Procédure ccm pour 3 ordinateurs en réseau
makayabou
Messages postés
14
Statut
Membre
-
chimay8 Messages postés 7947 Statut Contributeur sécurité -
chimay8 Messages postés 7947 Statut Contributeur sécurité -
Bonjour,
J'aide une association à résoudre un problème d'infection par virus sur 3 ordinateurs reliés entre eux. N'étant pas là au moment de l'infection, je ne connait pas le problème exacte, mais j'ai pu déjà observer des changements dans la base de registre (barre de titre d'Internet Explorer "Hacked by Moozila")
Comme ils ont leur comptabilité et d'autres documents importants enregistrés sur les disques durs, je préfère observer la procédure complète pour les 3 ordinateurs, sans savoir lequel pourrait avoir été réélement infecté.
Voici donc le log.txt de RSIT pour le 1er ordinateur:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-06-29 14:39:55
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 43 GB (86%) free of 50 GB
Total RAM: 479 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:40:02, on 29/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Décidez-vous à installer Linux sur ces ordinateurs (adressez-vous à Bellinux!)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SiSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
J'aide une association à résoudre un problème d'infection par virus sur 3 ordinateurs reliés entre eux. N'étant pas là au moment de l'infection, je ne connait pas le problème exacte, mais j'ai pu déjà observer des changements dans la base de registre (barre de titre d'Internet Explorer "Hacked by Moozila")
Comme ils ont leur comptabilité et d'autres documents importants enregistrés sur les disques durs, je préfère observer la procédure complète pour les 3 ordinateurs, sans savoir lequel pourrait avoir été réélement infecté.
Voici donc le log.txt de RSIT pour le 1er ordinateur:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-06-29 14:39:55
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 43 GB (86%) free of 50 GB
Total RAM: 479 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:40:02, on 29/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Décidez-vous à installer Linux sur ces ordinateurs (adressez-vous à Bellinux!)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SiSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
A voir également:
- Procédure ccm pour 3 ordinateurs en réseau
- Winrar ccm - Télécharger - Compression & Décompression
- Ai suite 3 - Télécharger - Optimisation
- Le message n'a pas été envoyé car le service n'est pas activé sur le réseau - Forum Xiaomi
- Vlc ccm - Télécharger - Lecture
- Cable reseau du player freebox - Forum Freebox
14 réponses
salut : voici quelques pistes de virus possibles :
https://www.processlibrary.com/en/directory/files/mdm/22562/
https://www.processlibrary.com/en/search?q=iexplore
RSIT.exe me parait louche aussi… et lui : "Propriétaire.exe".
Aussi, je vois que ton PC est windows SP2 : c'est pas à jour. IL FAUT TOJOURS AVOIR UN PC À JOUR.
Et aussi un antivirus à jours. Fais un scan avec Avast.
https://www.processlibrary.com/en/directory/files/mdm/22562/
https://www.processlibrary.com/en/search?q=iexplore
RSIT.exe me parait louche aussi… et lui : "Propriétaire.exe".
Aussi, je vois que ton PC est windows SP2 : c'est pas à jour. IL FAUT TOJOURS AVOIR UN PC À JOUR.
Et aussi un antivirus à jours. Fais un scan avec Avast.
Bonjour,
j'ai envoyé hier ces rapports et j'aimerais savoir si les ordinateurs sont désormais clean. Pour le scan en ligne, j'ai pourtant demandé comme seconde action "Report Only", comme indiqué dans le tuto. J'imagine donc que certains virus ne sont pas éliminés sauf si tout est parti au premier passage, ce que je n'arrive pas à voir sur les logs
Merci
j'ai envoyé hier ces rapports et j'aimerais savoir si les ordinateurs sont désormais clean. Pour le scan en ligne, j'ai pourtant demandé comme seconde action "Report Only", comme indiqué dans le tuto. J'imagine donc que certains virus ne sont pas éliminés sauf si tout est parti au premier passage, ce que je n'arrive pas à voir sur les logs
Merci
salut,
infection par clé usb
faut faire ça sur les trois pc
Télécharge et installe ==>UsbFix<== de "C,C,C"
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir
# Double-clique sur le raccourci UsbFix présent sur ton bureau .
# Choisis l'option 1 ( Recherche )
# Laisse travailler l'outil...
# Ensuite,poste le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est,en outre,sauvegardé à la racine du disque. ( C:\UsbFix.txt )
infection par clé usb
faut faire ça sur les trois pc
Télécharge et installe ==>UsbFix<== de "C,C,C"
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir
# Double-clique sur le raccourci UsbFix présent sur ton bureau .
# Choisis l'option 1 ( Recherche )
# Laisse travailler l'outil...
# Ensuite,poste le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est,en outre,sauvegardé à la racine du disque. ( C:\UsbFix.txt )
Cela ne m'étonne pas qu'il sagisse d'une infection par clé USB. Le problème est que je n'ai aucun moyen de faire la procédure demandée puisque la clé USB infectée a depuis été formatée. Je poste donc le log.txt de RSIT pour le deuxième ordinateur:
Logfile of random's system information tool 1.06 (written by random/random)
Run by RELAIS FEMMES at 2009-06-29 14:50:59
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 49 GB (85%) free of 57 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:51:04, on 29/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RELAIS FEMMES\Bureau\RSIT.exe
C:\Program Files\trend micro\RELAIS FEMMES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastchaos.in.th/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by MOOzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm351YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by RELAIS FEMMES at 2009-06-29 14:50:59
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 49 GB (85%) free of 57 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:51:04, on 29/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RELAIS FEMMES\Bureau\RSIT.exe
C:\Program Files\trend micro\RELAIS FEMMES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastchaos.in.th/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by MOOzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm351YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le log.txt du 3eme ordi:
Logfile of random's system information tool 1.06 (written by random/random)
Run by relais femme at 2007-05-02 00:02:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 64 GB (84%) free of 76 GB
Total RAM: 1919 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:38, on 02/05/2007
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\relais femme\Bureau\RSIT.exe
C:\Program Files\trend micro\relais femme.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1c9c2b8aeb08106) (gupdate1c9c2b8aeb08106) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by relais femme at 2007-05-02 00:02:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 64 GB (84%) free of 76 GB
Total RAM: 1919 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:38, on 02/05/2007
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\relais femme\Bureau\RSIT.exe
C:\Program Files\trend micro\relais femme.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1c9c2b8aeb08106) (gupdate1c9c2b8aeb08106) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
pas important pour la clé...
l'infection est aussi dans le pc!ainsi que dans le second
+infection par my web search
faus passer toolbar S&D
l'infection est aussi dans le pc!ainsi que dans le second
+infection par my web search
faus passer toolbar S&D
heu!
RSIT.exe me parait louche aussi… et lui : "Propriétaire.exe".
tu sais pas lire les log,avant de raconter des inepties renseigne toi un peu plus!!
RSIT.exe me parait louche aussi… et lui : "Propriétaire.exe".
tu sais pas lire les log,avant de raconter des inepties renseigne toi un peu plus!!
Voici le rapport de l'antimalware pour le premier ordi:
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 2
29/06/2009 15:55:04
mbam-log-2009-06-29 (15-55-04).txt
Type de recherche: Examen rapide
Eléments examinés: 79534
Temps écoulé: 4 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 2
29/06/2009 15:55:04
mbam-log-2009-06-29 (15-55-04).txt
Type de recherche: Examen rapide
Eléments examinés: 79534
Temps écoulé: 4 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Voici le rapport de l'antimalware pour le 3eme ordi:
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 3
02/05/2007 01:01:19
mbam-log-2007-05-02 (01-01-19).txt
Type de recherche: Examen rapide
Eléments examinés: 83198
Temps écoulé: 3 minute(s), 4 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 3
02/05/2007 01:01:19
mbam-log-2007-05-02 (01-01-19).txt
Type de recherche: Examen rapide
Eléments examinés: 83198
Temps écoulé: 3 minute(s), 4 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Et voici enfin le rapport de l'antimalware pour le 2eme ordi, qui vient un peu plus tard car il avait besoin de rebooter pour éliminer certains fichiers:
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 3
29/06/2009 15:57:29
mbam-log-2009-06-29 (15-57-29).txt
Type de recherche: Examen rapide
Eléments examinés: 80809
Temps écoulé: 2 minute(s), 9 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 149
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 81
Processus mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\RELAIS FEMMES\Application Data\FunWebProducts (Adware.MyWay) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data (Adware.MyWay) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data\RELAIS FEMMES (Adware.MyWay) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B1E8E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B2F57 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B42B0 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B67CC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B6991.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B774D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B8632.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B93CE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data\relais femmes\avatar.dat (Adware.MyWay) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2350
Windows 5.1.2600 Service Pack 3
29/06/2009 15:57:29
mbam-log-2009-06-29 (15-57-29).txt
Type de recherche: Examen rapide
Eléments examinés: 80809
Temps écoulé: 2 minute(s), 9 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 149
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 81
Processus mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\RELAIS FEMMES\Application Data\FunWebProducts (Adware.MyWay) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data (Adware.MyWay) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data\RELAIS FEMMES (Adware.MyWay) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B1E8E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B2F57 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B42B0 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B67CC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B6991.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B774D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B8632.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\000B93CE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\relais femmes\application data\funwebproducts\Data\relais femmes\avatar.dat (Adware.MyWay) -> Quarantined and deleted successfully.
Voici le rapport bitdefender pour le deuxième ordi
BitDefender Online Scanner -Scan ReportBitDefender Online Scanner
Scan report generated at: Mon, Jun 29, 2009 - 16:34:40
Scan path: C:\;D:\;E:\;
Statistics
Time00:19:26
Files59067
Folders2510
Boot Sectors0
Archives567
Packed Files4485
Results
Identified Viruses 3
Infected Files 22
Suspect Files 0
Warnings0
Disinfected0
Deleted Files43
Engines Info
Virus Definitions3762485
Engine buildAVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008
17:19:14)
Scan plugins17
Archive plugins44
Unpack plugins7
E-mail plugins6
System plugins4
Scan Settings
First ActionDisinfect
Second ActionDelete
HeuristicsYes
Enable WarningsYes
Scanned Extensions*;
Exclude Extensions
Scan EmailsYes
Scan ArchivesYes
Scan PackedYes
Scan FilesYes
Scan BootYes
Scanned File Status
C:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
C:\autorun.inf=>(unicode)Disinfection failed
C:\autorun.inf=>(unicode)Deleted
C:\autorun.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP364\A0024419.DLLInfected
with: Trojan.Generic.1775814
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP364\A0024419.DLLDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.infDeleted
D:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
D:\autorun.inf=>(unicode)Disinfection failed
D:\autorun.inf=>(unicode)Deleted
D:\autorun.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.infDeleted
BitDefender Online Scanner -Scan ReportBitDefender Online Scanner
Scan report generated at: Mon, Jun 29, 2009 - 16:34:40
Scan path: C:\;D:\;E:\;
Statistics
Time00:19:26
Files59067
Folders2510
Boot Sectors0
Archives567
Packed Files4485
Results
Identified Viruses 3
Infected Files 22
Suspect Files 0
Warnings0
Disinfected0
Deleted Files43
Engines Info
Virus Definitions3762485
Engine buildAVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008
17:19:14)
Scan plugins17
Archive plugins44
Unpack plugins7
E-mail plugins6
System plugins4
Scan Settings
First ActionDisinfect
Second ActionDelete
HeuristicsYes
Enable WarningsYes
Scanned Extensions*;
Exclude Extensions
Scan EmailsYes
Scan ArchivesYes
Scan PackedYes
Scan FilesYes
Scan BootYes
Scanned File Status
C:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
C:\autorun.inf=>(unicode)Disinfection failed
C:\autorun.inf=>(unicode)Deleted
C:\autorun.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP364\A0024419.DLLInfected
with: Trojan.Generic.1775814
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP364\A0024419.DLLDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024933.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024941.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024951.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025010.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025025.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025038.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025053.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025070.infDeleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025085.infDeleted
D:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
D:\autorun.inf=>(unicode)Disinfection failed
D:\autorun.inf=>(unicode)Deleted
D:\autorun.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP374\A0024935.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024943.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP375\A0024953.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025012.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025027.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025040.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025055.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025072.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP376\A0025087.infDeleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{1EE62678-322C-411C-B11B-8420233DAFCA}\RP377\A0026434.infDeleted
Voici le rapport bitdefender pour le 1er ordi:
BitDefender Online Scanner -Scan ReportBitDefender Online Scanner
Scan report generated at: Mon, Jun 29, 2009 - 16:42:47
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time00:38:44
Files56164
Folders2315
Boot Sectors0
Archives474
Packed Files4520
Results
Identified Viruses 3
Infected Files 49
Suspect Files 0
Warnings0
Disinfected0
Deleted Files97
Engines Info
Virus Definitions3762485
Engine buildAVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008
17:19:14)
Scan plugins17
Archive plugins44
Unpack plugins7
E-mail plugins6
System plugins4
Scan Settings
First ActionDisinfect
Second ActionDelete
HeuristicsYes
Enable WarningsYes
Scanned Extensions*;
Exclude Extensions
Scan EmailsYes
Scan ArchivesYes
Scan PackedYes
Scan FilesYes
Scan BootYes
Scanned File Status
C:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
C:\autorun.inf=>(unicode)Disinfection failed
C:\autorun.inf=>(unicode)Deleted
C:\autorun.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.infDeleted
C:\WINDOWS\system32\Tools\Restart.exeInfected with: Virtool.18853
C:\WINDOWS\system32\Tools\Restart.exeDeleted
D:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
D:\autorun.inf=>(unicode)Disinfection failed
D:\autorun.inf=>(unicode)Deleted
D:\autorun.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.infDeleted
BitDefender Online Scanner -Scan ReportBitDefender Online Scanner
Scan report generated at: Mon, Jun 29, 2009 - 16:42:47
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time00:38:44
Files56164
Folders2315
Boot Sectors0
Archives474
Packed Files4520
Results
Identified Viruses 3
Infected Files 49
Suspect Files 0
Warnings0
Disinfected0
Deleted Files97
Engines Info
Virus Definitions3762485
Engine buildAVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008
17:19:14)
Scan plugins17
Archive plugins44
Unpack plugins7
E-mail plugins6
System plugins4
Scan Settings
First ActionDisinfect
Second ActionDelete
HeuristicsYes
Enable WarningsYes
Scanned Extensions*;
Exclude Extensions
Scan EmailsYes
Scan ArchivesYes
Scan PackedYes
Scan FilesYes
Scan BootYes
Scanned File Status
C:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
C:\autorun.inf=>(unicode)Disinfection failed
C:\autorun.inf=>(unicode)Deleted
C:\autorun.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023634.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023639.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023671.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023693.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023707.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023717.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023722.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023732.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023755.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023765.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023775.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023785.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023809.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023819.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023824.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023840.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023863.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023875.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023894.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023904.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023964.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023992.infDeleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Disinfection
failed
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.inf=>(unicode)Deleted
C:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025947.infDeleted
C:\WINDOWS\system32\Tools\Restart.exeInfected with: Virtool.18853
C:\WINDOWS\system32\Tools\Restart.exeDeleted
D:\autorun.inf=>(unicode)Infected with: Worm.VBS.Solow.C
D:\autorun.inf=>(unicode)Disinfection failed
D:\autorun.inf=>(unicode)Deleted
D:\autorun.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP273\A0023636.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023641.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023673.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023697.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023709.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP274\A0023719.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023724.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023734.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023757.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023767.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023777.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023787.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023811.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP275\A0023821.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023826.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023842.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023865.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP276\A0023877.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023896.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023906.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP277\A0023966.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP278\A0023995.infDeleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Infected
with: Worm.VBS.Solow.C
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Disinfection
failed
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.inf=>(unicode)Deleted
D:\System Volume
Information\_restore{57ED36DA-9311-4782-BBF9-2AF782C0A0CD}\RP279\A0025949.infDeleted
Et enfin.. Voici le scan du bitdefender du 3eme ordi:
*BitDefender Online Scanner*
*Scan report generated at: Wed, May 02, 2007 - 01:42:37*
* *
*Scan path: *C:\;D:\;E:\;
* *
*Statistics*
Time
00:23:03
Files
74892
Folders
4559
Boot Sectors
0
Archives
1440
Packed Files
4379
*Results*
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
*Engines Info*
Virus Definitions
3762485
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
44
Unpack plugins
7
E-mail plugins
6
System plugins
4
*Scan Settings*
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
*Scanned File*
* Status*
No virus found.
* *
* *
Merci pour tout à ceux qui s'occupent de ce forum!
Makayabou
*BitDefender Online Scanner*
*Scan report generated at: Wed, May 02, 2007 - 01:42:37*
* *
*Scan path: *C:\;D:\;E:\;
* *
*Statistics*
Time
00:23:03
Files
74892
Folders
4559
Boot Sectors
0
Archives
1440
Packed Files
4379
*Results*
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
*Engines Info*
Virus Definitions
3762485
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
44
Unpack plugins
7
E-mail plugins
6
System plugins
4
*Scan Settings*
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
*Scanned File*
* Status*
No virus found.
* *
* *
Merci pour tout à ceux qui s'occupent de ce forum!
Makayabou
