Supprimer Personal Shield Pro
Résolu/Fermé
A voir également:
- Supprimer Personal Shield Pro
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- I14 pro max - Guide
- Supprimer edge - Guide
- Supprimer bing - Guide
11 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
16 août 2011 à 15:52
16 août 2011 à 15:52
Salut,
Télécharge RogueKiller : https://www.luanagames.com/index.fr.html
Lances en option 2 (Suppression).
Poste le rapport ici.
Si RogueKiller est bloqué - tente de le renommer en iexplore ou winlogon
Si tjrs pas - affiche les extensions de fichiers : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
Renomme RogueKiller.exe en RogueKiller.com
Télécharge RogueKiller : https://www.luanagames.com/index.fr.html
Lances en option 2 (Suppression).
Poste le rapport ici.
Si RogueKiller est bloqué - tente de le renommer en iexplore ou winlogon
Si tjrs pas - affiche les extensions de fichiers : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
Renomme RogueKiller.exe en RogueKiller.com
Merci pour la réponse.
Voici le rapport:
RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: Bérénice [Droits d'admin]
Mode: Suppression -- Date : 16/08/2011 16:05:51
Processus malicieux: 1
[SUSP PATH] nE15201GbLgP15201.exe -- c:\programdata\ne15201gblgp15201\ne15201gblgp15201.exe -> KILLED [TermProc]
Entrees de registre: 153
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[SUSP PATH] HKCU\[...]\RunOnce : nE15201GbLgP15201 (C:\ProgramData\nE15201GbLgP15201\nE15201GbLgP15201.exe) -> DELETED
[SUSP PATH] Outil de notification Live Search.lnk : C:\Users\Bérénice\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
Fichier HOSTS:
Termine : << RKreport[1].txt >>
RKreport[1].txt
Voici le rapport:
RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: Bérénice [Droits d'admin]
Mode: Suppression -- Date : 16/08/2011 16:05:51
Processus malicieux: 1
[SUSP PATH] nE15201GbLgP15201.exe -- c:\programdata\ne15201gblgp15201\ne15201gblgp15201.exe -> KILLED [TermProc]
Entrees de registre: 153
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[BLACKLIST DLL] HKCU\[...]\Run : Qnero (rundll32.exe "C:\Users\Bérénice\AppData\Local\mpexid32.dll",Startup) -> DELETED
[SUSP PATH] HKCU\[...]\RunOnce : nE15201GbLgP15201 (C:\ProgramData\nE15201GbLgP15201\nE15201GbLgP15201.exe) -> DELETED
[SUSP PATH] Outil de notification Live Search.lnk : C:\Users\Bérénice\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
Fichier HOSTS:
Termine : << RKreport[1].txt >>
RKreport[1].txt
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
16 août 2011 à 16:14
16 août 2011 à 16:14
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!
ETAPE 3:
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!
ETAPE 3:
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
Merci pour les réponses (super rapide!)
Voici le rapport de Malwarebytes:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7478
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16/08/2011 17:51:01
mbam-log-2011-08-16 (17-50-49).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 169069
Temps écoulé: 5 minute(s), 7 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Bérénice\AppData\Local\Temp\C77F.tmp (Spyware.Passwords.XGen) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\F10F.tmp (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup1629778040.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup233846176.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup2442604056.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup269598760.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup2847741096.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup3406943744.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup3545991520.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\0.10901934620473153.exe (Exploit.Drop.2) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc39302361.txt (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc39332313.txt (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe (Trojan.Agent.Gen) -> No action taken.
Je fais l'étape 3 maintenant
Voici le rapport de Malwarebytes:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7478
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16/08/2011 17:51:01
mbam-log-2011-08-16 (17-50-49).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 169069
Temps écoulé: 5 minute(s), 7 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Bérénice\AppData\Local\Temp\C77F.tmp (Spyware.Passwords.XGen) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\F10F.tmp (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup1629778040.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup233846176.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup2442604056.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup269598760.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup2847741096.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup3406943744.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\setup3545991520.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Bérénice\AppData\Local\Temp\0.10901934620473153.exe (Exploit.Drop.2) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc39302361.txt (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc39332313.txt (Trojan.Agent.Gen) -> No action taken.
c:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe (Trojan.Agent.Gen) -> No action taken.
Je fais l'étape 3 maintenant
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici les liens du rapport OTL:
http://pjjoint.malekal.com/files.php?id=3ac44b0981w9e9k5j9h6f7b12j15m7l15i6l7s13o13k713d5c13z9w13
http://pjjoint.malekal.com/files.php?id=48e039cb64u8h14x13b12y13w14d6u10t14y15b9l11p10w12q11h15i13u6j14t12
http://pjjoint.malekal.com/files.php?id=3ac44b0981w9e9k5j9h6f7b12j15m7l15i6l7s13o13k713d5c13z9w13
http://pjjoint.malekal.com/files.php?id=48e039cb64u8h14x13b12y13w14d6u10t14y15b9l11p10w12q11h15i13u6j14t12
Bonsoir,
merci pour les réponses.
Est-ce que mon problème est résolu?
Si non, est-ce que éteindre mon ordinateur peut poser des problèmes?
merci pour les réponses.
Est-ce que mon problème est résolu?
Si non, est-ce que éteindre mon ordinateur peut poser des problèmes?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
Modifié par Malekal_morte- le 18/08/2011 à 09:21
Modifié par Malekal_morte- le 18/08/2011 à 09:21
Tu avais pas supprimé ce que Malwarebyte avait détecté.
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:
:OTL
[2011/08/16 14:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\nE15201GbLgP15201
[2011/08/16 14:31:52 | 000,000,000 | ---- | M] () -- C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe
[2011/08/16 14:48:11 | 000,000,000 | ---- | M] () -- C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe
[2011/08/16 14:31:22 | 000,074,240 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\0.10901934620473153.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup1629778040.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup233846176.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup2442604056.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup269598760.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup2847741096.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup3406943744.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup3545991520.exe
* redemarre le pc sous windows et poste le rapport ici
Trojan.Karagany par Exploit sur Site WEB à cause de ton Java pas à jour
{26A24AE4-039D-4CA4-87B4-2F83216020FF} = Java(TM) 6 Update 20
=> https://www.malekal.com/java-exploit-en-augmentation-tdss-hiloti/
Java est pas à jour et contient des vulnérabilités qui peuvent mettre l'infection de ton PC.
Lire explications : https://forum.malekal.com/viewtopic.php?t=13629&start=
Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Yes, no, maybe
I don't know
Can you repeat the question?
You're not the boss of me now
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:
:OTL
[2011/08/16 14:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\nE15201GbLgP15201
[2011/08/16 14:31:52 | 000,000,000 | ---- | M] () -- C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe
[2011/08/16 14:48:11 | 000,000,000 | ---- | M] () -- C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe
[2011/08/16 14:31:22 | 000,074,240 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\0.10901934620473153.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup1629778040.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup233846176.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup2442604056.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup269598760.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup2847741096.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup3406943744.exe
[2011/08/16 14:31:36 | 000,174,592 | ---- | M] () -- C:\Users\BRNICE~1\AppData\Local\Temp\setup3545991520.exe
* redemarre le pc sous windows et poste le rapport ici
Trojan.Karagany par Exploit sur Site WEB à cause de ton Java pas à jour
{26A24AE4-039D-4CA4-87B4-2F83216020FF} = Java(TM) 6 Update 20
=> https://www.malekal.com/java-exploit-en-augmentation-tdss-hiloti/
Java est pas à jour et contient des vulnérabilités qui peuvent mettre l'infection de ton PC.
Lire explications : https://forum.malekal.com/viewtopic.php?t=13629&start=
Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Yes, no, maybe
I don't know
Can you repeat the question?
You're not the boss of me now
Merci pour la réponse,
lorsque j'ai double cliqué sur OTL, une fenêtre est apparu de Antivir Guard me disant que C:\Users\Bérénice\Desktop\OTL.exe Contient le cheval de Troie TR/Swisyn.bsct
Que dois-je répondre?
lorsque j'ai double cliqué sur OTL, une fenêtre est apparu de Antivir Guard me disant que C:\Users\Bérénice\Desktop\OTL.exe Contient le cheval de Troie TR/Swisyn.bsct
Que dois-je répondre?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
18 août 2011 à 09:21
18 août 2011 à 09:21
ignore, c'est un faux positif...
Merci pour la réponse et les explications de la cause de mon problème.
Voici le rapport d'OTL:
========== OTL ==========
Folder C:\ProgramData\nE15201GbLgP15201\ not found.
C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe moved successfully.
C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\0.10901934620473153.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup1629778040.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup233846176.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup2442604056.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup269598760.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup2847741096.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup3406943744.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup3545991520.exe moved successfully.
OTL by OldTimer - Version 3.2.26.4 log created on 08182011_102524
A part la mise à jour des logiciels, je dois faire autre chose?
Voici le rapport d'OTL:
========== OTL ==========
Folder C:\ProgramData\nE15201GbLgP15201\ not found.
C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc22.exe moved successfully.
C:\Users\Bérénice\AppData\Roaming\Adobe\plugs\mmc78.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\0.10901934620473153.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup1629778040.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup233846176.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup2442604056.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup269598760.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup2847741096.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup3406943744.exe moved successfully.
C:\Users\BRNICE~1\AppData\Local\Temp\setup3545991520.exe moved successfully.
OTL by OldTimer - Version 3.2.26.4 log created on 08182011_102524
A part la mise à jour des logiciels, je dois faire autre chose?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
18 août 2011 à 13:38
18 août 2011 à 13:38
Fais plus attention à l'avenir....
Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Si utilises Avast! - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Si utilises Avast! - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
