Rapport d'infection PC à décrypter

bakana · le 28 septembre 2008

Bonjour à tous

ne connaissant pas grand chose en informatique je m'adresse à vous pour lire le rapport de hijackthis.

Scan saved at 02:58:15, on 28/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Applications\wcs.exe

C:\Program Files\Applications\iebtm.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Applications\wcm.exe

C:\Program Files\Applications\iebtmm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\FlashGet\FlashGet.exe

C:\Downloads\HiJackThis.exe

C:\WINDOWS\system32\HPZipm12.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.aliceadsl.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - C:\Program Files\Applications\iebt.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [itsTV] "C:\Program Files\ItsLabel\ItsTV.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0

O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe

O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-21-1644491937-343818398-725345543-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Angel Phenix')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: END.lnk = C:\Program Files\Alice\Res\SplashScreen.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: TrayMin210.exe.lnk = ?

O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)

O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{2527A4EC-127B-4CEC-A052-3CD5BE6DD944}: NameServer = 192.168.1.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe

--

End of file - 10752 bytes

Merci d'avance

Thanos · le 28 septembre 2008

salut

Le pc est effectivement infecté: voilà le programme que tu vas utiliser >>

Télécharge SmitfraudFix de S!Ri sur ton bureau

Double clique sur SmitfraudFix.exe
Une fenêtre va s'ouvrir, choisis l'option 1
Copie/colle le contenu du bloc-note qui s'ouvre dans ton prochain post.
Note: si tu as une version de Smitfraudfix, ne l'utilise pas! élimine là et télécharge la dernière version.

Thanos · le 28 septembre 2008

bakana, je colle le rapport que tu m'as expédié par mp >>

SmitFraudFix v2.354

Rapport fait à 18:56:03,25, 28/09/2008

Executé à partir de C:\Program Files\FlashGet\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Applications\wcs.exe

C:\Program Files\Applications\iebtm.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\eMule\emule.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\FlashGet\FlashGet.exe

C:\Program Files\FlashGet\SmitfraudFix\Policies.exe

C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info

127.0.0.1 legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\MSx.cpl PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\harry

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\harry\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\harry\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Applications\ PRESENT !

C:\Program Files\MSX\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets

DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{2527A4EC-127B-4CEC-A052-3CD5BE6DD944}: NameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{2527A4EC-127B-4CEC-A052-3CD5BE6DD944}: NameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\..\{2527A4EC-127B-4CEC-A052-3CD5BE6DD944}: NameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{2527A4EC-127B-4CEC-A052-3CD5BE6DD944}: NameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Encore merci et à bientôt

Utilise stp cette discussion pour poster tes messages/rapports

La marche à suivre pour nettoyer ton pc >>

1°) Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne doit plus voir l'icône du Teatimer dans la barre de tâches!

Ne fais pas l'impasse sur cette étape, car ca peut faire échouer la procédure de désinfection !

2°) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

-Ferme tous les programmes et clique sur "Fix Checked"

3°) Redémarre le PC, impérativement en mode sans échec.

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement.
Tapote par alternance les touches [F8] et [F5] jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionne "Mode sans échec" et appuie sur la touche [Entrée].
Choisis ton compte usuel, et non Administrateur.
>> En images ici<<

4°) Utilisation de SmitFraudFix en mode sans échec >>

Double cliquer sur SmitfraudFix.exe
Sélectionner 2 et pressez la touche [Entrée] dans le menu pour supprimer les fichiers responsables de l'infection.
A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez la touche [Entrée] afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.
Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répondre O (oui) et pressez a touche [Entrée] pour remplacer le fichier corrompu.
Un redemarrage sera peut être necessaire pour terminer la procedure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

5°) Le pc a rédémarré, nous allons scanner ton pc avec le programme suivant >>

Télécharge Malwarebytes' Anti-Malware (MBAM)

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen rapide"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Fais stp les étapes dans l'ordre, et poste moi les deux rapports générés.

Je te demanderais en plus de cela un nouveau rapport hijackthis.

courage

bakana · le 2 octobre 2008

bakana, je colle le rapport que tu m'as expédié par mp >>

Utilise stp cette discussion pour poster tes messages/rapports

La marche à suivre pour nettoyer ton pc >>

1°) Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne doit plus voir l'icône du Teatimer dans la barre de tâches!

Ne fais pas l'impasse sur cette étape, car ca peut faire échouer la procédure de désinfection !

2°) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

-Ferme tous les programmes et clique sur "Fix Checked"

3°) Redémarre le PC, impérativement en mode sans échec.

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement.

Tapote par alternance les touches [F8] et [F5] jusqu'à l'affichage du menu des options avancées de Windows.

Sélectionne "Mode sans échec" et appuie sur la touche [Entrée].

Choisis ton compte usuel, et non Administrateur.

>> En images ici<<

4°) Utilisation de SmitFraudFix en mode sans échec >>

Double cliquer sur SmitfraudFix.exe
Sélectionner 2 et pressez la touche [Entrée] dans le menu pour supprimer les fichiers responsables de l'infection.
A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez la touche [Entrée] afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.
Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répondre O (oui) et pressez a touche [Entrée] pour remplacer le fichier corrompu.
Un redemarrage sera peut être necessaire pour terminer la procedure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

5°) Le pc a rédémarré, nous allons scanner ton pc avec le programme suivant >>

Télécharge Malwarebytes' Anti-Malware (MBAM)

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".

Sélectionne "Exécuter un examen rapide"

Clique sur "Rechercher"

L'analyse démarre, le scan est relativement long, c'est normal.

A la fin de l'analyse, un message s'affiche :

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Fais stp les étapes dans l'ordre, et poste moi les deux rapports générés.

Je te demanderais en plus de cela un nouveau rapport hijackthis.

courage

Merci pour ta reponse Thanos.J'ai suivi tes conseils mais il y à un hic.Après avoir désactivé le Teatimer je suis passé à l'étape suivante et il me manque la troisième ligne:04-HKCU Spyboot.Cette ligne n'est plus là!Est ce que je peux tout de même continuer le reste de la manoeuvre?

Merci pour ta future réponse

bakana

Thanos · le 2 octobre 2008

salut

J'ai suivi tes conseils mais il y à un hic.Après avoir désactivé le Teatimer je suis passé à l'étape suivante et il me manque la troisième ligne:04-HKCU Spyboot.Cette ligne n'est plus là!Est ce que je peux tout de même continuer le reste de la manoeuvre?

Oui! j'aurais dû te le préciser. Coche les lignes présentes citées plus haut et continue la procédure stp

bakana · le 2 octobre 2008

salut

Oui! j'aurais dû te le préciser. Coche les lignes présentes citées plus haut et continue la procédure stp

Tout a parfaitement fonctionné.Merci Thanos!

Voici le rapport

Malwarebytes' Anti-Malware 1.28

Version de la base de données: 1226

Windows 5.1.2600 Service Pack 3

03/10/2008 01:19:11

mbam-log-2008-10-03 (01-19-11).txt

Type de recherche: Examen rapide

Eléments examinés: 94364

Temps écoulé: 18 minute(s), 41 second(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 2

Fichier(s) infecté(s): 229

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

C:\Program Files\VirusRanger (Rogue.Virus.Ranger) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\717305 (Trojan.BHO) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

C:\Documents and Settings\LuciLLe '\Local Settings\Temporary Internet Files\Content.IE5\LU57UG8Z\UAV2008Setup[1].exe (Rogue.UltimateAntivirus2008) -> Quarantined and deleted successfully.

C:\Documents and Settings\harry\Local Settings\Temporary Internet Files\Content.IE5\AY2JTHU9\MSXSetup[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temporary Internet Files\Content.IE5\TKFAOOXX\UAV2008Setup[1].exe (Rogue.UltimateAntivirus2008) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\de_aztec.JPG (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\moz-screenshot.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~10273bab7c671c8b9ebecb81800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~10f208cc1daaae1c8f0d92044ac00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~127696b2712a1c8f2be9b1aec00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~12de8774d02e1c8f6f89a3bed00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~13ddd9873393b1c8d6b49630200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~15bc21a0121001c88b8ee72a8700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~170526dd14d41c8ddee49319400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~172794cd71d61c8f2b697836700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~173ba45b439d31c8c3cc5bbe4500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~179e3a17d84c1c8dee8706c8c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~189817f745f61c8f6f8cc4d4f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1927cd20553b71c8d202931d5600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1ba0049f309a1c8f6f8d2433000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1bdc2d573cd61c8f6f8c9eaf500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1d41722698a71c8f361a115d900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1dad517a3c0e1c8f35dcbfe2e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1ddf343860e641c8bab72e61c500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1e551e0e5b971c8f35dc7397a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1f11be972c4fc1c8bfff96586400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~1f11c40c13f8a1c8e05cd2e69900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~23c38fe67e1d81c8c3cb88be2800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~244fca0b31151c8b79b7f15ad00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~247696b866061c8f2be98b89200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~25cb93bd2ce491c8c3cc5cef7200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~277a608b153171c8c3cca475fe00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~2a203898d961c88b8edb3ec500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~2b27be6742fad1c8d20736706a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~2c7696b259301c8f2bb7b35f900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~2e8214ae1df7031c8edec3eb25b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~2f04cfd316cc41c8c6789ea44500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~319d2edcbb2a1c8dee984fd5400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~33028d277ff31c8fe0a28575800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~330ded2d1925161c8f0aa71897700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~34346c10fd6d1c8ed86d1b8aa00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~34abf25441071c8f35c25fdf400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~359100e69dc51c8b5fda171c400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~35c49a404a4361c8c4e76cafa900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~360df23fcc301c8f360960e7900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~36b3003716b7081c8ae25e63f7300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3704deb518b3a1c8f68a4e525f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~371a4b6150e41c8dee9bbd36a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~37a9411bbce81c8dee983cc2700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3884c84a6dc61c8f354ce0fbf00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~389db0cf75121c8ed83d334a300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3b77733dd83791c8fc5af227a600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3c0ec3819bc9d1c8f363a8d67d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3ca12db61b4d81c8ea65a4f25300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3e8ceab3caec01c8f36388a6be00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~3f295da2a2241c8f6fa34506500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~401ecf023ae01c8f5c41ed91f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~414eeeb31d21461c8f00c77c91600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~41e4901359ef1c8f6eba7061400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~428f946c127c951c8f1b7c36bf300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~42c9e3bf10f411c88b8ed2e68a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~430ded2c1607a01c8f0aa5880c600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4475c59eb4481c8dac61f166400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4539bd791014a1c88b8ed8dc6b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4686893b21782b1c8d0a129396b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~472425d96d4e1c8ee91bc7c7200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4875d0fa181ad11c8c3df92518b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~491dc9fe3a3e1c8b68cc5301b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~49cd0c582bc8e1c8f74f88396900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~49e468659f991c8f6fee4c06800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4aa12db6226221c8ea65a15ecc00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4adb952dd8c41c8ab0f3d380600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4b58d7a937c31c8dacab67db600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4c1ed06350a51c8f5c427315a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4d6809927e511c8f1d746507600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~4e1a34257e081c8bf678a20c800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~508f9b2e1c61871c8b5d78a1fe000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~578f7b92126f11c88b8ee4c82d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~581b3d8c117071c88b8f9bca000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~588214af1b4aef1c8edec2b9f8b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5aa500cca2ef1c8f3611cc35600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5b91036721dd1c8c03681e38e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5b9b55642a7e81c8c3cc18fc6d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5ba49cb81aca01c8c3cc6082f900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5c16a45ea9a61c8ee9161e31600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5c42934f486031c8c3cbca4ed300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5d4805faafd71c8f8cdc3fa3d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5e1ed4aa76121c8f5c431ebef00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5e769686110211c8f2bdc3561b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5e7696b2e9ce1c8f2bd6fc5500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~5fe46fb0a9c81c8f6feef7afd00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~61d0fba88bc1c8f35bdd463b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~62efff4afe0f1c88b8edc6ff200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~640df22cbd9081c8f35fc570b600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~6464bddaabc91c8ab0f68225a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~68a12d981ea0e1c8ea65a02d9f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~6cc281a9123b51c88b8ef90c2a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~6d46925b1f9a811c8edec1d516f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~6d57addd22fa1b1c8f03ac5f50e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~710033c78a411c8dee98169cd00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~71d93fd1b4701c8c1d21e8e6300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~724fc8e117b8e1c8f03acab9c200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~7467220efd6d1c8ed86d1b8aa00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~7476944618bc21c8cd8a437b600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~74a12d981b3711c8ea659efc7200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~75728403358e1c8f35a68263600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~775c57ffa38b1c8f8d0fade600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~7976864a298d381c8ee90678c2c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~79d905868a5c71c8c0fdcbe37700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~7f91053e23e51c8da9a8f0ef500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8152ce0f71d41c8f1d766803500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~819a804c407ac41c8fc5abb519000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~819c4b032cfd9c1c8ee923c0a4100.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~81d97c757fa211c8c3cbc91da600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~81fe39456b4d1c8f6eba9686e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~839100c0abb41c8c4d575977f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~83a960821340d1c8c3cbdd61a300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~87c928851750e1c8c3cc67aa0700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~89db92743a61c8f66c513e5700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8a022aeb496b1c8f35cdff56000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8b827b8a5b541c8f3551b8c2c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8b9e3a317f241c8f2ba3f4e6400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8d5ef0e71c61871c8b5d78a1fe000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8daac0d09124a1c8c0ff57a9d300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~8dd5ae5e46751c8f8df3cb5c500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~934805fca8591c8f8cdc066b600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~934eeeb61d2f5a1c8f00c74358f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~94355764979e1c8f8cd34ed2500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~96a268ce21aaf1c9046c73a5e200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9704dd94ea711c8f68cd9345900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~974eeeb61cb8f51c8f00c7697e900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~98a00fc591461c8ddf57d5c8300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~98cfe34ebc5e1c8c3cc1a2d9a00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9a9b516720a1c1c8c3cc61b42600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9adb952c10d621c8ab0f40cb8d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9ca12db71d7ae1c8ea65a885da00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9cdb3aae146271c8c3cc1b5ec700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~9d51bf0f61801c8f1d75a947300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a0cf48d464781c8f35bf0ad200.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a1df84423d661c8c3cb7e039300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a1ed57537471c8f5c4239dd300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a44fcd96f7231c8f03ab2e23e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a4563c054eb91c8f6ebb4230300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a4eaf3c243c0f1c8bb46cce93700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a59c774d13d71c8f6ebb5543000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a6f208cd1d4e6c1c8f0d9466a4c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a7b7418e92a41c8f8d0886d800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a7c49a40384361c8c991fd780000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a8bb8b62b4c61c8e05ceabe1d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~a9604e8c4bce31c8b6b73e446800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~aa75d0cf18dd3f1c8c3dfa3020100.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~aaf208cc1c6ae91c8f0d94c602d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~abb05d4131591c8fa5e2c782400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ad5b67c1444621c8c3cc5f51cc00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~aea12db62797f1c8ea65a28ff900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~afbb5f851ab331c88b8f6291900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b0269a3825e1c8f6ebbb4a1100.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b0355751f1b81c8f8cd2ef74400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b035577f9e701c8f8cd3880ac00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b086c61422fa1b1c8f03ac5f50e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b2a500cc9eb71c8f3615005e500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b4f208cd1d12231c8f0d92175d900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b58fe4fd8cda1c8dee98169cd00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b7a85d578d871c8f354e253bc00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b7e780ca55cc1c8f6eba3728d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~b84ab9d6259541c8d6b621d41c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ba60935240a51c8f2b7b33b3d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~baa500f898a71c8f36055aefb00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~badb952c9ae51c8ab0f3f9a6000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~bb5337b038991c8fa5e47e32f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~bbc67f80c3ab1c905f666b4fa00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c23a7e867bef1c8ea63c6ead600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c585080169ca1c8f3cc701ebe00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c59106b16ed81c8f2bc13cc7900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c699e97375121c8ed83d334a300.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c86893a2c2bdb1c8d61695265100.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c8d7d71c85bf1c8ed857803b000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~c966f0f072cb1c8fa616a2a7c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~cc1ed78a57d81c8f5c41c76c500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~cc4fc84c116431c8f03acd1c1c00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~cc769686b0e51c8f2babdab0600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ce7b7a0425f4d1c8c3cc1568e600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~cf20b4f1d0ed71c8f0d979acdb00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~cfeb204e51d211c8c3cc6678da00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d1484dea71ed1c8f6ecb28d800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d15f9962224cb1c8f354ade00000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d17698112edfa71c8ee90db2e3900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d18833f273921c8f8cd31599e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d81a7d452b96e1c8e02d6b652500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d8f05802d3261c8dbc716598700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d99106b16a7f1c8f2ba86d4f000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~d9a0df3727f97f1c8c7e5e1376000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~dac914331cb2251c8f622b2413d00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~db07c10dcc351c8bb5567507700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~dd7c7e808b10d1c8c3cc595beb00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~dd9525531cd8511c8f2697ba5a400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~de646eadf2831c8ab0f5fca1f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~dfe46fa346291c8f6feeab64900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e086893b27f97f1c8c66ccbeaf600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e0db952c123201c8ab0f3c06d900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e20df205b7d51c8f36270826f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e397be16272e1c8f703f9532f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e4ca64194aac1c8f8d04f35100.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e70ded2d1926851c8f0aa764e2b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e7355b80e2371c88b8eccf0a900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~e8a12db61b6bd1c8ea65a6238000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ea7a67aaa1391c8ab0f59d43e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ecdb952dae8b1c8ab0f432de700.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ede66fa570c71c8dee984fd5400.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ef3203db4ceee1c8ea63986cfb00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f060ef2ab6211c8f6fa39151900.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f4a12db6170d71c8ea65a3c12600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f56a39c13cef1c8fa5e34d05f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f666b5ab129f61c8bab25ef33000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f6a4b34154fe1c8fa5e3863e600.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f7589a6c7a41c8f354e97aca00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~f8ab55d694a761c8ddf560c04b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~fadd6d2542291c8f6ebbc7b3e00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~fd1667fc35931c8c3cb75ab5800.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~fd180b484f3221c8f029a9040f00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~fe1ecbd93ed21c8f5c42d273b00.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~fe279e2362251c8f8debf8a5000.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\~ff30d1521469c1c88b8f1646500.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\db73_appcompat.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\dd_depcheck_NETFX_EXP_35.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\dd_dotnetfx35error.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\dd_dotnetfx35install.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\dd_NET_Framework30_Setup6AA8.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\uxeventlog.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\Angel Phenix\Local Settings\Temp\{03405957-6289-490D-8C95-BC9EC8C5B4CD}background.png (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.

C:\Documents and Settings\LuciLLe '\Local Settings\Temp\laf229.tmp (Trojan.Zlob) -> Quarantined and deleted successfully.

Maintenant il faut que j'aille me coucher je me lève à 4h15

Le reste suit demain dans la soirée

Encore merci,l'ordi va beaucoup mieux,il est bien plus rapide

bakana

Thanos · le 2 octobre 2008

re!

MBAM a fait du bon boulot

Par contre tu as oublié de me poster le rapport de SmitFraudFix option 2 : poste le stp dans ton prochain message.

De plus à des fins de vérification, je vais te demander de poster ce rapport (le scan est rapide) >>

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

@ demain

bakana · le 6 octobre 2008

re!

MBAM a fait du bon boulot

Par contre tu as oublié de me poster le rapport de SmitFraudFix option 2 : poste le stp dans ton prochain message.

De plus à des fins de vérification, je vais te demander de poster ce rapport (le scan est rapide) >>

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

@ demain

Désolé,n'ai pas eu le temps de m'occuper de l'ordi.Effectivement je ne t'ai pas envoyé l'autre rapport car je ne sais pas ou il se trouve?!

Par contre j'ai les rapports que tu m'as fait executer:les voici

Logfile of random's system information tool 1.04 (written by random/random)

Run by harry at 2008-10-06 23:50:15

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 7 GB (14%) free of 50 GB

Total RAM: 447 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:50:50, on 06/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\eMule\emule.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\harry\Bureau\RSIT.exe

C:\Downloads\harry.exe