Probleme avec virus Privacy Center
Fermé
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
-
4 juin 2009 à 01:54
LNA2009 Messages postés 15 Date d'inscription jeudi 4 juin 2009 Statut Membre Dernière intervention 11 juin 2009 - 11 juin 2009 à 17:49
LNA2009 Messages postés 15 Date d'inscription jeudi 4 juin 2009 Statut Membre Dernière intervention 11 juin 2009 - 11 juin 2009 à 17:49
A voir également:
- Probleme avec virus Privacy Center
- Control center 4 - Télécharger - Divers Utilitaires
- Copytrans control center - Télécharger - Divers Utilitaires
- Catalyst control center - Télécharger - Pilotes & Matériel
- Family center - Guide
- Youtu.be virus - Accueil - Guide virus
22 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
4 juin 2009 à 02:17
4 juin 2009 à 02:17
--> Télécharge Dr.Web CureIt! sur ton Bureau.
--> Double-clique sur drweb-cureit.exe et clique sur Commencer le scan.
--> Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, clique sur le bouton Oui pour Tout à l'invite.
--> Lorsque le scan rapide est terminé, clique sur Options > Changer la configuration.
--> Choisis l'onglet Scanner, et décoche Analyse heuristique.
--> De retour à la fenêtre principale : choisis Analyse complète.
--> Clique la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, ferme-la.
--> Clique Oui pour Tout si un fichier est détecté.
--> A la fin du scan, si des infections sont trouvées, clique sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, clique sur Quarantaine.
--> Au menu principal de l'outil, en haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport.
--> Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv.
--> Ferme Dr.Web CureIt!
--> Redémarre ton ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
--> Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.
NB : Dr.Web en version gratuite est un scanner à la demande et n'entre pas en conflit avec ton antivirus résident.
--> Double-clique sur drweb-cureit.exe et clique sur Commencer le scan.
--> Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, clique sur le bouton Oui pour Tout à l'invite.
--> Lorsque le scan rapide est terminé, clique sur Options > Changer la configuration.
--> Choisis l'onglet Scanner, et décoche Analyse heuristique.
--> De retour à la fenêtre principale : choisis Analyse complète.
--> Clique la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, ferme-la.
--> Clique Oui pour Tout si un fichier est détecté.
--> A la fin du scan, si des infections sont trouvées, clique sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, clique sur Quarantaine.
--> Au menu principal de l'outil, en haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport.
--> Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv.
--> Ferme Dr.Web CureIt!
--> Redémarre ton ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
--> Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.
NB : Dr.Web en version gratuite est un scanner à la demande et n'entre pas en conflit avec ton antivirus résident.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
4 juin 2009 à 02:08
4 juin 2009 à 02:08
Bonjour,
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
4 juin 2009 à 02:15
4 juin 2009 à 02:15
desole ca ne marche pas, ca dit, l'installation a échoué. J'ai essayé plusieurs fois sans succes. Je n'ai pas pu desactiver le pare feu car par administrateur seulement l,anti virus a ete desactive. Merci
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
5 juin 2009 à 01:08
5 juin 2009 à 01:08
Bonjour Destrio5
Voici le résultat du scan effectué hier. Merci
mwssrcas.dll c:\program files\mywebsearch\srchastt\1.bin Adware.Websearch.13 Impossible de supprimer.
M3SRCHMN.EXE C:\Program Files\MyWebSearch\bar\1.bin Adware.Websearch.6
MWSSRCAS.DLL C:\Program Files\MyWebSearch\SrchAstt\1.bin Adware.Websearch.13
pc.exe C:\Program Files\PCenter Trojan.Fakealert.4403 - erreur d'écriture - erreur d'écriture - erreur d'écriture
riched20.dll C:\Program Files\Windows Live\Messenger Adware.MyWebSearch.8
Voici le résultat du scan effectué hier. Merci
mwssrcas.dll c:\program files\mywebsearch\srchastt\1.bin Adware.Websearch.13 Impossible de supprimer.
M3SRCHMN.EXE C:\Program Files\MyWebSearch\bar\1.bin Adware.Websearch.6
MWSSRCAS.DLL C:\Program Files\MyWebSearch\SrchAstt\1.bin Adware.Websearch.13
pc.exe C:\Program Files\PCenter Trojan.Fakealert.4403 - erreur d'écriture - erreur d'écriture - erreur d'écriture
riched20.dll C:\Program Files\Windows Live\Messenger Adware.MyWebSearch.8
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
5 juin 2009 à 01:09
5 juin 2009 à 01:09
---> Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
---> Télécharge OTM (OldTimer) sur ton Bureau.
---> Double-clique sur OTM.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Program Files\MyWebSearch
C:\Program Files\PCenter
:commands
[purity]
[emptytemp]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Télécharge OTM (OldTimer) sur ton Bureau.
---> Double-clique sur OTM.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Program Files\MyWebSearch
C:\Program Files\PCenter
:commands
[purity]
[emptytemp]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
5 juin 2009 à 01:23
5 juin 2009 à 01:23
ok merci voici le rapport....
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
Folder move failed. C:\Program Files\MyWebSearch\SrchAstt\1.bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\SrchAstt scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Settings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Notifier scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Message\COMMON scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Message scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\History scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Game scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Cache scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\1.bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools\sp scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools\sc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\sounds scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\faq\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\faq scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Nathalie\LOCALS~1\Temp\~DF4A94.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\ZMK4WCU5\affich-12727533-probleme-avec-virus-privacy-center[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\MKELPPR5\default[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\CDABWHQB\ToastFull[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\CDABWHQB\ToastMini[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\6JC5Q9GV\im[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\6JC5Q9GV\InboxLight[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\3HB68HSR\OTM[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTM by OldTimer - Version 2.1.0.0 log created on 06042009_191435
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
Folder move failed. C:\Program Files\MyWebSearch\SrchAstt\1.bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\SrchAstt scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Settings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Notifier scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Message\COMMON scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Message scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\History scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Game scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\Cache scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar\1.bin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch\bar scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MyWebSearch scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools\sp scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools\sc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\sounds scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\faq\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter\faq scheduled to be moved on reboot.
Folder move failed. C:\Program Files\PCenter scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Nathalie\LOCALS~1\Temp\~DF4A94.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\ZMK4WCU5\affich-12727533-probleme-avec-virus-privacy-center[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\MKELPPR5\default[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\CDABWHQB\ToastFull[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\CDABWHQB\ToastMini[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\6JC5Q9GV\im[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\6JC5Q9GV\InboxLight[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\3HB68HSR\OTM[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nathalie\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTM by OldTimer - Version 2.1.0.0 log created on 06042009_191435
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
5 juin 2009 à 01:24
5 juin 2009 à 01:24
Tu as redémarré ?
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
5 juin 2009 à 01:26
5 juin 2009 à 01:26
oui oui
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
5 juin 2009 à 01:31
5 juin 2009 à 01:31
Il faudrait que tu refasses la manip' avec OTM en mode sans échec.
---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ta session.
---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ta session.
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
5 juin 2009 à 01:50
5 juin 2009 à 01:50
j'ai essaye plusieurs fois mais je ne peux pas choisir le mode sans echec c comme si c'etait gele, les touches des fleches ne font pas bouiger le curseur... je vais reesayer OMT une nouvelle fois et poster a nouveau le rapport.
impossible OMT ne s'execute pas. Le bloc notes s'ouvre c tout et Internet Explorer est maintenant de plus en plus lent et gele tout le temps. Y a t-il une autre manipu que je puisse faire?
merci beaucoup
impossible OMT ne s'execute pas. Le bloc notes s'ouvre c tout et Internet Explorer est maintenant de plus en plus lent et gele tout le temps. Y a t-il une autre manipu que je puisse faire?
merci beaucoup
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
6 juin 2009 à 16:01
6 juin 2009 à 16:01
Utilise OTMoveIt3 à la placé d'OTM :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
http://oldtimer.geekstogo.com/OTMoveIt3.exe
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
6 juin 2009 à 16:50
6 juin 2009 à 16:50
merci Destrio!
J'ai pu entrer dans ma session, voici le rapport d'OTM
========== PROCESSES ==========
Unable to kill process: explorer.exe
========== FILES ==========
C:\Program Files\MyWebSearch\SrchAstt\1.bin moved successfully.
C:\Program Files\MyWebSearch\SrchAstt moved successfully.
C:\Program Files\MyWebSearch\bar\Settings moved successfully.
C:\Program Files\MyWebSearch\bar\Notifier moved successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON moved successfully.
C:\Program Files\MyWebSearch\bar\Message moved successfully.
C:\Program Files\MyWebSearch\bar\icons moved successfully.
C:\Program Files\MyWebSearch\bar\History moved successfully.
C:\Program Files\MyWebSearch\bar\Game moved successfully.
C:\Program Files\MyWebSearch\bar\Cache moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin moved successfully.
C:\Program Files\MyWebSearch\bar moved successfully.
C:\Program Files\MyWebSearch moved successfully.
C:\Program Files\PCenter\tools\sp moved successfully.
C:\Program Files\PCenter\tools\sc moved successfully.
C:\Program Files\PCenter\tools moved successfully.
C:\Program Files\PCenter\sounds moved successfully.
C:\Program Files\PCenter\faq\images moved successfully.
C:\Program Files\PCenter\faq moved successfully.
C:\Program Files\PCenter moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\affich-12727533-probleme-avec-virus-privacy-center[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\OTMoveIt3[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_600.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 06062009_104258
Files moved on Reboot...
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\affich-12727533-probleme-avec-virus-privacy-center[1].htm moved successfully.
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\OTMoveIt3[1].exe moved successfully.
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_600.dat not found!
J'ai pu entrer dans ma session, voici le rapport d'OTM
========== PROCESSES ==========
Unable to kill process: explorer.exe
========== FILES ==========
C:\Program Files\MyWebSearch\SrchAstt\1.bin moved successfully.
C:\Program Files\MyWebSearch\SrchAstt moved successfully.
C:\Program Files\MyWebSearch\bar\Settings moved successfully.
C:\Program Files\MyWebSearch\bar\Notifier moved successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON moved successfully.
C:\Program Files\MyWebSearch\bar\Message moved successfully.
C:\Program Files\MyWebSearch\bar\icons moved successfully.
C:\Program Files\MyWebSearch\bar\History moved successfully.
C:\Program Files\MyWebSearch\bar\Game moved successfully.
C:\Program Files\MyWebSearch\bar\Cache moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin moved successfully.
C:\Program Files\MyWebSearch\bar moved successfully.
C:\Program Files\MyWebSearch moved successfully.
C:\Program Files\PCenter\tools\sp moved successfully.
C:\Program Files\PCenter\tools\sc moved successfully.
C:\Program Files\PCenter\tools moved successfully.
C:\Program Files\PCenter\sounds moved successfully.
C:\Program Files\PCenter\faq\images moved successfully.
C:\Program Files\PCenter\faq moved successfully.
C:\Program Files\PCenter moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\affich-12727533-probleme-avec-virus-privacy-center[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\OTMoveIt3[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_600.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 06062009_104258
Files moved on Reboot...
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\affich-12727533-probleme-avec-virus-privacy-center[1].htm moved successfully.
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\01KFMP6J\OTMoveIt3[1].exe moved successfully.
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_600.dat not found!
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
6 juin 2009 à 19:05
6 juin 2009 à 19:05
● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-clean-(date).log).
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-clean-(date).log).
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
9 juin 2009 à 01:37
9 juin 2009 à 01:37
Merci, voici le rapport...
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_F | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 07/06/2009 à 13:00 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:18:17, 2009-06-08 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: PC-HCRUZ | Utilisateur actuel: Helena Cruz
.
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: "MyWebSearchService"
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
HKCU\Software\FunWebProducts
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\MyWebSearch
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\Software\FocusInteractive
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\Software\MyWebSearch
HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\ControlSet003\Services\MyWebSearchService
HKU\S-1-5-21-790525478-1482476501-1801674531-1003\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
.
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts\Data
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts\Data\Helena Cruz
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts
C:\Program Files\Windows Live\Messenger\riched20.dll
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 3.0.10 *
Nom du profil: zojt95nn.default (Helena Cruz)
.
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.
.
* Internet Explorer Version 7.0.5730.13 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://search.live.com
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
============== Suspect (Cracks, Serials ... ) ==============
.
+---------------------------------------------------------------------------+
5705 Octet(s) - C:\Ad-Report-CLEAN.log
17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
1 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
Fin à: 19:34:50 | 2009-06-08
.
============== E.O.F ==============
.
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_F | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 07/06/2009 à 13:00 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:18:17, 2009-06-08 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: PC-HCRUZ | Utilisateur actuel: Helena Cruz
.
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: "MyWebSearchService"
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
HKCU\Software\FunWebProducts
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\MyWebSearch
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\Software\FocusInteractive
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\Software\MyWebSearch
HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\ControlSet003\Services\MyWebSearchService
HKU\S-1-5-21-790525478-1482476501-1801674531-1003\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
.
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts\Data
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts\Data\Helena Cruz
C:\DOCUME~1\HELENA~1\APPLIC~1\FunWebProducts
C:\Program Files\Windows Live\Messenger\riched20.dll
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 3.0.10 *
Nom du profil: zojt95nn.default (Helena Cruz)
.
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.
.
* Internet Explorer Version 7.0.5730.13 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://search.live.com
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
============== Suspect (Cracks, Serials ... ) ==============
.
+---------------------------------------------------------------------------+
5705 Octet(s) - C:\Ad-Report-CLEAN.log
17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
1 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
Fin à: 19:34:50 | 2009-06-08
.
============== E.O.F ==============
.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
9 juin 2009 à 12:50
9 juin 2009 à 12:50
--> Désinstalle Ad-Remover.
--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
--> Clique sur Continue à l'écran Disclaimer.
--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
--> Clique sur Continue à l'écran Disclaimer.
--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
9 juin 2009 à 16:01
9 juin 2009 à 16:01
ok je vais le faire mais mon ordi maintenant fonctionne bien comme avant et le virus Privacy Center n,est plus la. A quoi servent toutes ces manip? merci
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
9 juin 2009 à 16:07
9 juin 2009 à 16:07
A voir s'il n'y a pas autre chose.
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
9 juin 2009 à 16:09
9 juin 2009 à 16:09
ok voici le rapport....
Logfile of random's system information tool 1.06 (written by random/random)
Run by Helena Cruz at 2009-06-09 10:00:44
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (13%) free of 78 GB
Total RAM: 1215 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:57, on 2009-06-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Updater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\5OZRG9WY\RSIT[1].exe
C:\Program Files\trend micro\Helena Cruz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85C1DD6E-1181-41F2-9AB2-79D5F46F491B} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D2A8552D-4340-413E-B94E-245827FBC269} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: TruePass EPF 7,0,100,730 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: TruePass EPF 7,0,100,739 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by123fd.bay123.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://pix.futureshop.ca/fr/ImageUploader4.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - https://www.shutterfly.com/kodakgallery/index.jsp?PID=KDKG&CID=KDKGLANDPG3&O_URL=downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-619b2cc522fca36b.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - http://by115fd.bay115.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Helena Cruz at 2009-06-09 10:00:44
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (13%) free of 78 GB
Total RAM: 1215 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:57, on 2009-06-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Updater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Helena Cruz\Local Settings\Temporary Internet Files\Content.IE5\5OZRG9WY\RSIT[1].exe
C:\Program Files\trend micro\Helena Cruz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85C1DD6E-1181-41F2-9AB2-79D5F46F491B} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D2A8552D-4340-413E-B94E-245827FBC269} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: TruePass EPF 7,0,100,730 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: TruePass EPF 7,0,100,739 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by123fd.bay123.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://pix.futureshop.ca/fr/ImageUploader4.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - https://www.shutterfly.com/kodakgallery/index.jsp?PID=KDKG&CID=KDKGLANDPG3&O_URL=downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-619b2cc522fca36b.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - http://by115fd.bay115.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
9 juin 2009 à 16:12
9 juin 2009 à 16:12
1/
---> Lance ce fichier : C:\Program Files\trend micro\Helena Cruz.exe
---> Choisis Do a system scan only.
---> Coche les cases qui sont devant les lignes suivantes :
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {D2A8552D-4340-413E-B94E-245827FBC269} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKCU\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
---> Ferme HijackThis.
2/
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
---> Lance ce fichier : C:\Program Files\trend micro\Helena Cruz.exe
---> Choisis Do a system scan only.
---> Coche les cases qui sont devant les lignes suivantes :
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {D2A8552D-4340-413E-B94E-245827FBC269} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKCU\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
---> Ferme HijackThis.
2/
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
LNA2009
Messages postés
15
Date d'inscription
jeudi 4 juin 2009
Statut
Membre
Dernière intervention
11 juin 2009
9 juin 2009 à 16:33
9 juin 2009 à 16:33
Merci Destrio, voici le rapport
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2253
Windows 5.1.2600 Service Pack 2
2009-06-09 10:33:13
mbam-log-2009-06-09 (10-33-13).txt
Type de recherche: Examen rapide
Eléments examinés: 98615
Temps écoulé: 11 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 34
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 17
Fichier(s) infecté(s): 168
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{74d46bba-5638-473a-83b6-97e7804a7411} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ausctv32a.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.Search) -> Bad: (http://www.iesearch.com/) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\Program Files\PCenter\pc.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\documents and settings\Helena Cruz\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\Helena Cruz\Application Data\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp (Rogue.PCenter) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Helena Cruz\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data\dump.dmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\cg.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\mw.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\rd.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sc.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sm.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sp.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\cg.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\rd.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\sc.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\sp.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp\settings.ini (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp\spfilter (Rogue.PCenter) -> Quarantined and deleted successfully.
C:\xmp.bat (Trojan.Downloader) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2253
Windows 5.1.2600 Service Pack 2
2009-06-09 10:33:13
mbam-log-2009-06-09 (10-33-13).txt
Type de recherche: Examen rapide
Eléments examinés: 98615
Temps écoulé: 11 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 34
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 17
Fichier(s) infecté(s): 168
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{74d46bba-5638-473a-83b6-97e7804a7411} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2a8552d-4340-413e-b94e-245827fbc269} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ausctv32a.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.Search) -> Bad: (http://www.iesearch.com/) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\Program Files\PCenter\pc.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\documents and settings\Helena Cruz\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\Helena Cruz\Application Data\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp (Rogue.PCenter) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Helena Cruz\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data\dump.dmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\cg.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\mw.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\rd.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sc.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sm.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\dbases\sp.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\cg.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\rd.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\sc.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\keys\sp.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp\settings.ini (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\helena cruz\application data\PCenter\temp\spfilter (Rogue.PCenter) -> Quarantined and deleted successfully.
C:\xmp.bat (Trojan.Downloader) -> Quarantined and deleted successfully.
