.EGDAccess) -> Delete on reboot.
    C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\50077 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\50077\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\scripts.dlv4.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\scripts.dlv4.com\custom\1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\fp.gad-network.com\50104 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\566534424\fp.gad-network.com\50104\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-scripts.downloadv3.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-scripts.downloadv3.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-scripts.downloadv3.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-scripts.downloadv3.com\custom\4265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\es6-scripts.downloadv3.com\custom\4265\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\media.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\media.rapid-pass.net\fullpages (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\media.rapid-pass.net\fullpages\ds_v3_chatsexy (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\media.rapid-pass.net\fullpages\ds_v3_chatsexy\fullpage03 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\media.rapid-pass.net\fullpages\ds_v3_chatsexy\fullpage03\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\scripts.downloadv3.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\scripts.downloadv3.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\640827230\www.epass-key.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-www.0texkax7c6hzuidk.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-www.0texkax7c6hzuidk.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-www.0texkax7c6hzuidk.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-www.0texkax7c6hzuidk.com\custom\4337 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\es6-www.0texkax7c6hzuidk.com\custom\4337\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\fp.gad-network.com\50100 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\fp.gad-network.com\50100\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\fp.gad-network.com\50100\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\www.0texkax7c6hzuidk.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\www.0texkax7c6hzuidk.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\64691050\www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\fp.gad-network.com\50104 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\714505242\fp.gad-network.com\50104\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\fp.gad-network.com\50070 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\7704888\fp.gad-network.com\50070\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\fp.gad-network.com\50070 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\797104826\fp.gad-network.com\50070\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\fp.gad-network.com\50077 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\822909288\fp.gad-network.com\50077\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\fp.gad-network.com\50119 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\923167652\fp.gad-network.com\50119\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\fp.gad-network.com\50070 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\937796004\fp.gad-network.com\50070\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\fp.gad-network.com\50076 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\fp.gad-network.com\50076\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\fp.gad-network.com\50076\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\scripts.dlv4.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\948806334\scripts.dlv4.com\custom\1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\fp.gad-network.com\50119 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\984979449\fp.gad-network.com\50119\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Web Technologies (Trojan.Zlob) -> Quarantined and deleted successfully.
    C:\Program Files\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\717305 (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\734914 (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\527631 (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\kxbyao.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\cbXNHXol.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\geBttTkh.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\hkTttBeg.ini (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\hkTttBeg.ini2 (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\kidswpvu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uvpwsdik.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mnoqsdqw.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\wqdsqonm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ntqckmme.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\emmkcqtn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rdmqylal.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lalyqmdr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\System32\sylhtfhv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vhfthlys.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ufncctgn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ngtccnfu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\System32\kdjsj.exe (Rootkit.DNSChanger.H) -> Delete on reboot.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\cuees_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\cuees_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\cuees.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\cuees.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\rgtwwhano_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\rgtwwhano_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\PIERRE\Local Settings\Application Data\rgtwwhano.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCBUI.dll (Rogue.MalwareWar) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\734914\734914.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP238\A0337652.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP239\A0338662.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP239\A0339693.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP239\A0340709.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP240\A0340745.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP240\A0341753.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP242\A0343878.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP248\A0344100.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP252\A0366542.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP252\A0376692.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP253\A0376715.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP254\A0377755.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP255\A0381852.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP256\A0382915.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP257\A0384166.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{29C38F74-9B24-4105-A145-A21A4E52F903}\RP257\A0384167.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\abmtodal.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ieqkjp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\owfqap.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pdaltcbh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cmhxphyy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\afabehjw.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bhwjirnr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bkwoyaqm.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cgveoj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\dovrox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\etcujony.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\njghxu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nygaojic.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\oblpgilt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\phdayuqx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\phmewblg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rutsca.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tjvfylfn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\witzad.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wlgklpjx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vcpitlgs.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wpzjcc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wrifss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gsefsatm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\guynofrl.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\elembkgk.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sjsngrwt.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bqsquqkq.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\savvlwrw.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\howaxsju.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qrqkcd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xtgjbvns.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ycajgf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yqivsafx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pucptjid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vhtnjuaw.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fzchav.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\leckcz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jaktpgad.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\Crazy-girls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\CrazyGirls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\DIALSEXY.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\Videozapping.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\external-api.dlv4.com\hits\f07bdd907eb77269438a8934cae62f0b (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\external-api.dlv4.com\js\42d988d8bab02e3abe464f978ac3f7ac (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\9ccb0bf0b0c9e5722c7f21c8c65da6ed.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\9ccb0bf0b0c9e5722c7f21c8c65da6ed.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\69.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\fille.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\p01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\p02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\p03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\texte.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\183164172\fp.gad-network.com\50077\images\titre.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\external-api.dlv4.com\hits\ef150b432b93960b1b20eccf3e040d07 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\external-api.dlv4.com\js\fbdc9ccc93d04814d2449b2a66f1ef54 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\43b8c2d2c8c200db75f88c5a00eca62a.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\43b8c2d2c8c200db75f88c5a00eca62a.html.netID (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\43b8c2d2c8c200db75f88c5a00eca62a.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\bckg.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\FR\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\247454448\fp.gad-network.com\50076\images\FR\index_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\external-api.dlv4.com\hits\b1798c8014de5549f55652e1da0b8089 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\external-api.dlv4.com\js\3b689a450e117dd6b82ef14215e44e5e (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\e0bffd64cc59db21756d0d512f796632.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\e0bffd64cc59db21756d0d512f796632.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\bckg.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_01.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_04.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_05.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\256736874\fp.gad-network.com\50119\images\index_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\CrazyGirls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\external-api.dlv4.com\hits\69598191b02ed7dd19d13f5ecf6606ac (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\external-api.dlv4.com\js\3b689a450e117dd6b82ef14215e44e5e (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\e0bffd64cc59db21756d0d512f796632.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\e0bffd64cc59db21756d0d512f796632.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\bckg.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\index_01.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\index_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\index_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\index_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\392465131\fp.gad-network.com\50119\images\index_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\external-api.dlv4.com\hits\b2065f42320b96134138427288a880c9 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\external-api.dlv4.com\js\a5000c5592148a9e95ed617a876b70b3 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\45076af9bf3b8adc7fd62d1fec564947.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\45076af9bf3b8adc7fd62d1fec564947.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\50077\images\69.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Dialer\543517852\fp.gad-network.com\50077\images\but
    0
    1. faillle du net Messages postés 9 Statut Membre
       
      je pense que une foi la fameuse et longue supprésion de l'elevage tu devrais télécharger CCleaner:
      CCleaner
      puis fait une analyse registre et tout tout car ses le principe des trojans i font croire qui sont plus las mais i infeste les clef registre que les antivirus non pas le droit de mettre en quarantaine donc
      ccleaner>registre>analyse>réparer toute les erreurs
      0
  8. darkwinnie Messages postés 127 Statut Membre 2
     
    punaise ç_a beug ou quoi j'arrive pas a tez poster le rapport....
    0
  9. darkwinnie Messages postés 127 Statut Membre 2
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:56:54, on 26/10/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\WgaTray.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    0
  10. darkwinnie Messages postés 127 Statut Membre 2
     
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9054CF33-895F-4CE4-97B8-7EB6155121F5} - C:\WINDOWS\System32\tuvVmjhh.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe" /min
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [wdokbye.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\PIERRE\Local Settings\Application Data\wdokbye.dll",bpzgoi
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [acdtzoot] c:\windows\system32\acdtzoot.exe acdtzoot
    O4 - HKLM\..\Run: [grhveqwzv] c:\windows\system32\grhveqwzv.exe grhveqwzv
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
    O4 - HKCU\..\Run: [rgtwwhano] c:\documents and settings\pierre\local settings\application data\rgtwwhano.exe rgtwwhano
    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus2008\Antvrs.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    0
  11. ric025
     
    Toujours des problèmes pour poster? il faudrait le rapport en une seule partie et en entier bien sûr!

    :)
    0
  12. darkwinnie Messages postés 127 Statut Membre 2
     
    erf ben oui je galere je poste le rapport et j'vais voir si il y est bien et rien il m'enerve ché pas ce qu'il a quoi !
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:56:54, on 26/10/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\WgaTray.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9054CF33-895F-4CE4-97B8-7EB6155121F5} - C:\WINDOWS\System32\tuvVmjhh.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe" /min
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [wdokbye.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\PIERRE\Local Settings\Application Data\wdokbye.dll",bpzgoi
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [acdtzoot] c:\windows\system32\acdtzoot.exe acdtzoot
    O4 - HKLM\..\Run: [grhveqwzv] c:\windows\system32\grhveqwzv.exe grhveqwzv
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
    O4 - HKCU\..\Run: [rgtwwhano] c:\documents and settings\pierre\local settings\application data\rgtwwhano.exe rgtwwhano
    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus2008\Antvrs.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O15 - Trusted Zone: https://www.skyrock.com/
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O20 - AppInit_DLLs: kxbyao.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe (file missing)
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O24 - Desktop Component 0: (no name) - http://won.won-fma.com/images/tomes/mini-naruto-tome-35.jpg
    O24 - Desktop Component 1: (no name) - http://www.univers-paquita.com/fondecranhiver/03.jpg
    O24 - Desktop Component 2: (no name) - http://www.chezmonami-bijou.com/creations_amies/cartes-Noel/Image3.jpg
    0
  13. darkwinnie Messages postés 127 Statut Membre 2
     
    ah enfin j'y suis arrivé !
    0
  14. ric025
     
    Relance hijack et clique cette fois sur "do a scan only".

    Coche les lignes suivantes:

    O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"

    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus2008\Antvrs.exe

    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus2008\Antvrs.exe

    O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe (file missing)

    Clique sur "fix checked".

    Supprime Winantivirus pro 2006 de ton PC!
    =Redémarre en mode sans échec ( tapote F8 avant le démarrage de windows)
    = Panneau de configuration / Ajout et suppréssion des programmes / Winantivirus pro / supprimer.
    = Démarrer / rechercher / Winantivirus pro 2006 Et supprime TOUT ce qu'il trouve
    = Vider la corbeille
    ---------------------------------------------------------------------------------------------
    reposte un hijackthis stp!

    A+
    0
  15. darkwinnie Messages postés 127 Statut Membre 2
     
    alors impossible de trouver quoi que ce soit sur winantirivrus
    j'ai toujours un ptit dll windokbye au demarrage du pc...
    0
  16. darkwinnie Messages postés 127 Statut Membre 2
     
    ben ecoute ça fait 10min que jessaye mais ça marche pas....
    0
  17. ric025
     
    Ca dit quoi? Essaie par MP, que je jette un coup d'oeil, je vais aller au lit! Au pire, si ça passe par MP, je le colle ici pour Jorginho demain.
    0
  18. darkwinnie Messages postés 127 Statut Membre 2
     
    euh c quoi MP ? :s
    0
  19. darkwinnie Messages postés 127 Statut Membre 2
     
    j'te l'ai filé par MP ;) moi ausis vais pas tarder a aller au lit :)
    0
    1. ric025
       
      Je t'ai laissé un MP. A++
      0
  • 1
  • 2
  • 3