horse trojan generic
Dernière réponse : dans Sécurité
Suite à une infection par trojan horse generic qui s'est ensuite suivi par tout plein d'autre saloperies, je suis passé en mode sans echec et aie executé un scan complet ac ewido, un ac ad aware se personnal et un ac spybot. Mais rien à faire quelques minutes apres le redémarrage le cheval de troie à de nouveau été detecté.
Pourriez vous m'aider en me disant comment est ce que je peux me débarrasser de ce trojan.
Voici mon log HijackThis s'il peut servir....
Merci d'avance pour votre aide
Logfile of HijackThis v1.99.1
Scan saved at 10:02:38, on 21/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\kernels8.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\xpupdate.exe
C:\WINDOWS\system32\taskdir.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\dlh9jkdq2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-malware\oldewido.exe
C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Class - {2D5388E6-6772-1F4F-FCD6-1FAF6A385D82} - C:\WINDOWS\acsha1.dll (file missing)
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels8.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Pourriez vous m'aider en me disant comment est ce que je peux me débarrasser de ce trojan.
Voici mon log HijackThis s'il peut servir....
Merci d'avance pour votre aide
Logfile of HijackThis v1.99.1
Scan saved at 10:02:38, on 21/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\kernels8.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\xpupdate.exe
C:\WINDOWS\system32\taskdir.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\dlh9jkdq2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-malware\oldewido.exe
C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Class - {2D5388E6-6772-1F4F-FCD6-1FAF6A385D82} - C:\WINDOWS\acsha1.dll (file missing)
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels8.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Autres pages sur : horse trojan generic
Lassé par la pub ? Créez un compte
Bonsoir,
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
Voici le résultat
Merci beaucoup pour ton aide
SmitFraudFix v2.81
Rapport fait à 20:06:32,56, 24/08/2006
Executé à partir de C:\Documents and Settings\Dr@fty\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\dlh9jkdq?.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dr@fty\Application Data
C:\Documents and Settings\Dr@fty\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dr@fty\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Merci beaucoup pour ton aide
SmitFraudFix v2.81
Rapport fait à 20:06:32,56, 24/08/2006
Executé à partir de C:\Documents and Settings\Dr@fty\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\dlh9jkdq?.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dr@fty\Application Data
C:\Documents and Settings\Dr@fty\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dr@fty\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Redémarre en mode sans échec
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.
Poste un rapport Hijackthis
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.
Poste un rapport Hijackthis
Voici le premier rapport:
SmitFraudFix v2.81
Rapport fait à 21:06:28,42, 24/08/2006
Executé à partir de C:\Documents and Settings\Dr@fty\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\dlh9jkdq?.exe supprimé
C:\Documents and Settings\Dr@fty\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Voici le second :
Logfile of HijackThis v1.99.1
Scan saved at 21:21:05, on 24/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Class - {2D5388E6-6772-1F4F-FCD6-1FAF6A385D82} - C:\WINDOWS\acsha1.dll (file missing)
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
SmitFraudFix v2.81
Rapport fait à 21:06:28,42, 24/08/2006
Executé à partir de C:\Documents and Settings\Dr@fty\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\dlh9jkdq?.exe supprimé
C:\Documents and Settings\Dr@fty\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Voici le second :
Logfile of HijackThis v1.99.1
Scan saved at 21:21:05, on 24/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Class - {2D5388E6-6772-1F4F-FCD6-1FAF6A385D82} - C:\WINDOWS\acsha1.dll (file missing)
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Re,
- Fais un scan en ligne Kaspersky :
. Scan la zone critique
. Sauvegarde puis colle le rapport en fin d'analyse
Aide pour le scan en ligne.
NOTES :
- Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Vas dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
- Si tu n'arrive toujours pas à utiliser le scan en ligne, fait un scan en ligne Panda
. /!\ Lorsqu'il te faudra entrée ton adresse e-mail, clique sur I don't accept (en bas)
. Poste le rapport en fin d'analyse
. Si tu as Avast! désactive-le.
- Fais un scan en ligne Kaspersky :
. Scan la zone critique
. Sauvegarde puis colle le rapport en fin d'analyse
Aide pour le scan en ligne.
NOTES :
- Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Vas dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
- Si tu n'arrive toujours pas à utiliser le scan en ligne, fait un scan en ligne Panda
. /!\ Lorsqu'il te faudra entrée ton adresse e-mail, clique sur I don't accept (en bas)
. Poste le rapport en fin d'analyse
. Si tu as Avast! désactive-le.
Voici le raport avec Panda l'autre ne marchant pas :
Merci pour ton aide
Incident Status Location
Adware:Adware/SaveNow Not disinfected C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\components\whenu_ff.dll
Adware:adware/adsmart Not disinfected c:\windows\system32\vx.tll
Adware:adware/vog Not disinfected Windows Registry
Adware:adware/intcodec Not disinfected Windows Registry
Adware:adware/ieloader Not disinfected Windows Registry
Potentially unwanted tool:application/kill&clean Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF69DF00-2734-477F-8257-27CD04F88779}
Adware:adware/systemdoctor Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.min Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB893839-10F0-4AF9-92FA-B23528F530AF}
Adware:adware/spywaresheriff Not disinfected Windows Registry
Adware:adware/adrotator Not disinfected Windows Registry
Adware:adware/netword Not disinfected Windows Registry
Adware:adware/wetoffice Not disinfected Windows Registry
Adware:adware/spywaresoftstop Not disinfected Windows Registry
Adware:adware/mmediapd Not disinfected Windows Registry
Adware:adware/click Not disinfected Windows Registry
Adware:adware/quantos Not disinfected Windows Registry
Spyware:spyware/browseraccelerator Not disinfected Windows Registry
Adware:adware/wmmafia Not disinfected Windows Registry
Adware:adware/sinabar Not disinfected Windows Registry
Adware:adware/psic Not disinfected Windows Registry
Adware:adware/ourxin Not disinfected Windows Registry
Adware:adware/idonate Not disinfected Windows Registry
Adware:adware/brands Not disinfected Windows Registry
Adware:adware/eztracks Not disinfected Windows Registry
Adware:adware/roogoo Not disinfected Windows Registry
Adware:adware/targetad Not disinfected Windows Registry
Adware:adware/yazzle Not disinfected Windows Registry
Adware:adware/gator.gotsmiley Not disinfected Windows Registry
Adware:adware/spywarequake Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.gun Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFB51760-344E-4FFB-BFFF-4B18C7AC1D63}
Potentially unwanted tool:application/seekmo Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38}
Adware:adware/trustin Not disinfected Windows Registry
Adware:adware/emediacodec Not disinfected Windows Registry
Adware:adware/flyswat Not disinfected Windows Registry
Adware:adware/ready2wear Not disinfected Windows Registry
Spyware:spyware/searchnet Not disinfected Windows Registry
Potentially unwanted tool:application/mediapipe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFDBB222-DEA9-4C12-B3A3-A13C2985E3EE}
Adware:adware/shorty Not disinfected Windows Registry
Adware:adware/spyfalcon Not disinfected Windows Registry
Adware:adware/alfacleaner Not disinfected Windows Registry
Adware:adware/adwaresheriff Not disinfected Windows Registry
Adware:adware/confusearch Not disinfected Windows Registry
Potentially unwanted tool:application/malwarewipe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3103509-F6EC-4592-B5F2-FD862199D778}
Adware:adware/youcouldwinthis Not disinfected Windows Registry
Potentially unwanted tool:application/errorsafe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6AE7418B-229F-4A2C-AE1B-D5962888F02D}
Adware:adware/spywarestrike Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.fgw Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF25B447-C0EF-49BB-97D8-D7C3FA27DF5F}
Adware:adware/fchelp Not disinfected Windows Registry
Adware:adware/rbtoolbar Not disinfected Windows Registry
Adware:adware/dropspam Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.epr Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E15D681-1D20-11D4-8B72-000021DA1956}
Adware:adware/startpage.anl Not disinfected Windows Registry
Adware:adware/crystalys Not disinfected Windows Registry
Adware:adware/adwhere Not disinfected Windows Registry
Adware:adware/winhound Not disinfected Windows Registry
Adware:adware/cws.payfortraffic Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.dxp Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C881E6FC-C673-4FDD-AEF8-B36DFB10E401}
Potentially unwanted tool:application/spyaxe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72}
Adware:adware/enhancemsearch Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.dvj Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c32ee4cb-e99f-4147-bfae-67ff3b6f8076}
Adware:adware/borlander Not disinfected Windows Registry
Adware:adware/mytoolbar Not disinfected Windows Registry
Adware:adware/cws.ezsearch Not disinfected Windows Registry
Adware:adware/ipend Not disinfected Windows Registry
Adware:adware/pigsearch Not disinfected Windows Registry
Adware:adware/securitytoolbar Not disinfected Windows Registry
Adware:adware/sweetbar Not disinfected Windows Registry
Adware:adware/syslibie Not disinfected Windows Registry
Adware:adware/videoc Not disinfected Windows Registry
Adware:adware/spyaxe Not disinfected Windows Registry
Adware:adware/falkag Not disinfected Windows Registry
Adware:adware/zeropopup Not disinfected Windows Registry
Adware:adware/webext Not disinfected Windows Registry
Adware:adware/bdnl Not disinfected Windows Registry
Adware:adware/masterbar Not disinfected Windows Registry
Adware:adware/ist.csearch Not disinfected Windows Registry
Adware:adware/cramtoolbar Not disinfected Windows Registry
Adware:adware/commad Not disinfected Windows Registry
Adware:adware/cashsaver Not disinfected Windows Registry
Adware:adware/bonzibuddy Not disinfected Windows Registry
Adware:adware/blowsearch Not disinfected Windows Registry
Adware:adware/affilred Not disinfected Windows Registry
Adware:adware/adultlinks Not disinfected Windows Registry
Adware:adware/adservernow Not disinfected Windows Registry
Adware:adware/adbars Not disinfected Windows Registry
Adware:adware/cashdeluxe Not disinfected Windows Registry
Potentially unwanted tool:application/errorguard Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{205ff73b-ca67-11d5-99dd-444553540006}
Adware:adware/mpgcom Not disinfected Windows Registry
Adware:adware/surfassistant Not disinfected Windows Registry
Adware:adware/morwillsearch Not disinfected Windows Registry
Adware:adware/infocrawler Not disinfected Windows Registry
Adware:adware/adcom Not disinfected Windows Registry
Adware:adware/easyerror Not disinfected Windows Registry
Adware:adware/weblookup Not disinfected Windows Registry
Adware:adware/customtoolbar Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.dkf Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845}
Adware:adware/quickbar Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.dji Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C24626A-CC0D-49d6-8454-AAA5B97D4410}
Dialer![:D]( ":D")
ialer.dip Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC3185AE-864F-4E62-9321-0E9FA1CBE6A4}
Adware:adware/2search Not disinfected Windows Registry
Adware:adware/upspiralbar Not disinfected Windows Registry
Adware:adware/uppcbar Not disinfected Windows Registry
Adware:adware/5-search Not disinfected Windows Registry
Adware:adware/bondreal Not disinfected Windows Registry
Adware:adware/popupsearches Not disinfected Windows Registry
Potentially unwanted tool:application/winfixer2005 Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C65AEF6-E413-4314-815B-82717A3F1603}
Adware:adware/securityerror Not disinfected Windows Registry
Adware:adware/mediaplex Not disinfected Windows Registry
Adware:adware/favadd Not disinfected Windows Registry
Adware:adware/windrv Not disinfected Windows Registry
Adware:adware/ddos Not disinfected Windows Registry
Adware:adware/activshopper Not disinfected Windows Registry
Adware:adware/mariasearch Not disinfected Windows Registry
Adware:adware/ieplus Not disinfected Windows Registry
Adware:adware/bestsearchengine Not disinfected Windows Registry
Adware:adware/qoologic Not disinfected Windows Registry
Adware:adware/searchresults Not disinfected Windows Registry
Adware:adware/cws.customie Not disinfected Windows Registry
Adware:adware/block-checker Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.cso Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6BC36767-3FCC-4948-8A13-703F887A3E87}
Adware:adware/adblock Not disinfected Windows Registry
Adware:adware/thingies Not disinfected Windows Registry
Adware:adware/spyblast Not disinfected Windows Registry
Adware:adware/enhsrch Not disinfected Windows Registry
Adware:adware/riversoft Not disinfected Windows Registry
Adware:adware/invisiblepop Not disinfected Windows Registry
Adware:adware/henbang Not disinfected Windows Registry
Adware:adware/stripplayer Not disinfected Windows Registry
Adware:adware/shoppingcommunity Not disinfected Windows Registry
Adware:adware/appoli Not disinfected Windows Registry
Adware:adware/bdsearch Not disinfected Windows Registry
Adware:adware/gxb Not disinfected Windows Registry
Adware:adware/veevo Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.bnz Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D7334F5-CF58-4F22-8502-6CC0ACB2FE6B}
Adware:adware/searchexplorer Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.bmt Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8512B008-B0AA-451F-A744-A289FD8FFDE6}
Adware:adware/popupdefence Not disinfected Windows Registry
Adware:adware/seekseek Not disinfected Windows Registry
Adware:adware/winres Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.bkj Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E}
Adware:adware/browserplugin Not disinfected Windows Registry
Adware:adware/clicker.b Not disinfected Windows Registry
Adware:adware/surfplugin Not disinfected Windows Registry
Adware:adware/consumeralertsystem Not disinfected Windows Registry
Adware:adware/afaenhance Not disinfected Windows Registry
Adware:adware/seeqbar Not disinfected Windows Registry
Adware:adware/alibabar Not disinfected Windows Registry
Adware:adware/dudu Not disinfected Windows Registry
Adware:adware/hoonter Not disinfected Windows Registry
Adware:adware/ietoolbar Not disinfected Windows Registry
Adware:adware/psguard Not disinfected Windows Registry
Adware:adware/oemji Not disinfected Windows Registry
Adware:adware/winstat Not disinfected Windows Registry
Adware:adware/diytoolbar Not disinfected Windows Registry
Adware:adware/moneygainer Not disinfected Windows Registry
Adware:adware/weirdontheweb Not disinfected Windows Registry
Adware:adware/antivirus-gold Not disinfected Windows Registry
Adware:adware/kz515 Not disinfected Windows Registry
Adware:adware/miamore Not disinfected Windows Registry
Dialer![:D]( ":D")
ialer.cbz Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17243282-24D7-01A5-B2CE-4AD63FBA0B93}
Adware:adware/g-search Not disinfected Windows Registry
Adware:adware/bigtrafficnet Not disinfected Windows Registry
Adware:adware/maxifiles Not disinfected Windows Registry
Spyware:spyware/lefeat Not disinfected Windows Registry
Adware:adware/craft Not disinfected Windows Registry
Adware:adware/aurora Not disinfected Windows Registry
Adware:adware/digitalnames Not disinfected Windows Registry
Adware:adware/redbanner Not disinfected Windows Registry
Adware:adware/coolsavings Not disinfected Windows Registry
Adware:adware/richfind Not disinfected Windows Registry
Adware:adware/ctxpopup Not disinfected Windows Registry
Adware:adware/stickypops Not disinfected Windows Registry
Adware:adware/startpage.wl Not disinfected Windows Registry
Adware:adware/startpage.wh Not disinfected Windows Registry
Adware:adware/wazzup Not disinfected Windows Registry
Adware:adware/imgiant Not disinfected Windows Registry
Potentially unwanted tool:application/need2find Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{630D6140-04C5-4db0-B27A-020D766FF09B}
Merci pour ton aide
Incident Status Location
Adware:Adware/SaveNow Not disinfected C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\components\whenu_ff.dll
Adware:adware/adsmart Not disinfected c:\windows\system32\vx.tll
Adware:adware/vog Not disinfected Windows Registry
Adware:adware/intcodec Not disinfected Windows Registry
Adware:adware/ieloader Not disinfected Windows Registry
Potentially unwanted tool:application/kill&clean Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF69DF00-2734-477F-8257-27CD04F88779}
Adware:adware/systemdoctor Not disinfected Windows Registry
Dialer
ialer.min Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB893839-10F0-4AF9-92FA-B23528F530AF} Adware:adware/spywaresheriff Not disinfected Windows Registry
Adware:adware/adrotator Not disinfected Windows Registry
Adware:adware/netword Not disinfected Windows Registry
Adware:adware/wetoffice Not disinfected Windows Registry
Adware:adware/spywaresoftstop Not disinfected Windows Registry
Adware:adware/mmediapd Not disinfected Windows Registry
Adware:adware/click Not disinfected Windows Registry
Adware:adware/quantos Not disinfected Windows Registry
Spyware:spyware/browseraccelerator Not disinfected Windows Registry
Adware:adware/wmmafia Not disinfected Windows Registry
Adware:adware/sinabar Not disinfected Windows Registry
Adware:adware/psic Not disinfected Windows Registry
Adware:adware/ourxin Not disinfected Windows Registry
Adware:adware/idonate Not disinfected Windows Registry
Adware:adware/brands Not disinfected Windows Registry
Adware:adware/eztracks Not disinfected Windows Registry
Adware:adware/roogoo Not disinfected Windows Registry
Adware:adware/targetad Not disinfected Windows Registry
Adware:adware/yazzle Not disinfected Windows Registry
Adware:adware/gator.gotsmiley Not disinfected Windows Registry
Adware:adware/spywarequake Not disinfected Windows Registry
Dialer
ialer.gun Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFB51760-344E-4FFB-BFFF-4B18C7AC1D63} Potentially unwanted tool:application/seekmo Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38}
Adware:adware/trustin Not disinfected Windows Registry
Adware:adware/emediacodec Not disinfected Windows Registry
Adware:adware/flyswat Not disinfected Windows Registry
Adware:adware/ready2wear Not disinfected Windows Registry
Spyware:spyware/searchnet Not disinfected Windows Registry
Potentially unwanted tool:application/mediapipe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFDBB222-DEA9-4C12-B3A3-A13C2985E3EE}
Adware:adware/shorty Not disinfected Windows Registry
Adware:adware/spyfalcon Not disinfected Windows Registry
Adware:adware/alfacleaner Not disinfected Windows Registry
Adware:adware/adwaresheriff Not disinfected Windows Registry
Adware:adware/confusearch Not disinfected Windows Registry
Potentially unwanted tool:application/malwarewipe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3103509-F6EC-4592-B5F2-FD862199D778}
Adware:adware/youcouldwinthis Not disinfected Windows Registry
Potentially unwanted tool:application/errorsafe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6AE7418B-229F-4A2C-AE1B-D5962888F02D}
Adware:adware/spywarestrike Not disinfected Windows Registry
Dialer
ialer.fgw Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF25B447-C0EF-49BB-97D8-D7C3FA27DF5F} Adware:adware/fchelp Not disinfected Windows Registry
Adware:adware/rbtoolbar Not disinfected Windows Registry
Adware:adware/dropspam Not disinfected Windows Registry
Dialer
ialer.epr Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E15D681-1D20-11D4-8B72-000021DA1956} Adware:adware/startpage.anl Not disinfected Windows Registry
Adware:adware/crystalys Not disinfected Windows Registry
Adware:adware/adwhere Not disinfected Windows Registry
Adware:adware/winhound Not disinfected Windows Registry
Adware:adware/cws.payfortraffic Not disinfected Windows Registry
Dialer
ialer.dxp Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C881E6FC-C673-4FDD-AEF8-B36DFB10E401} Potentially unwanted tool:application/spyaxe Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72}
Adware:adware/enhancemsearch Not disinfected Windows Registry
Dialer
ialer.dvj Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c32ee4cb-e99f-4147-bfae-67ff3b6f8076} Adware:adware/borlander Not disinfected Windows Registry
Adware:adware/mytoolbar Not disinfected Windows Registry
Adware:adware/cws.ezsearch Not disinfected Windows Registry
Adware:adware/ipend Not disinfected Windows Registry
Adware:adware/pigsearch Not disinfected Windows Registry
Adware:adware/securitytoolbar Not disinfected Windows Registry
Adware:adware/sweetbar Not disinfected Windows Registry
Adware:adware/syslibie Not disinfected Windows Registry
Adware:adware/videoc Not disinfected Windows Registry
Adware:adware/spyaxe Not disinfected Windows Registry
Adware:adware/falkag Not disinfected Windows Registry
Adware:adware/zeropopup Not disinfected Windows Registry
Adware:adware/webext Not disinfected Windows Registry
Adware:adware/bdnl Not disinfected Windows Registry
Adware:adware/masterbar Not disinfected Windows Registry
Adware:adware/ist.csearch Not disinfected Windows Registry
Adware:adware/cramtoolbar Not disinfected Windows Registry
Adware:adware/commad Not disinfected Windows Registry
Adware:adware/cashsaver Not disinfected Windows Registry
Adware:adware/bonzibuddy Not disinfected Windows Registry
Adware:adware/blowsearch Not disinfected Windows Registry
Adware:adware/affilred Not disinfected Windows Registry
Adware:adware/adultlinks Not disinfected Windows Registry
Adware:adware/adservernow Not disinfected Windows Registry
Adware:adware/adbars Not disinfected Windows Registry
Adware:adware/cashdeluxe Not disinfected Windows Registry
Potentially unwanted tool:application/errorguard Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{205ff73b-ca67-11d5-99dd-444553540006}
Adware:adware/mpgcom Not disinfected Windows Registry
Adware:adware/surfassistant Not disinfected Windows Registry
Adware:adware/morwillsearch Not disinfected Windows Registry
Adware:adware/infocrawler Not disinfected Windows Registry
Adware:adware/adcom Not disinfected Windows Registry
Adware:adware/easyerror Not disinfected Windows Registry
Adware:adware/weblookup Not disinfected Windows Registry
Adware:adware/customtoolbar Not disinfected Windows Registry
Dialer
ialer.dkf Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} Adware:adware/quickbar Not disinfected Windows Registry
Dialer
ialer.dji Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C24626A-CC0D-49d6-8454-AAA5B97D4410} Dialer
ialer.dip Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC3185AE-864F-4E62-9321-0E9FA1CBE6A4} Adware:adware/2search Not disinfected Windows Registry
Adware:adware/upspiralbar Not disinfected Windows Registry
Adware:adware/uppcbar Not disinfected Windows Registry
Adware:adware/5-search Not disinfected Windows Registry
Adware:adware/bondreal Not disinfected Windows Registry
Adware:adware/popupsearches Not disinfected Windows Registry
Potentially unwanted tool:application/winfixer2005 Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C65AEF6-E413-4314-815B-82717A3F1603}
Adware:adware/securityerror Not disinfected Windows Registry
Adware:adware/mediaplex Not disinfected Windows Registry
Adware:adware/favadd Not disinfected Windows Registry
Adware:adware/windrv Not disinfected Windows Registry
Adware:adware/ddos Not disinfected Windows Registry
Adware:adware/activshopper Not disinfected Windows Registry
Adware:adware/mariasearch Not disinfected Windows Registry
Adware:adware/ieplus Not disinfected Windows Registry
Adware:adware/bestsearchengine Not disinfected Windows Registry
Adware:adware/qoologic Not disinfected Windows Registry
Adware:adware/searchresults Not disinfected Windows Registry
Adware:adware/cws.customie Not disinfected Windows Registry
Adware:adware/block-checker Not disinfected Windows Registry
Dialer
ialer.cso Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6BC36767-3FCC-4948-8A13-703F887A3E87} Adware:adware/adblock Not disinfected Windows Registry
Adware:adware/thingies Not disinfected Windows Registry
Adware:adware/spyblast Not disinfected Windows Registry
Adware:adware/enhsrch Not disinfected Windows Registry
Adware:adware/riversoft Not disinfected Windows Registry
Adware:adware/invisiblepop Not disinfected Windows Registry
Adware:adware/henbang Not disinfected Windows Registry
Adware:adware/stripplayer Not disinfected Windows Registry
Adware:adware/shoppingcommunity Not disinfected Windows Registry
Adware:adware/appoli Not disinfected Windows Registry
Adware:adware/bdsearch Not disinfected Windows Registry
Adware:adware/gxb Not disinfected Windows Registry
Adware:adware/veevo Not disinfected Windows Registry
Dialer
ialer.bnz Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D7334F5-CF58-4F22-8502-6CC0ACB2FE6B} Adware:adware/searchexplorer Not disinfected Windows Registry
Dialer
ialer.bmt Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8512B008-B0AA-451F-A744-A289FD8FFDE6} Adware:adware/popupdefence Not disinfected Windows Registry
Adware:adware/seekseek Not disinfected Windows Registry
Adware:adware/winres Not disinfected Windows Registry
Dialer
ialer.bkj Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} Adware:adware/browserplugin Not disinfected Windows Registry
Adware:adware/clicker.b Not disinfected Windows Registry
Adware:adware/surfplugin Not disinfected Windows Registry
Adware:adware/consumeralertsystem Not disinfected Windows Registry
Adware:adware/afaenhance Not disinfected Windows Registry
Adware:adware/seeqbar Not disinfected Windows Registry
Adware:adware/alibabar Not disinfected Windows Registry
Adware:adware/dudu Not disinfected Windows Registry
Adware:adware/hoonter Not disinfected Windows Registry
Adware:adware/ietoolbar Not disinfected Windows Registry
Adware:adware/psguard Not disinfected Windows Registry
Adware:adware/oemji Not disinfected Windows Registry
Adware:adware/winstat Not disinfected Windows Registry
Adware:adware/diytoolbar Not disinfected Windows Registry
Adware:adware/moneygainer Not disinfected Windows Registry
Adware:adware/weirdontheweb Not disinfected Windows Registry
Adware:adware/antivirus-gold Not disinfected Windows Registry
Adware:adware/kz515 Not disinfected Windows Registry
Adware:adware/miamore Not disinfected Windows Registry
Dialer
ialer.cbz Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17243282-24D7-01A5-B2CE-4AD63FBA0B93} Adware:adware/g-search Not disinfected Windows Registry
Adware:adware/bigtrafficnet Not disinfected Windows Registry
Adware:adware/maxifiles Not disinfected Windows Registry
Spyware:spyware/lefeat Not disinfected Windows Registry
Adware:adware/craft Not disinfected Windows Registry
Adware:adware/aurora Not disinfected Windows Registry
Adware:adware/digitalnames Not disinfected Windows Registry
Adware:adware/redbanner Not disinfected Windows Registry
Adware:adware/coolsavings Not disinfected Windows Registry
Adware:adware/richfind Not disinfected Windows Registry
Adware:adware/ctxpopup Not disinfected Windows Registry
Adware:adware/stickypops Not disinfected Windows Registry
Adware:adware/startpage.wl Not disinfected Windows Registry
Adware:adware/startpage.wh Not disinfected Windows Registry
Adware:adware/wazzup Not disinfected Windows Registry
Adware:adware/imgiant Not disinfected Windows Registry
Potentially unwanted tool:application/need2find Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{630D6140-04C5-4db0-B27A-020D766FF09B}
Tu as un registre bien infecte !
Télécharge SpySweeper (de Webroot, version d'essai de 14 jours) :
-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, accepte la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coches toutes les cases.
-Fermes SpySweeper
La suite étant faite en mode sans échec, imprimes ou copies/colles dans un fichier texte les instructions suivantes
Redémarre en mode sans échec : au redémarrage, tapote immédiatement la touche F8, tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Démarre SpySweeper
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clic sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clique sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.
Redémarre normalement
Désinstalle SpySweeper à partir de ajout/suppression de programme sauf si tu veux continuer l'évaluation pendant 15 jours.
Copie/colle le rapport de SpySweeper ici
-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, accepte la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coches toutes les cases.
-Fermes SpySweeper
La suite étant faite en mode sans échec, imprimes ou copies/colles dans un fichier texte les instructions suivantes
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clic sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clique sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.
j'ai bien fait l'analyse ac pysweeper, mais suite à une erreur de ma part je n'ai pas le rapport du scan, j'ai donc refait un scan panda dont voici le résultat (nettement meilleur)
Incident Statut Analyse
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.tradedoubler.com/]
Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe
J'attend la suite^^( si c 'est nécessaire)
Merci pour votre aide
Incident Statut Analyse
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Dr@fty\Application Data\Mozilla\Firefox\Profiles\c3v4gibm.default\cookies.txt[.tradedoubler.com/]
Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Dr@fty\Mes documents\Logiciels\Log protection virus\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe
J'attend la suite^^( si c 'est nécessaire)
Merci pour votre aide
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumTrojan horse backdoor. generic 11.zne
- ForumJe suis infeste par trojan horse generic
- ForumVirus infecte par un trojan horse generic
- ForumTrojan horse backdoor.generic 12.abdm.dropper
- ForumInfecte par trojan horse generic
- ForumTrojan horse backdoor generic 13 yxm
- ForumTrojan horse downloder generic 6 wgf
- ForumTrojan horse generic 9.aywa
- ForumVirus trojan horse generic
- ForumInfection trojan horse generic. yvd
- Voir plus
