Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Mardi 7 octobre 2008 - 23:41:14
- inscrits : 998273
- connectés : 37621
- questions/jour : 4783
- Taux de réponse : 72.03%
Antivirus gratuit trojan win 32 Comment enlever le virus trojan downloader : win32 / renos .du gratuit 100 Comment enlever trojan-clicker.win.32.tiny.h Comment enlever virus dans systeme 32 Comment suprimer le virus trojan.win32.monderb.gjo Enlever le virus warning! win 32/adware.virtumonde Forum trojan win 32 zlobdldr Kaspersky solution trojan.win.32.agent Supprimer le trojan win.32.renos Trojan Trojan win 32 Trojan win 32 bagle Trojan win 32 trat bho Trojan win 32 vun drop Trojan win 32.agent Trojan win 32.agent adrd svchost.exe Trojan win 32/zlod.au Tuer virus trojan.win32 Virus Virus trojan win Virus trojan windows security alert Virus ver win 32 pure morph Virus win 32:trojan-gen Virus worm win 32 Windows security alert trojan win 32 Éradiquer virus trojan vundo worm win.32 freetripPlus
Options Ils ont besoin de votre aide
- 23:40 Configuration de pspad pour... (Programmation)
- 23:39 recherche notice faxjet 325 philips (Windows)
- 23:39 ordinateur portable sous vista (Matériel/Hardware)
- 23:38 mise a jour firmware DD seagate (Matériel/Hardware)
- 23:36 dictaphone au format wave ? (Audio numérique)
- 23:35 kapersky internet security 7.01.325 (Virus/Sécurité)
Liste des forumsAidez-lesStatistiquesRechercherCharte
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Statut : Non résolu
bambflafy, le mardi 10 juin 2008 à 08:13:34
Comment enlever le virus trojan win 32 monder
bambflafy, le mardi 10 juin 2008 à 08:13:34Bonjour,
je suis abonnee a orange j ai l antivirus firewall et je n arrive pas a enlever le virus
mon virus et un cheval de troie
c le virus trojan win32 monder
pourier vous me dire quoi faire pour ne + l avoir s en avoir a formater mon disque dur
je suis abonnee a orange j ai l antivirus firewall et je n arrive pas a enlever le virus
mon virus et un cheval de troie
c le virus trojan win32 monder
pourier vous me dire quoi faire pour ne + l avoir s en avoir a formater mon disque dur
Configuration: Windows XP Firefox 2.0.0.14
bonjour telecharge ca http://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html met le a jour et lance une analyse approfondie de ton pc
|
tu supprime tous ce qu il te trouvera |
salut
y a un doublon : http://www.commentcamarche.net/forum/affich 6818710 comment enlever trojan win32 monder ps : ça aurait été interessant d avoir un rapport hijackthis avant .... bonne suite A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute |
| bambflafy, le mardi 10 juin 2008 à 09:41:38 voila le rapport
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:29:38, on 10/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Media Player\Plugins\Todae\RMP\RMProg.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Svconr\Svconr.exe C:\Program Files\Eroca\Eroca.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\Common\FSLAUNCH.EXE C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/... R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Application Data\part dead amok eggs\mess four.exe O4 - HKLM\..\Run: [Live Media Programmateur] C:\Program Files\Windows Media Player\Plugins\Todae\RMP\RMProg.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [BM6f53d87b] Rundll32.exe "C:\WINDOWS\system32\cemveobq.dll",s O4 - HKLM\..\Run: [6c60ebe7] rundll32.exe "C:\WINDOWS\system32\waqnjifn.dll",b O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\HP_Administrateur\Application Data\WinButler\WinButler.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [forbags] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONEBAL~1\Bind real.exe O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Super%20Mah%20Jong%20Solitaire/Images/stg_drm.ocx O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20China/Images/armhelper.ocx O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe End of file - 10513 bytes |
t as pal de saloperie
je laisse champciaux s en occupé si il est ok en attendant fais ce qui est expliqué post 1 c est a dire ceci : Telecharge malwarebytes -> http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php Tu l´instale; le programme va se mettre automatiquement a jour. Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression". Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet". Puis click sur "rechercher". Laisse le scanner le pc... Si des elements on ete trouvés > click sur supprimer la selection. si il t´es demandé de redemarrer > click sur "yes". A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum. Copie et colle le rapport stp. ps : les rapport sont aussi rangé dans l onglet rapport/log A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute |
vu que tu as plein plein plein de saloperies fait ca
tu fait un scan malwarebytes comme la dit Chiquitine29 tu supprime tous ce qu il te trouvera ensuite dans google avec internet explorer car firefox ca ne marche pas tu tappe: Scan antivirus en ligne NOD32 tu suit les instructions et lance une analyse et supprime tous ce qu il te trouvera puis toujour de la meme facon: Scan antivirus en ligne F SECURE tu suit les instructions et lance une analyse et supprime tous ce qu il te trouvera puis toujour de la meme facon Scan antivirus en ligne BITDEFENDER tu suit les instructions et lance une analyse et supprime tous ce qu il te trouvera Puis refait Scan antivirus en ligne F SECURE tu suit les instructions et lance une analyse et supprime tous ce qu il te trouvera Poste le resultat de chaque analyse ici Telecharge et installe SPYBOT SEARCH AND DESTROYE http://www.01net.com/... met le a jour puis vaxine ton systeme et fait une analyse compléte en cliquant sur vérifier tout et supprime tous ce qu il te trouvera Poste le resultat de l analyse ici Puis pour etre sur telecharge ca http://www.clubic.com/telecharger-fiche35402-gdata-antivirus.html prend la version d évaluation met le a jour et lance une analyse de ton pc Quel est ton antivirus car il vaut mieux en changer |
| bambflafy, le mardi 10 juin 2008 à 11:05:12 Malwarebytes' Anti-Malware 1.15
Version de la base de données: 830 11:03:38 10/06/2008 mbam-log-6-10-2008 (11-03-38).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 163935 Temps écoulé: 44 minute(s), 9 second(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 4 Clé(s) du Registre infectée(s): 53 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 24 Fichier(s) infecté(s): 137 Processus mémoire infecté(s): C:\Program Files\Svconr\Svconr.exe (Trojan.Clicker) -> Unloaded process successfully. C:\Program Files\Eroca\Eroca.exe (Trojan.Agent) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\colnwncy.dll (Trojan.Vundo) -> Unloaded module successfully. C:\WINDOWS\system32\vtsqq.dll (Trojan.Vundo) -> Unloaded module successfully. C:\WINDOWS\system32\waqnjifn.dll (Trojan.Vundo) -> Unloaded module successfully. C:\WINDOWS\system32\byxxvww.dll (Trojan.Vundo) -> Unloaded module successfully. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a250a1ae-02b6-4f17-b6e2-66805a36671c} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{a250a1ae-02b6-4f17-b6e2-66805a36671c} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully. \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Svconr (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b3740027-0036-49bf-98e7-04f4f903d67b} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3740027-0036-49bf-98e7-04f4f903d67b} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxxvww (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c60ebe7 (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Svconr (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Eroca (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM6f53d87b (Trojan.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b3740027-0036-49bf-98e7-04f4f903d67b} (Trojan.Vundo) -> Delete on reboot. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtsqq -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtsqq -> Delete on reboot. Dossier(s) infecté(s): C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\XP Antivirus (Rogue.XPAntivirus) -> Quarantined and deleted successfully. C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Twain (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\ColorUtility (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\Svconr (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Eroca (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\BASE (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\DELETED (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\SAVED (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\colnwncy.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\ycnwnloc.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cxrjsifp.dll_old (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pfisjrxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vtsqq.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\qqstv.ini (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\qqstv.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\waqnjifn.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\nfijnqaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\Svconr\Svconr.exe (Trojan.Clicker) -> Quarantined and deleted successfully. C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Bureau\bamby\SETUP.EXE.bak (Adware.Zango) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\cpramtfn.exe (Trojan.LowZones) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\welmpgeg.exe (Trojan.LowZones) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3CRTWW07\kb713501[1] (Trojan.LowZones) -> Quarantined and deleted successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\IKQ0H91S\17PHolmes[1].cmt (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\CPV\CPV8.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully. C:\Program Files\Temporary\inCPV.exe (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\Temporary\InsiDERInst.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP115\A0034910.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP175\A0047829.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP176\A0048833.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP177\A0048877.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP177\A0048895.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP177\A0048896.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP177\A0048914.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0049901.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0050947.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0050963.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050983.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050987.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050989.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050990.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050991.exe (Trojan.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050992.exe (Trojan.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050993.exe (Adware.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050994.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0050995.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP184\A0053302.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP185\A0053319.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP189\A0056409.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP190\A0056445.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP197\A0062934.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP198\A0064954.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071458.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071460.exe (Trojan.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071461.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071462.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071463.exe (Adware.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071464.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP202\A0071472.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP207\A0073665.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP217\A0080144.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0083416.exe (Trojan.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0083418.exe (Adware.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0087464.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0088964.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP223\A0089054.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP224\A0090116.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP224\A0090132.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP224\A0090133.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP224\A0090135.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP228\A0103340.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP229\A0103814.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP230\A0104916.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP234\A0110268.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP234\A0110286.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP234\A0110287.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\17PHOLMES2000351.0XE (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\b152.exe_old (Trojan.Insider) -> Quarantined and deleted successfully. C:\WINDOWS\b153.exe_old (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\b155.exe_old (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\b156.exe_old (Adware.Insider) -> Quarantined and deleted successfully. C:\WINDOWS\b157.exe_old (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\B999.0XE (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXrsRjg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\defcgqqa.dll_old (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fbhfuwsw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\higglegq.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hpjxoxue.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hucymnyj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jgpfucug.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kfghhoxb.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kpndwyqw.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kqnowuak.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kraekmui.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\laknkqws.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mjaapbwv.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nxpwhirb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qqfteydu.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qxucdfgm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rgsqufxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\soudivoj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\spwjwnea.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdmdwiay.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tknaoexi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vckscoyq.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\VJUEMXQG.0LL (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vstdawiw.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vxyjtnsw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Program Files\ColorUtility\ColorUtility.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\ColorUtility\uninstall.dat (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\ColorUtility\Uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\Eroca\Eroca.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080605125846326.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080605134418312.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080605135101906.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080605171117859.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080606101336234.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080606115539359.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080607142449703.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080607143500507.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080607233757314.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080607235456562.log (Rogue.MalWarrior) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrateur\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cemveobq.dll (Trojan.Agent) -> Delete on reboot. C:\Program Files\temp2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\temp3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbxvvvu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iifcbyv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iifdbya.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\byxxvww.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\rqrqolm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iqgrexnd.dll (Trojan.vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. voila et maintenant |
réouvre malewarebyte
va sur quarantaine supprime tout Télécharge clean.zip, de Malekal http://www.malekal.com/download/clean.zip (1) Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean. (2) Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd une fenêtre noire va apparaître pendant un instant, laisse la ouverte. (3) Choisis l'option 1 puis patiente Poste le rapport obtenu pour retrouver le rapport : double clique sur > C > double clique sur " rapport_clean txt. et copie/colle le sur ta prochaine réponse . Ne passe pas à l'option 2 sans notre avis ! A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute |
| bambflafy, le mardi 10 juin 2008 à 11:19:27 je n est pas clean cmd |
| bambflafy, le mardi 10 juin 2008 à 11:24:11 *** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\ *** Recherche des fichiers dans C:\WINDOWS\system32 C:\WINDOWS\system32\mcrh.tmp FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.3" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.4" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.5" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.6" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.7" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.8" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.9" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.10" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.11" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.12" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.13" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.14" FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.15" FOUND *** Recherche des fichiers dans C:\Program Files "C:\Program Files\AskTBar\" FOUND "C:\Program Files\BitDownload" FOUND "C:\Program Files\Multi_Media_France\" FOUND |
-> Redémarre en mode sans échec :
Comment redémarrer en mode sans echec? Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter. Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal! Ps : si F8 ne marche pas utilise la touche F5. -> Tuto : http://forum.telecharger.01net.com/... -> Une fois en mode sans echec, ouvre le dossier que tu auvais crée et click sur clean.cmd et choisis l'option 2. -> Redémarre normalement et poste le rapport de clean + un nouveau rapport hijackthis stp A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute |
| bambflafy, le mardi 10 juin 2008 à 11:29:29 il faut que je telecharge ce que tu ma donner avan,t |
non tu réouvre clean et tu passe l option 2 en mode sans echec
A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute |
| bambflafy, le mardi 10 juin 2008 à 11:46:54 Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:45:42, on 10/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\vVX3000.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Media Player\Plugins\Todae\RMP\RMProg.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\netdde.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\Common\FSLAUNCH.EXE C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/... R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {029375f0-33ff-48b4-a882-22a5c391da63} - (no file) O2 - BHO: (no name) - {03045743-86D1-49F4-A2F5-BE302574D3A5} - (no file) O2 - BHO: (no name) - {06399f50-16c7-4b38-886c-fcb3656264fc} - (no file) O2 - BHO: {739fbd77-b073-da58-9e94-b3d2d9e8f1d0} - {0d1f8e9d-2d3b-49e9-85ad-370b77dbf937} - C:\WINDOWS\system32\miswugrh.dll O2 - BHO: (no name) - {10EC5515-A5CE-4F7D-83F2-0764060130F5} - (no file) O2 - BHO: (no name) - {141CEA0E-8253-4021-9137-DDC8B987688E} - (no file) O2 - BHO: (no name) - {2F4297FC-09AD-4F14-9C57-B60B09773AE0} - (no file) O2 - BHO: (no name) - {507A8EC9-B086-41E4-8B42-9399C433F003} - (no file) O2 - BHO: (no name) - {549488AC-66F6-4798-A779-FD5406538A7C} - (no file) O2 - BHO: (no name) - {562D8B5E-D9E1-405E-9519-980A619D1A11} - (no file) O2 - BHO: (no name) - {61E92000-CC0E-4C18-A640-502AF501358E} - (no file) O2 - BHO: (no name) - {6821557F-9B5E-47B1-AE3F-AC7A787AA5A2} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {771AD968-FD52-4D87-A0A7-E49AA5D6E1FE} - (no file) O2 - BHO: (no name) - {8db5f28b-5b55-4a85-bc5b-f83a5d2186d3} - (no file) O2 - BHO: (no name) - {8ff7021d-02ba-4005-b517-d19745b9d2e4} - C:\WINDOWS\system32\kvcsbruy.dll (file missing) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {976B5C28-1071-4A4E-BE3E-2205134490E5} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {C0DAD046-C4AC-4EA0-896B-070C1F0FE1BE} - (no file) O2 - BHO: (no name) - {D7FFA5C3-0627-4694-8F76-58EE5E438B75} - (no file) O2 - BHO: (no name) - {D867C42D-4AA0-448E-8E12-C4AF6CB23A0F} - (no file) O2 - BHO: (no name) - {EF183657-4D2A-4130-9732-C1DEB45FCEB2} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4 |