Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

PC infecté

blackcrichton
 Partager

Messages recommandés

blackcrichton Junior Member

blackcrichton

Posté(e)
Posté(e)

Bonsoir

Mon PC vient d'être infecté par un méchant virus qui affiche Vista 2008 antivirus toutes les 2 mn, bloque l'accès aux programmes et a supprimé le logiciel hijackthis... Du coup pas de rapport possible (et impossible de le télécharger à nouveau apparemment).

Pourriez-vous m'aider ?

 

Merci à vous

 

crichton

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Supprimé Hijackthis?

L'antivirus fonctionne? On verra pour HJT juste après ceci:

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

 

Reboote le pc.

PUIS:

 

Télécharge HijackThisV2 sur ton bureau.

 

NB: Enregistrer l'exécutable et NON l'exécuter depuis le net!

 

@++

blackcrichton Junior Member

blackcrichton

Posté(e)
  • Auteur
Posté(e)

Je viens de terminer l'examen avec NBAM qui a effectivement été plutôt long et qui a trouvé 100 éléments à supprimer (j'halucine !).

 

Voici le rapport NBAM :

 

Malwarebytes' Anti-Malware 1.24

Version de la base de données: 1038

Windows 5.1.2600 Service Pack 2

 

12:32:57 11/08/2008

mbam-log-8-11-2008 (12-32-57).txt

 

Type de recherche: Examen complet (C:\|)

Eléments examinés: 184871

Temps écoulé: 1 hour(s), 13 minute(s), 48 second(s)

 

Processus mémoire infecté(s): 1

Module(s) mémoire infecté(s): 2

Clé(s) du Registre infectée(s): 21

Valeur(s) du Registre infectée(s): 16

Elément(s) de données du Registre infecté(s): 16

Dossier(s) infecté(s): 4

Fichier(s) infecté(s): 40

 

Processus mémoire infecté(s):

C:\Program Files\VAV\vav.exe (Rogue.VistaAntivirus2008) -> Unloaded process successfully.

 

Module(s) mémoire infecté(s):

C:\WINDOWS\xokvrpwg.dll (Trojan.Zlob) -> Delete on reboot.

C:\WINDOWS\tfnslopk.dll (Trojan.FakeAlert) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\CLSID\{8450912b-c4db-47a6-aa33-127fda8fdac9} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{861a5298-ee5a-47a2-adf1-e31dfaaf2745} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8ecd9ec4-b9c5-4b79-a60f-9b275f150d81} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f2a6573c-91ce-4c49-8122-b613f345e4a5} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{468520d6-c977-4e1d-a8c6-29584eb992f5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a91966d7-56df-4757-b385-bf88a1ea46eb} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{b7f8c889-3245-49b7-a99d-50665c4f16e7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e0dde7f9-96af-42e8-b721-376c41681132} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{20e1148b-a9db-4678-82ab-e3e72b0f2959} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{4c6b1408-fc27-4864-9b5d-f70a93a789c4} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{892b88a3-dc94-4a1f-a75a-9aa50061a683} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{4e139533-3339-4a4b-93f0-55243d2a5dc2} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{51646aaa-c821-463d-b0ec-278a57b7fd4d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{fd4ccf55-6cd6-4284-8d7e-e82b6f575e40} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{df6c9a95-cdd0-4efc-9c2a-b6ca365f7396} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df6c9a95-cdd0-4efc-9c2a-b6ca365f7396} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\bgrqfetx.bolb (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\bgrqfetx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xokvrpwg (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winb.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winc.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\wind.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\wine.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winf.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winb.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winc.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\wind.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\wine.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winf.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tfnslopk (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{892b88a3-dc94-4a1f-a75a-9aa50061a683} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2) Good: (http://www.google.com/) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76412-OEM-0053265-68562) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\WINDOWS\xokvrpwg.dll (Trojan.Zlob) -> Delete on reboot.

C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\4.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP363\A0318816.dll (Trojan.BHO) -> Quarantined and deleted successfully.

C:\WINDOWS\edlb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\danger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\spacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\sex1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\PCHealthCenter\sex2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.

C:\Program Files\VAV\vav.cpl (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

C:\Program Files\VAV\vav.exe (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

C:\Program Files\VAV\vav0.dat (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

C:\Program Files\VAV\vav1.dat (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\sex2.ico (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vav.cpl (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.

C:\WINDOWS\tfnslopk.dll (Trojan.FakeAlert) -> Delete on reboot.

C:\WINDOWS\lnvegaow.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\bgrqfetx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\wnlmdakqlag.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Local Settings\Temp\s1265.php (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Local Settings\Temp\vistasp1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Bureau\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Bureau\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Bureau\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Favoris\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Favoris\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\Sebastien\Favoris\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.

 

 

 

et le rapport hijackthis qui suit :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:38:20, on 11/08/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Classic PhoneTools\CapFax.EXE

C:\Program Files\Generic\USB Card Reader Driver v2.2c\Disk_Monitor.exe

C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\system32\inetsrv.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\ntvdm.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe

C:\DOCUME~1\SEBAST~1\Bureau\hijackthis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [CapFax] C:\Program Files\Classic PhoneTools\CapFax.EXE

O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v2.2c\Disk_Monitor.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [inetsrv] C:\WINDOWS\system32\inetsrv.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE

O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9e43735806ea427185d942562bc5e7ea

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9e43735806ea427185d942562bc5e7ea

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://regulus.upmf-grenoble.fr/qp2.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{074E0CE5-B019-413C-9232-AB4EBF4F74F2}: NameServer = 80.10.246.130 81.253.149.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{074E0CE5-B019-413C-9232-AB4EBF4F74F2}: NameServer = 80.10.246.130 80.10.246.3

O17 - HKLM\System\CS2\Services\Tcpip\..\{074E0CE5-B019-413C-9232-AB4EBF4F74F2}: NameServer = 80.10.246.130 81.253.149.10

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

O24 - Desktop Component 0: Privacy Protection - (no file)

 

--

End of file - 9214 bytes

 

 

Merci de votre aide

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Tu avais gagné le gros lot toi..

 

Installe un antivirus tout de suite!

http://www.malekal.com/tutorial_antivir.php

 

Après avoir téléchargé l'exécutable, déconnecte ton pc physiquement du net.

Installe-le et configure comme dans le tuto.

 

rebranche au net, mets à jour.

 

Lance une analyse complète.

 

Prends le rapport et colle-le ici dans ta réponse stp.

 

@++

blackcrichton Junior Member

blackcrichton

Posté(e)
  • Auteur
Posté(e)

Le scan Antivir vient de se terminer, voici le rapport qui vient d'être édité :

 

 

 

Avira AntiVir Personal

Report file date: lundi 11 août 2008 19:50

 

Scanning for 1546059 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-ADJIE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Boot mode: Normally booted

Username: SYSTEM

Computer name: HILAIRE-03C0AE3

 

Version information:

BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00

AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53

AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40

LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19

LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52

ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34

ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15

ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 04/08/2008 12:09:22

ANTIVIR3.VDF : 7.0.5.238 215552 Bytes 11/08/2008 12:09:24

Engineversion : 8.1.1.19

AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50

AESCRIPT.DLL : 8.1.0.63 311673 Bytes 11/08/2008 12:09:41

AESCN.DLL : 8.1.0.23 119156 Bytes 11/08/2008 12:09:40

AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50

AEPACK.DLL : 8.1.2.1 364917 Bytes 11/08/2008 12:09:39

AEOFFICE.DLL : 8.1.0.21 192891 Bytes 11/08/2008 12:09:37

AEHEUR.DLL : 8.1.0.47 1368437 Bytes 11/08/2008 12:09:36

AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50

AEGEN.DLL : 8.1.0.35 315764 Bytes 11/08/2008 12:09:29

AEEMU.DLL : 8.1.0.7 430452 Bytes 11/08/2008 12:09:27

AECORE.DLL : 8.1.1.8 172406 Bytes 11/08/2008 12:09:26

AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42

AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05

AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01

AVREP.DLL : 8.0.0.2 98344 Bytes 11/08/2008 12:09:25

AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40

AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23

AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49

SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02

SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40

NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10

RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07

RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

 

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: on

Scan boot sector.................: on

Boot sectors.....................: C:,

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: off

Scan all files...................: Intelligent file selection

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Macro heuristic..................: on

File heuristic...................: medium

 

Start of the scan: lundi 11 août 2008 19:50

 

The scan of running processes will be started

Scan process 'avwsc.exe' - '0' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'wuauclt.exe' - '1' Module(s) have been scanned

Scan process '~e5.0001' - '1' Module(s) have been scanned

Scan process 'Warhammer.exe' - '1' Module(s) have been scanned

Scan process 'Watch.exe' - '1' Module(s) have been scanned

Scan process 'hposts08.exe' - '1' Module(s) have been scanned

Scan process 'COCIManager.exe' - '1' Module(s) have been scanned

Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned

Scan process 'PollingModule.exe' - '1' Module(s) have been scanned

Scan process 'Inactivity.exe' - '1' Module(s) have been scanned

Scan process 'Toaster.exe' - '1' Module(s) have been scanned

Scan process 'ComComp.exe' - '1' Module(s) have been scanned

Scan process 'hpoevm08.exe' - '1' Module(s) have been scanned

Scan process 'EspaceWanadoo.exe' - '1' Module(s) have been scanned

Scan process 'LVComSX.exe' - '1' Module(s) have been scanned

Scan process 'SPUVolumeWatcher.exe' - '1' Module(s) have been scanned

Scan process 'ntvdm.exe' - '1' Module(s) have been scanned

Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned

Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned

Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned

Scan process 'hpohmr08.exe' - '1' Module(s) have been scanned

Scan process 'dslmon.exe' - '1' Module(s) have been scanned

Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned

Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned

Scan process 'ctfmon.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'QuickCam10.exe' - '1' Module(s) have been scanned

Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned

Scan process 'qttask.exe' - '1' Module(s) have been scanned

Scan process 'CnxDslTb.exe' - '1' Module(s) have been scanned

Scan process 'Disk_Monitor.exe' - '1' Module(s) have been scanned

Scan process 'capFax.exe' - '1' Module(s) have been scanned

Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned

Scan process 'NvMixerTray.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'MDM.EXE' - '1' Module(s) have been scanned

Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

55 processes with 55 modules were scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

Master boot sector HD2

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

Master boot sector HD3

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

Master boot sector HD4

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( '70' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\'

C:\hiberfil.sys

[WARNING] The file could not be opened!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Applications Configuration\Internet\Download Accelerator Plus\dap53lang.exe

[DETECTION] Contains recognition pattern of the DR/Dap.C.2 dropper

[NOTE] The file was moved to '49107cc5.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\BlackBox.class-3d05e309-1efeb0d4.class

[DETECTION] Is the TR/Java-ClassLdr.C Trojan

[NOTE] The file was moved to '49017df0.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\BlackBox.class-40576dba-46bee7ad.class

[DETECTION] Is the TR/Java-ClassLdr.C Trojan

[NOTE] The file was moved to '49017df2.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\BlackBox.class-75f7bc73-6fc5ec4f.class

[DETECTION] Is the TR/Java-ClassLdr.C Trojan

[NOTE] The file was moved to '49017df4.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\Dummy.class-34ece87c-76e45a69.class

[DETECTION] Is the TR/ClassLoader.D Trojan

[NOTE] The file was moved to '490d7e00.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\Dummy.class-3a665339-4819ea29.class

[DETECTION] Is the TR/ClassLoader.D Trojan

[NOTE] The file was moved to '490d7e01.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\Dummy.class-44927f52-1f0ca52c.class

[DETECTION] Is the TR/ClassLoader.D Trojan

[NOTE] The file was moved to '490d7e03.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\Dummy.class-70dda463-2de566eb.class

[DETECTION] Is the TR/ClassLoader.D Trojan

[NOTE] The file was moved to '490d7e05.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\java.class-2fd13b66-3364b1ae.class

[DETECTION] Is the TR/Dldr.Java.Agent.D Trojan

[NOTE] The file was moved to '49167df3.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\VerifierBug.class-35d9afb9-605f9a1d.class

[DETECTION] Is the TR/Java.ByteVerify Trojan

[NOTE] The file was moved to '49127dfc.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\VerifierBug.class-44e1bd12-13a517b8.class

[DETECTION] Is the TR/Java.ByteVerify Trojan

[NOTE] The file was moved to '49127dfd.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\VerifierBug.class-63f45b68-6f8f866b.class

[DETECTION] Is the TR/Java.ByteVerify Trojan

[NOTE] The file was moved to '49127dff.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\file\1.0\VerifierBug.class-6e1d660f-6b54a366.class

[DETECTION] Is the TR/Java.ByteVerify Trojan

[NOTE] The file was moved to '49127e01.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\arr3.jar-53b20017-57011de6.0ip

[0] Archive type: ZIP

--> Gummy.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLdr.I.2 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLdr.I.1 Java virus

--> VerifierBug.class

[DETECTION] Is the TR/Femad.Java.3 Trojan

--> Beyond.class

[DETECTION] Is the TR/Java.ClassLoad.L Trojan

[NOTE] The file was moved to '49127e17.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\arr3.jar-53b20018-5a40b49c.0ip

[0] Archive type: ZIP

--> Gummy.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLdr.I.2 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLdr.I.1 Java virus

--> VerifierBug.class

[DETECTION] Is the TR/Femad.Java.3 Trojan

--> Beyond.class

[DETECTION] Is the TR/Java.ClassLoad.L Trojan

[NOTE] The file was moved to '49127e1e.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-1c707158-30e407f2.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e1f.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-1f6dd35-5c217bd7.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e21.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-22aaed-5bb3d890.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e24.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-39584ee5-26ec3e07.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e26.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-39585121-6f2fd8b5.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e2c.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-39585123-77c511ff.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e2e.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-3df420c8-361add95.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e31.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-411310c0-5bc60560.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e33.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-58b7986c-2c60f902.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e35.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-5b453dbd-38ea68b2.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e37.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-612a1257-1c65b166.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e39.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-6321b6a5-4a6e8214.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e3b.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-692d3f5f-7d54694f.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e3d.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-6b6c0dd1-18b43291.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e3f.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-76604cc2-6d7d90e8.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e41.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-7cc56843-25410083.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e42.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-abadc8d-45975868.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e44.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\count.jar-c99947e-632a74b6.0ip

[0] Archive type: ZIP

--> BlackBox.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.2 Java virus

--> VerifierBug.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.4 Java virus

--> Dummy.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.3 Java virus

--> Beyond.class

[DETECTION] Contains recognition pattern of the JAVA/BlackBox.AA.1 Java virus

[NOTE] The file was moved to '49157e46.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\crtdcghcn.jar-36aa525e-1fd98041.0ip

[0] Archive type: ZIP

--> BaaaaBaa.class

[DETECTION] Is the TR/Java.Downloader.Gen Trojan

--> VaaaaaaaBaa.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.FA Java virus

--> Dvnny.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.2 Java virus

--> Baaaaa.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.1 Java virus

--> Dex.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GC Java virus

--> Dix.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GD Java virus

--> Dux.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GE Java virus

[NOTE] The file was moved to '49147e4b.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\crtdcghcn.jar-490bd774-32c6c725.0ip

[0] Archive type: ZIP

--> BaaaaBaa.class

[DETECTION] Is the TR/Java.Downloader.Gen Trojan

--> VaaaaaaaBaa.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.FA Java virus

--> Dvnny.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.2 Java virus

--> Baaaaa.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.1 Java virus

--> Dex.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GC Java virus

--> Dix.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GD Java virus

--> Dux.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GE Java virus

[NOTE] The file was moved to '49147e4d.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\crtdcghcn.jar-cbb74d8-100196c3.0ip

[0] Archive type: ZIP

--> BaaaaBaa.class

[DETECTION] Is the TR/Java.Downloader.Gen Trojan

--> VaaaaaaaBaa.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.FA Java virus

--> Dvnny.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.2 Java virus

--> Baaaaa.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.1 Java virus

--> Dex.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GC Java virus

--> Dix.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GD Java virus

--> Dux.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GE Java virus

[NOTE] The file was moved to '49147e6a.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ie0601a.jar-2d1f118a-754d13ce.0ip

[0] Archive type: ZIP

--> SandBoxEscape.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.3 exploit

--> SuperMSClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.4 exploit

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.2 exploit

--> Installer.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.1 exploit

[NOTE] The file was moved to '48d07e63.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ie0601a.jar-2d1f1292-5c532545.0ip

[0] Archive type: ZIP

--> SandBoxEscape.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.3 exploit

--> SuperMSClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.4 exploit

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.2 exploit

--> Installer.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.1 exploit

[NOTE] The file was moved to '48d07e66.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\java.jar-95230ec-5f3006e7.0ip

[0] Archive type: ZIP

--> GetAccess.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AJ Java virus

--> Installer.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AK Java virus

--> NewSecurityClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.2 Java virus

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.3 Java virus

[NOTE] The file was moved to '49167e64.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\java.jar-9523824-10dec110.0ip

[0] Archive type: ZIP

--> GetAccess.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AJ Java virus

--> Installer.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AK Java virus

--> NewSecurityClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.2 Java virus

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.3 Java virus

[NOTE] The file was moved to '49167e66.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\java.jar-95238ad-1076d3d4.0ip

[0] Archive type: ZIP

--> GetAccess.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AJ Java virus

--> Installer.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AK Java virus

--> NewSecurityClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.2 Java virus

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.3 Java virus

[NOTE] The file was moved to '49167e68.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\java.jar-95238ad-69e6682b.0ip

[0] Archive type: ZIP

--> GetAccess.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AJ Java virus

--> Installer.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AK Java virus

--> NewSecurityClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.2 Java virus

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.3 Java virus

[NOTE] The file was moved to '49167e6a.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\java.jar-9523932-4b03bc2f.0ip

[0] Archive type: ZIP

--> GetAccess.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AJ Java virus

--> Installer.class

[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AK Java virus

--> NewSecurityClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.2 Java virus

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the JAVA/ByteVerify.G.3 Java virus

[NOTE] The file was moved to '49167e6c.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\loaderadv413.jar-140362a6-52089091.0ip

[0] Archive type: ZIP

--> Matrix.class

[DETECTION] Contains recognition pattern of the JAVA/Beyond.D3 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.1 Java script virus

--> Dummy.class

[DETECTION] Is the TR/Forten.Java.2 Trojan

--> Parser.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.3 Java script virus

[NOTE] The file was moved to '49017e7c.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\loaderadv427.jar-15f0983b-2f165001.0ip

[0] Archive type: ZIP

--> Matrix.class

[DETECTION] Contains recognition pattern of the JAVA/Beyond.D3 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.1 Java script virus

--> Dummy.class

[DETECTION] Is the TR/Forten.Java.2 Trojan

--> Parser.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.3 Java script virus

[NOTE] The file was moved to '49017e8f.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\loaderadv470.jar-1e162797-52401af2.0ip

[0] Archive type: ZIP

--> Matrix.class

[DETECTION] Contains recognition pattern of the JAVA/Beyond.D3 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.1 Java script virus

--> Dummy.class

[DETECTION] Is the TR/Forten.Java.2 Trojan

--> Parser.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.3 Java script virus

[NOTE] The file was moved to '49017e94.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\loaderadv557.jar-4ff55de2-20f06ca4.0ip

[0] Archive type: ZIP

--> Matrix.class

[DETECTION] Contains recognition pattern of the JAVA/Beyond.D3 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.1 Java script virus

--> Dummy.class

[DETECTION] Is the TR/Forten.Java.2 Trojan

--> Parser.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.3 Java script virus

[NOTE] The file was moved to '49017e99.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\loaderadv557.jar-4ff55de2-2b35ea0c.0ip

[0] Archive type: ZIP

--> Matrix.class

[DETECTION] Contains recognition pattern of the JAVA/Beyond.D3 Java virus

--> Counter.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.1 Java script virus

--> Dummy.class

[DETECTION] Is the TR/Forten.Java.2 Trojan

--> Parser.class

[DETECTION] Contains recognition pattern of the JS/OpenConnect.J.3 Java script virus

[NOTE] The file was moved to '49017e9c.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ms-counter.jar-713f0c9a-2a525383.0ip

[0] Archive type: ZIP

--> BaaaaBaa.class

[DETECTION] Is the TR/Java.Downloader.Gen Trojan

--> VaaaaaaaBaa.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.FA Java virus

--> Dvnny.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.2 Java virus

--> Baaaaa.class

[DETECTION] Contains recognition pattern of the JAVA/Exploit.By.A.1 Java virus

--> Dex.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GC Java virus

--> Dix.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GD Java virus

--> Dux.class

[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.GE Java virus

[NOTE] The file was moved to '48cd7ea2.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ms0311.jar-10d27a78-3f3492df.0ip

[0] Archive type: ZIP

--> MagicApplet.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytver.5.B exploit

--> OwnClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify exploit

--> ProxyClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytver.5.A exploit

--> Installer.class

[DETECTION] Is the TR/Dldr.Java.OpenConnection.AO Trojan

[NOTE] The file was moved to '48d07ea5.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ms0311.jar-24ad084f-20e40ac8.0ip

[0] Archive type: ZIP

--> TakePrivileges.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.2 exploit

--> SuperMSClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/ByteVeri-V exploit

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.2 exploit

--> Installer.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.1 exploit

[NOTE] The file was moved to '48d07ea7.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ms0311.jar-24ad084f-2d9d297a.0ip

[0] Archive type: ZIP

--> TakePrivileges.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.2 exploit

--> SuperMSClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/ByteVeri-V exploit

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.2 exploit

--> Installer.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.1 exploit

[NOTE] The file was moved to '48d07ea8.qua'!

C:\Documents and Settings\Sebastien\.jpi_cache\jar\1.0\ms0311.jar-24ad084f-7bd9ca98.0ip

[0] Archive type: ZIP

--> TakePrivileges.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.2 exploit

--> SuperMSClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/ByteVeri-V exploit

--> NewURLClassLoader.class

[DETECTION] Contains recognition pattern of the EXP/Java.Bytverif.2 exploit

--> Installer.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.S.1 exploit

[NOTE] The file was moved to '48d07eaa.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\sfsrv.exe

[0] Archive type: RAR SFX (self extracting)

--> 1.exe

[DETECTION] Contains recognition pattern of the PHISH/FraudTool.Agent.AW phishing file/email

--> 2.exe

[DETECTION] Is the TR/Dldr.FraudLoad.vaxp Trojan

--> 3.exe

[DETECTION] Is the TR/Agent.yid Trojan

--> 4.exe

[DETECTION] Is the TR/Agent.yie Trojan

[DETECTION] Contains recognition pattern of the DR/FraudTool.WinAntiVirus.AT dropper

--> 7.exe

[DETECTION] Is the TR/Dldr.Agen.106496 Trojan

[NOTE] The file was moved to '49137f4a.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\NI.UWA6PV_0001_N76M1904\setup.exe

[DETECTION] Is the TR/Fakealert.EB.1 Trojan

[NOTE] The file was moved to '49147f82.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Répertoire temporaire 2 pour mako.zip\mako.exe

[0] Archive type: RAR SFX (self extracting)

--> mako\MOTV95T.EXE

[DETECTION] Is the TR/FlashKiller.C Trojan

--> mako\TS_MAKO.EXE

[DETECTION] Is the TR/FlashKiller.C Trojan

[NOTE] The file was moved to '490b7f89.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\2LITKX4R\123[1].htm

[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus

[NOTE] The file was moved to '48d37fca.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\2LITKX4R\3objectf[1].htm

[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus

[NOTE] The file was moved to '4902800a.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\2LITKX4R\index[5].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49048016.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\2LITKX4R\p[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '48d18009.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\2LITKX4R\su[2].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '48fb8028.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\abc[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '4903801f.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\credit[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49058033.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\dkporn.sexpornhost[1].htm

[DETECTION] Contains recognition pattern of the HTML/Click.Agent.J HTML script virus

[NOTE] The file was moved to '4910802f.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\formpost[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49128035.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\formpost[2].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49128037.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\lloll[1].htm

[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus

[NOTE] The file was moved to '490f8039.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\porta1[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '4912803f.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\ptp_topbanner[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49108047.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\p[2].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '48d2802f.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\AG5LJN7V\su[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '48fb804c.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\3____ANI2[1].0TM

[DETECTION] Contains recognition pattern of the HTML/Shellcode.Gen HTML script virus

[NOTE] The file was moved to '48ff851a.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\ied[1].txt

[0] Archive type: CAB (Microsoft)

--> ied.exe

[DETECTION] Is the TR/Dldr.Mediket.DT.4 Trojan

[NOTE] The file was moved to '49048528.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\Mature[1].htm

[DETECTION] Contains recognition pattern of the HTML/Click.Agent.J HTML script virus

[NOTE] The file was moved to '49148528.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\orgreplica2[1].zip

[DETECTION] Contains recognition pattern of the EXP/Ani.Gen exploit

[NOTE] The file was moved to '4907853c.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\ptp_topbanner[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '4910854c.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\MBWXQLG3\ptp_topbanner[2].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '49108551.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\3object[1].htm

[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus

[NOTE] The file was moved to '490285b8.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\ampi[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '491085b9.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\index[14].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '490485c1.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\porta1[2].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '491285c8.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\portal[3].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '491285ca.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\p[3].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '48d385b8.qua'!

C:\Documents and Settings\Sebastien\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZOXT7W0K\result[1].htm

[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus

[NOTE] The file was moved to '491385c4.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\contact-internet.exe

[DETECTION] Contains recognition pattern of the DIAL/302366 dialer

[NOTE] The file was moved to '490e87a7.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\CYBER.0MF

[DETECTION] Contains recognition pattern of the EXP/IMG-WMF.BK exploit

[NOTE] The file was moved to '48e28793.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\images2007.0ip

[0] Archive type: ZIP

--> webcam-photos.scr

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '490187ab.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\immoralstudy.0ip

[0] Archive type: ZIP

--> Immoral Study #2.exe

[DETECTION] Is the TR/Drop.Small.O.7 Trojan

[NOTE] The file was moved to '490d87ae.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\mediatubecodec_ver1.1294.0.exe

[DETECTION] Is the TR/Dldr.Zlob.vaa Trojan

[NOTE] The file was moved to '490487ab.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\setup.0xe

[DETECTION] Is the TR/Zlob.CA.14 Trojan

[NOTE] The file was moved to '491487b7.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\tstrip.zip

[0] Archive type: ZIP

--> anime games/tstrip/MOTV95T.EXE

[DETECTION] Is the TR/FlashKiller.C Trojan

--> anime games/tstrip/TS_MAKO.EXE

[DETECTION] Is the TR/FlashKiller.C Trojan

[NOTE] The file was moved to '491487ca.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\video_claramorgane_1.exe

[DETECTION] Contains recognition pattern of the DIAL/302366 dialer

[NOTE] The file was moved to '490487c4.qua'!

C:\Documents and Settings\Sebastien\Mes documents\hilaire.estelle\xpantivirus2008_v77034802.0xe

[DETECTION] Is the TR/Crypt.CFI.Gen Trojan

[NOTE] The file was moved to '490187da.qua'!

C:\Documents and Settings\Sebastien\Mes documents\Mes fichiers reçus\photos-webcam96.0ip

[0] Archive type: ZIP

--> photos-webcam96.scr

[DETECTION] Is the TR/SecSuite.115712 Trojan

[NOTE] The file was moved to '490f87df.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\fatalrelations.zip

[0] Archive type: ZIP

--> fatalrelations/fatalrelation/RELATION.VIR

[DETECTION] Contains code of the W95/CIH.A Windows virus

[NOTE] The file was moved to '49148831.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\MOVIE.0XE

[DETECTION] Is the TR/Dldr.Zlob.aat Trojan

[NOTE] The file was moved to '48f68826.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\setup.0xe

[DETECTION] Is the TR/Zlob.CA.14 Trojan

[NOTE] The file was moved to '49148846.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\fatalrelations\fatalrelations\fatalrelation\RELATION.VIR

[DETECTION] Contains code of the W95/CIH.A Windows virus

[NOTE] The file was moved to '48ec889a.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\game\Wrestle98.EXE

[DETECTION] Contains recognition pattern of the W95/CIH Windows virus

[NOTE] The file was moved to '490588cc.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\game9\anime games\tstrip\MOTV95T.EXE

[DETECTION] Contains recognition pattern of the W95/CIH Windows virus

[NOTE] The file was moved to '48f48907.qua'!

C:\Documents and Settings\Sebastien\Mes documents\v\game9\anime games\tstrip\TS_MAKO.EXE

[DETECTION] Contains recognition pattern of the W95/CIH Windows virus

[NOTE] The file was moved to '48ff890d.qua'!

C:\Program Files\smitfraudfix.exe

[DETECTION] Contains recognition pattern of the DR/Tool.Reboot.F.93 dropper

[NOTE] The file was moved to '49098a1f.qua'!

C:\Program Files\arggggg\WinAV.exe

[DETECTION] Is the TR/Dldr.FakeAV.A.5 Trojan

[NOTE] The file was moved to '490e8a42.qua'!

C:\Program Files\DiallerProgram\Hentai_Games.exe

[DETECTION] Contains recognition pattern of the DIAL/300125 dialer

[NOTE] The file was moved to '490e8abd.qua'!

C:\Program Files\Foster\TS_Mako\TS_MAKO.EXE

[DETECTION] Contains recognition pattern of the W95/CIH Windows virus

[NOTE] The file was moved to '48ff8bd7.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP357\A0316228.dll

[DETECTION] Is the TR/Dldr.Zlob.njq.1 Trojan

[NOTE] The file was moved to '48d394a9.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP357\A0316229.exe

[DETECTION] Is the TR/Dldr.Zlob.njq Trojan

[NOTE] The file was moved to '48d394ad.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP357\A0316251.dll

[DETECTION] Is the TR/Dldr.Zlob.njq.1 Trojan

[NOTE] The file was moved to '48d394b0.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP357\A0316252.exe

[DETECTION] Is the TR/Dldr.Zlob.njq Trojan

[NOTE] The file was moved to '48d394b4.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP364\A0319866.exe

[DETECTION] Contains recognition pattern of the PHISH/FraudTool.XPAntivirus.HM phishing file/email

[NOTE] The file was moved to '48d394d0.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP364\A0319867.exe

[DETECTION] Contains recognition pattern of the DIAL/80777.A dialer

[NOTE] The file was moved to '48d394d2.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP364\A0319869.exe

[DETECTION] Contains recognition pattern of the DIAL/80797.A dialer

[NOTE] The file was moved to '48d394d3.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP413\A0379571.exe

[DETECTION] Is the TR/Agent.yid Trojan

[NOTE] The file was moved to '48d3982f.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP413\A0379572.exe

[DETECTION] Is the TR/Agent.yie Trojan

[NOTE] The file was moved to '48d39832.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP413\A0379573.exe

[DETECTION] Is the TR/Dldr.Agen.106496 Trojan

[NOTE] The file was moved to '48d39834.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP413\A0379579.exe

[DETECTION] Is the TR/FakeAV.AD.6 Trojan

[NOTE] The file was moved to '48d39838.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0379768.exe

[DETECTION] Contains recognition pattern of the WORM/Small.I.2 worm

[NOTE] The file was moved to '48d39841.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0380778.exe

[DETECTION] Contains recognition pattern of the DR/Dap.C.2 dropper

[NOTE] The file was moved to '48d39843.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0380780.exe

[DETECTION] Contains recognition pattern of the DR/Tool.Reboot.F.93 dropper

[NOTE] The file was moved to '48d39899.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0380781.exe

[DETECTION] Is the TR/Dldr.FakeAV.A.5 Trojan

[NOTE] The file was moved to '48d3989b.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0380782.exe

[DETECTION] Contains recognition pattern of the DIAL/300125 dialer

[NOTE] The file was moved to '48d3989d.qua'!

C:\System Volume Information\_restore{7446FD8D-7EA4-4713-9C22-74BB9FC344DB}\RP414\A0380783.EXE

[DETECTION] Contains recognition pattern of the W95/CIH Windows virus

[NOTE] The file was moved to '48d398a0.qua'!

C:\WINDOWS\system32\YESGNHR.0LL

[DETECTION] Is the TR/Click.Agent.JW.1 Trojan

[NOTE] The file was moved to '48f39ba0.qua'!

C:\WINDOWS\Temp\MT\contact-internet.exe

[DETECTION] Contains recognition pattern of the DIAL/80777.A dialer

[NOTE] The file was moved to '490e9c61.qua'!

C:\WINDOWS\Temp\MT\video_claramorgane_1.exe

[DETECTION] Contains recognition pattern of the DIAL/80797.A dialer

[NOTE] The file was moved to '49049c5f.qua'!

 

 

End of the scan: lundi 11 août 2008 22:07

Used time: 2:17:13 Hour(s)

 

The scan has been done completely.

 

6831 Scanning directories

275853 Files were scanned

236 viruses and/or unwanted programs were found

28 Files were classified as suspicious:

0 files were deleted

0 files were repaired

125 files were moved to quarantine

0 files were renamed

2 Files cannot be scanned

275587 Files not concerned

2504 Archives were scanned

6 Warnings

125 Notes

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Search for rootkits..............: off
Il faudra veiller à mettre ce paramètre sur ON. (Très important).

 

Poste un nouveau log Hijackthis stp.

 

 

@+

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Comme je ne serai pas là avant l'après-midi, je vais te donner la suite à faire en attendant.

Lis bien le post précédent car c'est important.

 

1) Vide les quarantaines de MBAM et d'Antivir sans RIEN rétablir.

 

2) Télécharger ATF Cleaner par Atribune.

  • Installe-le sur le bureau. (A conserver car très utile après chaque séance de surf)
     
    Double-clique ATF-Cleaner.exe afin de lancer le programme.
    Sous l'onglet Main, choisis : Select All
    Cliquer sur le bouton Empty Selected

Si tu utilises le navigateur Firefox :

  • Clique Firefox au haut et choisis : Select All
    Cliquer le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Si tu utilises le navigateur Opera :

  • Clique Opera au haut et choisis : Select All
    Cliquer le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, cliquer No à l'invite.

Clique Exit, du menu principal, afin de fermer le programme.

Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.

 

3) Vérifier la mise à jour des bases antivirales d'Antivir.

 

4) Redémarrer en mode sans échec:

 

Pour faire des analyses en mode sans echec faire comme suit:

 

Au démarrage ou redémarrage du pc tapoter la touche F8 jusqu'à avoir un écran noir et blanc avec plusieurs options.

 

A l'aide des flèches de direction du clavier, choisir:mode sans echec et presser la touche ENTER.

 

5) Lancer l'analyse complète avec Antivir. Prendre le rapport.

Cela risque de durer pas mal de temps...mais c'est important de le faire.

 

6) Redémarrer, poster le rapport.

 

@++

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...