Pfouu mon ordi est ruiner
je suis mauvais en informatique...
-
kduc Messages postés 1537 Statut Membre -
kduc Messages postés 1537 Statut Membre -
Bonjour tout le monde, bah boila mon problemes : mon ordi est overbooker de dossiers jeux ou programes inutiles, il est infester de virus et n'a que quelque anciens antivirus.J'aimerais qu'on me donne quelque site de téléchargements d'antivirus et des programmes de "nettoyage" pour faire le vide de tout ce qui est inutile.Et aussi que l'on m'explique comment tout"ranger" comme lors d'un formatage.Je possede un windows xp et possede AOL9 comme internet. merci d'avance !
A voir également:
- Pfouu mon ordi est ruiner
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Mon ordi ne reconnait pas ma clé usb - Guide
- Plus de son sur mon ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
14 réponses
Bonjour,
désolé, tu es tombé sur 2 incapables d'identifier une infection navipromo :
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
Passons ...
Sauf qu'il n'est plus très simple de savoir où tu en es !
===
Pour vérifier pour Navipromo (MBAM en traite l'essentiel) :
Télécharge maintenant Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un Clic-droit sur Navilog1.exe présent sur ton bureau et choisis "Exécuter
en tant qu'administrateur".
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
S:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Cela te fera apparaître ton bureau
===
Pour vérifier si il n'y a rien d'autre :
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
hxxp://telechargement.zebulon.fr/telecharger-zhpdiag.html
Enregistre le sur ton Bureau.
Une fois le téléchargement achevé, lance ZHPDiag.exe et clique sur Unzip dans la fenêtre qui s'ouvre.
Clique sur Tous pour cocher toutes les cases des options.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\.ZHPDiag.txt
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
désolé, tu es tombé sur 2 incapables d'identifier une infection navipromo :
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
Passons ...
Sauf qu'il n'est plus très simple de savoir où tu en es !
===
Pour vérifier pour Navipromo (MBAM en traite l'essentiel) :
Télécharge maintenant Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un Clic-droit sur Navilog1.exe présent sur ton bureau et choisis "Exécuter
en tant qu'administrateur".
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
S:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Cela te fera apparaître ton bureau
===
Pour vérifier si il n'y a rien d'autre :
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
hxxp://telechargement.zebulon.fr/telecharger-zhpdiag.html
Enregistre le sur ton Bureau.
Une fois le téléchargement achevé, lance ZHPDiag.exe et clique sur Unzip dans la fenêtre qui s'ouvre.
Clique sur Tous pour cocher toutes les cases des options.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\.ZHPDiag.txt
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Bonjour,
On va commencer le nettoyage par ça .
~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~
- Telecharger Hijack
>http://www.infos-du-net.com/telecharger/HijackThis.html
Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"
- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier
- Poste moi le rapport entier
On va commencer le nettoyage par ça .
~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~
- Telecharger Hijack
>http://www.infos-du-net.com/telecharger/HijackThis.html
Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"
- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier
- Poste moi le rapport entier
Eh bah voila, sa commence mal je ne peux meme pas télécharger le programe que vous m'avez recommandé; lorsque j'essaye d'aller sur le site par votre lien, et une page s'affiche en disant qu'il est impossible d'afficher cette page web probablement a cause de diverse raison : je ne serais pas connecter a internet, ou le site serait momentanement inacessible.J'ai réessayer en copiant/collant le lien, meme resultat.Peut le site est il vraiment inaccessible pour l'instant?Merci d'avance pour une autre possibilités!
Bonne nouvelle! en fouillant le forum, j'ai trouver le programme que vous me conseillez, je l'ai activer, comme vous l'avez recommander, et je vous envoie le rapport qu'il me donne :
Logfile of HijackThis v1.99.1
Scan saved at 11:43:27, on 11/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0f\waol.exe
C:\Program Files\AOL 9.0f\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Fichiers communs\AOL\1209546266\ee\aolsoftware.exe
C:\DOCUME~1\ANCELI~1.MOU\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199[1].zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.hugedomains.com/domain_profile.cfm?d=itslabel&e=com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Voila, si quelque chose ne vas pas je ferais le nécessaire.Merci encore!
Logfile of HijackThis v1.99.1
Scan saved at 11:43:27, on 11/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0f\waol.exe
C:\Program Files\AOL 9.0f\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Fichiers communs\AOL\1209546266\ee\aolsoftware.exe
C:\DOCUME~1\ANCELI~1.MOU\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199[1].zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.hugedomains.com/domain_profile.cfm?d=itslabel&e=com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Voila, si quelque chose ne vas pas je ferais le nécessaire.Merci encore!
voila le rapport :
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2411
Windows 5.1.2600 Service Pack 3
12/07/2009 13:59:21
mbam-log-2009-07-12 (13-59-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 412665
Temps écoulé: 2 hour(s), 49 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 361
Fichier(s) infecté(s): 802
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kuuucqa (Trojan.Agent.H) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Instant Access (Adware.EGDAccess) -> Delete on reboot.
c:\program files\instant access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\Scripts (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com\50330 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com\50330\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com\50220 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com\50220\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com\50292 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com\50292\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com\50331 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com\50331\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com\50205 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com\50205\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com\50320 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com\50320\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com\50320 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com\50320\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com\50306 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com\50306\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com\50203 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com\50203\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com\50311 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com\50311\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com\50220 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com\50220\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com\50117 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com\50117\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com\50069 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com\50069\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content\favoris\jak3 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
c:\program files\montorgueil\Parisvoyeur_Soft (Dialer) -> Quarantined and deleted successfully.
c:\program files\montorgueil\videoxxx (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\quarantinew\2009-02-22 12-40-590 (Rogue.RegTool) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\RegTool\RegTool.exe (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\CrazyGirls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\SerialPlayers.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\VideoZapping.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\ParisHilton.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\LastSoftwares.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\GamesDesktop.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\SerialPlayers.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\CrazyGirls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\LastSoftwares.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\7c055b2e192e98f5fb5f6be8e9ae13fa.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\7c055b2e192e98f5fb5f6be8e9ae13fa.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\loading.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\hits\c1281a16b6188ffe739d3c7b20e9fc46 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\js\7e9e82cd11efce716224e64f2e6f144e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\48803c4fe4d874f97043e4c6af1bc65d.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\48803c4fe4d874f97043e4c6af1bc65d.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_02.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_03.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_04.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_05.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_06.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_07.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_08.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\hits\4f873a9980fc8b9ee98820eabdcb9736 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\js\62020a66cdc1e81ae4d2a1e41b71b42d (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\d59b8144de2de6eb26bdf1fc1accd7e6.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\d59b8144de2de6eb26bdf1fc1accd7e6.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\loading.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\hits\40f28f38d90fe0a8d14180cca24afffc (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\js\7e9e82cd11efce716224e64f2e6f144e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\SerialPlayers.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\37550e6fc44d4e104a987989bb50ed86.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\37550e6fc44d4e104a987989bb50ed86.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_02.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_03.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_04.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_05.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_06.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_07.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_08.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\hits\8fb219f7b2e23f1085942f22b01c7b6e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\js\3b083c66c6df6ae6ca0837e0821e1707 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\CrazyGirls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\ea18b7c59a0dd4144c935a32e3591f0d.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\ea18b7c59a0dd4144c935a32e3591f0d.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\bckg.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\hits\df132f9ef03a0acb60a64030372ddae4 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\js\39e1a55d9ecf5b368d1874cccca3bc38 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\4d1164c1e390ce69259b97276e4efb9b.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\4d1164c1e390ce69259b97276e4efb9b.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.c
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2411
Windows 5.1.2600 Service Pack 3
12/07/2009 13:59:21
mbam-log-2009-07-12 (13-59-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 412665
Temps écoulé: 2 hour(s), 49 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 361
Fichier(s) infecté(s): 802
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kuuucqa (Trojan.Agent.H) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Instant Access (Adware.EGDAccess) -> Delete on reboot.
c:\program files\instant access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\852602660\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\fp.pc-on-internet.com\50078\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\694779249\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1158861402\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\860991651\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\Scripts (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\fp.pc-on-internet.com\50307\swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\610168979\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\423843985\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\241615371\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\583193699\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\441242859\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\609626782\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com\50330 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\fp.pc-on-internet.com\50330\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\535866885\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com\50251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\fp.pc-on-internet.com\50251\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\221787704\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\619248840\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\482616676\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\415132629\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1174273085\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com\50220 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\fp.pc-on-internet.com\50220\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\738583230\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\969549907\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1090959356\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com\50292 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\fp.pc-on-internet.com\50292\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\618373354\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com\50196 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\fp.pc-on-internet.com\50196\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\959823478\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\409289844\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1124495636\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\559707609\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com\50331 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\fp.pc-on-internet.com\50331\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\227815633\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com\50287 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\fp.pc-on-internet.com\50287\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\99324113\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com\50256 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\fp.pc-on-internet.com\50256\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\630716919\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com\50205 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\fp.pc-on-internet.com\50205\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\129714867\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com\50320 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\fp.pc-on-internet.com\50320\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\456100600\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com\50296 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\fp.pc-on-internet.com\50296\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\219526583\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com\50320 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\fp.pc-on-internet.com\50320\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\775723393\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com\50306 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\fp.pc-on-internet.com\50306\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\716694656\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com\50255 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\fp.pc-on-internet.com\50255\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\645820003\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\404238017\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com\50265 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\fp.pc-on-internet.com\50265\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1133137425\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com\50203 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\fp.pc-on-internet.com\50203\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\950837188\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com\50264 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\fp.pc-on-internet.com\50264\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\399180152\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com\50311 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\fp.pc-on-internet.com\50311\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\134258218\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com\50220 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\fp.pc-on-internet.com\50220\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\244930251\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com\50117 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\fp.pc-on-internet.com\50117\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\541285219\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com\50069 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\fp.pc-on-internet.com\50069\images (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com\hits (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1061280506\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Multi\20080818190859\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\ressources\favoris\content\favoris\jak3 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\internetgamebox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
c:\program files\montorgueil\Parisvoyeur_Soft (Dialer) -> Quarantined and deleted successfully.
c:\program files\montorgueil\videoxxx (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\application data\RegTool\quarantinew\2009-02-22 12-40-590 (Rogue.RegTool) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\philippe moulherat\local settings\application data\asaumuw.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\program files\RegTool\RegTool.exe (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\CrazyGirls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\SerialPlayers.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\VideoZapping.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\ParisHilton.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\LastSoftwares.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\GamesDesktop.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\SerialPlayers.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\CrazyGirls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\LastSoftwares.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\7c055b2e192e98f5fb5f6be8e9ae13fa.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\7c055b2e192e98f5fb5f6be8e9ae13fa.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\fp.pc-on-internet.com\50264\images\loading.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\hits\c1281a16b6188ffe739d3c7b20e9fc46 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\280136701\external-api.dlv4.com\js\7e9e82cd11efce716224e64f2e6f144e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\48803c4fe4d874f97043e4c6af1bc65d.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\48803c4fe4d874f97043e4c6af1bc65d.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_02.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_03.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_04.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_05.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_06.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_07.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\fp.pc-on-internet.com\50251\images\index_08.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\hits\4f873a9980fc8b9ee98820eabdcb9736 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\254464264\external-api.dlv4.com\js\62020a66cdc1e81ae4d2a1e41b71b42d (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\d59b8144de2de6eb26bdf1fc1accd7e6.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\d59b8144de2de6eb26bdf1fc1accd7e6.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\fp.pc-on-internet.com\50264\images\loading.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\hits\40f28f38d90fe0a8d14180cca24afffc (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\1182905543\external-api.dlv4.com\js\7e9e82cd11efce716224e64f2e6f144e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\SerialPlayers.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\37550e6fc44d4e104a987989bb50ed86.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\37550e6fc44d4e104a987989bb50ed86.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_02.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_03.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_04.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_05.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_06.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_07.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\fp.pc-on-internet.com\50251\images\index_08.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\hits\8fb219f7b2e23f1085942f22b01c7b6e (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\484489924\external-api.dlv4.com\js\3b083c66c6df6ae6ca0837e0821e1707 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\CrazyGirls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\ea18b7c59a0dd4144c935a32e3591f0d.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\ea18b7c59a0dd4144c935a32e3591f0d.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\product.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\bckg.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\fp.pc-on-internet.com\50078\images\FR\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\hits\df132f9ef03a0acb60a64030372ddae4 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\862736990\external-api.dlv4.com\js\39e1a55d9ecf5b368d1874cccca3bc38 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\4d1164c1e390ce69259b97276e4efb9b.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\4d1164c1e390ce69259b97276e4efb9b.html_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.com\50296\images\button.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Dialer\897995857\fp.pc-on-internet.c
Bon on va commnecer par cocher les lignes suivantes :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cabO20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
Quand tu auras cocher ces lignes, clic sur Fix checked
Tu connais cette ligne :
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
Si tu connais pas suit cette procedure
~~~~~~~~~~~~~~~~> Virustotal <~~~~~~~~~~~~~~~~~~~
Tu vas scanner le fichier kuuucqa.exe ce situant : c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe
- Va sur Virustotal
>http://www.virustotal.com/fr/
- Fait parcourir et cherche le fichier kuuucqa.exe ce situant dans c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe
>***
- Virustotal va scanner ton fichier
/!\ Laisse l'analyse ce terminer correctement /!\
- Une fois le fichier scanner poste moi le rapport du fichier kuuucqa.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cabO20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
Quand tu auras cocher ces lignes, clic sur Fix checked
Tu connais cette ligne :
O4 - HKCU\..\Run: [kuuucqa] "c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe" kuuucqa
Si tu connais pas suit cette procedure
~~~~~~~~~~~~~~~~> Virustotal <~~~~~~~~~~~~~~~~~~~
Tu vas scanner le fichier kuuucqa.exe ce situant : c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe
- Va sur Virustotal
>http://www.virustotal.com/fr/
- Fait parcourir et cherche le fichier kuuucqa.exe ce situant dans c:\documents and settings\ancelin.moulhera-6eecde\local settings\application data\kuuucqa.exe
>***
- Virustotal va scanner ton fichier
/!\ Laisse l'analyse ce terminer correctement /!\
- Une fois le fichier scanner poste moi le rapport du fichier kuuucqa.exe
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.11 -
AhnLab-V3 5.0.0.2 2009.07.10 -
AntiVir 7.9.0.204 2009.07.10 -
Antiy-AVL 2.0.3.1 2009.07.10 -
Authentium 5.1.2.4 2009.07.10 -
Avast 4.8.1335.0 2009.07.10 -
AVG 8.5.0.387 2009.07.11 -
BitDefender 7.2 2009.07.11 -
CAT-QuickHeal 10.00 2009.07.10 -
ClamAV 0.94.1 2009.07.11 -
Comodo 1615 2009.07.11 -
DrWeb 5.0.0.12182 2009.07.11 -
eSafe 7.0.17.0 2009.07.09 -
eTrust-Vet 31.6.6608 2009.07.10 -
F-Prot 4.4.4.56 2009.07.10 -
F-Secure 8.0.14470.0 2009.07.10 -
Fortinet 3.120.0.0 2009.07.11 -
GData 19 2009.07.11 -
Ikarus T3.1.1.64.0 2009.07.11 -
Jiangmin 11.0.706 2009.07.11 -
K7AntiVirus 7.10.789 2009.07.10 -
Kaspersky 7.0.0.125 2009.07.11 -
McAfee 5672 2009.07.10 -
McAfee+Artemis 5672 2009.07.10 -
McAfee-GW-Edition 6.8.5 2009.07.10 -
Microsoft 1.4803 2009.07.11 -
NOD32 4233 2009.07.11 -
Norman 6.01.09 2009.07.10 -
nProtect 2009.1.8.0 2009.07.11 -
Panda 10.0.0.14 2009.07.10 -
PCTools 4.4.2.0 2009.07.10 -
Prevx 3.0 2009.07.11 -
Rising 21.37.52.00 2009.07.11 -
Sophos 4.43.0 2009.07.11 -
Sunbelt 3.2.1858.2 2009.07.10 -
Symantec 1.4.4.12 2009.07.11 -
TheHacker 6.3.4.3.365 2009.07.11 -
TrendMicro 8.950.0.1094 2009.07.10 -
VBA32 3.12.10.8 2009.07.11 -
ViRobot 2009.7.11.1831 2009.07.11 -
VirusBuster 4.6.5.0 2009.07.10 -
Information additionnelle
File size: 678 bytes
MD5...: ad7ce595cd6a65e8552fac7f3a79d368
SHA1..: b82af8e32c742d7ed86ec10bf216c3355b331b5d
SHA256: 82c779991d51890536b5c12dea7cf7db8aa0e448b465a6ebaa27bc5ccb256edc
ssdeep: 12:cN008AQMAlnAdEFwblchOnxR84XoHiDX5Z7XMjXKm+fkklfmfUpGfkklkSM9s
2/a:k3RalnAdEFwblchOnx2QCi9ZIjXKmikz
PEiD..: -
TrID..: File type identification
Flash Shared Object file (66.6%)
Adobe PhotoShop Brush (33.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Voila tout ce qu'il y avait j'espere que cela correspond a vos attentes.Merci encore.
a-squared 4.5.0.18 2009.07.11 -
AhnLab-V3 5.0.0.2 2009.07.10 -
AntiVir 7.9.0.204 2009.07.10 -
Antiy-AVL 2.0.3.1 2009.07.10 -
Authentium 5.1.2.4 2009.07.10 -
Avast 4.8.1335.0 2009.07.10 -
AVG 8.5.0.387 2009.07.11 -
BitDefender 7.2 2009.07.11 -
CAT-QuickHeal 10.00 2009.07.10 -
ClamAV 0.94.1 2009.07.11 -
Comodo 1615 2009.07.11 -
DrWeb 5.0.0.12182 2009.07.11 -
eSafe 7.0.17.0 2009.07.09 -
eTrust-Vet 31.6.6608 2009.07.10 -
F-Prot 4.4.4.56 2009.07.10 -
F-Secure 8.0.14470.0 2009.07.10 -
Fortinet 3.120.0.0 2009.07.11 -
GData 19 2009.07.11 -
Ikarus T3.1.1.64.0 2009.07.11 -
Jiangmin 11.0.706 2009.07.11 -
K7AntiVirus 7.10.789 2009.07.10 -
Kaspersky 7.0.0.125 2009.07.11 -
McAfee 5672 2009.07.10 -
McAfee+Artemis 5672 2009.07.10 -
McAfee-GW-Edition 6.8.5 2009.07.10 -
Microsoft 1.4803 2009.07.11 -
NOD32 4233 2009.07.11 -
Norman 6.01.09 2009.07.10 -
nProtect 2009.1.8.0 2009.07.11 -
Panda 10.0.0.14 2009.07.10 -
PCTools 4.4.2.0 2009.07.10 -
Prevx 3.0 2009.07.11 -
Rising 21.37.52.00 2009.07.11 -
Sophos 4.43.0 2009.07.11 -
Sunbelt 3.2.1858.2 2009.07.10 -
Symantec 1.4.4.12 2009.07.11 -
TheHacker 6.3.4.3.365 2009.07.11 -
TrendMicro 8.950.0.1094 2009.07.10 -
VBA32 3.12.10.8 2009.07.11 -
ViRobot 2009.7.11.1831 2009.07.11 -
VirusBuster 4.6.5.0 2009.07.10 -
Information additionnelle
File size: 678 bytes
MD5...: ad7ce595cd6a65e8552fac7f3a79d368
SHA1..: b82af8e32c742d7ed86ec10bf216c3355b331b5d
SHA256: 82c779991d51890536b5c12dea7cf7db8aa0e448b465a6ebaa27bc5ccb256edc
ssdeep: 12:cN008AQMAlnAdEFwblchOnxR84XoHiDX5Z7XMjXKm+fkklfmfUpGfkklkSM9s
2/a:k3RalnAdEFwblchOnx2QCi9ZIjXKmikz
PEiD..: -
TrID..: File type identification
Flash Shared Object file (66.6%)
Adobe PhotoShop Brush (33.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Voila tout ce qu'il y avait j'espere que cela correspond a vos attentes.Merci encore.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Il vient de le dire juste au dessus! AVAST !
Ou en es tu avec ton probleme? Pour tout supprimer , tu vas télécharger MAM ( cherche sur google) , tu fais un scan complet et post le rapport. Fais aussi pareil avec spybot ( en premier! ) .Tiens moi au jus
Ou en es tu avec ton probleme? Pour tout supprimer , tu vas télécharger MAM ( cherche sur google) , tu fais un scan complet et post le rapport. Fais aussi pareil avec spybot ( en premier! ) .Tiens moi au jus
pedrodu69, regarde bien l'heure des message poster et tu peut voir que j'ai poser la question en premier ; Si tu veut nettoyer ton pc tu peut faire les étapes suivantes .
~~~~~~~~~~~~~~> Malwarebytes <~~~~~~~~~~~~~~~~~~~
- Télécharger Malwarebytes
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
~~~~~~~~~~> Scan du Pc avec l'antivirus en ligne Kaspersky <~~~~~~~~~~
Se rendre sur ce lien : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
/!\ Utiliser Internet Explorer ou Firefox /!\</gras>
- En bas, à droite de la fenêtre, cliquez sur Kaspersky Online Scanner
- Dans la nouvelle fenêtre qui s'ouvre, cliquez sur: J'accepte
* Si ce bandeau jaune apparaît en haut de la fenêtre, clic gauche sur le bandeau et ==> Acceptez d'installer le contrôle ActiveX
* Le téléchargement est alors proposé.
* Le scan va à présent s'initialiser et mettre à jour sa base de données
* A présent, vous choisir la cible. C'est à dire indiquer quel emplacement va être analysé. Choisir My computer.
* Le scan est à présent lancé, il ne reste plus qu'à attendre qu'il se termine.
* Une fois le scan achevé, vous obtenez une fenêtre (en fonction de ce qui est trouvé sur votre PC) :
* Il ne reste plus qu'à enregistrer le rapport afin de pouvoir le poster sur le forum
/!\ N'oublie pas de mettre a jour tous tes logiciel de protection
~~~~~~~~~~~~~~> Malwarebytes <~~~~~~~~~~~~~~~~~~~
- Télécharger Malwarebytes
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
~~~~~~~~~~> Scan du Pc avec l'antivirus en ligne Kaspersky <~~~~~~~~~~
Se rendre sur ce lien : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
/!\ Utiliser Internet Explorer ou Firefox /!\</gras>
- En bas, à droite de la fenêtre, cliquez sur Kaspersky Online Scanner
- Dans la nouvelle fenêtre qui s'ouvre, cliquez sur: J'accepte
* Si ce bandeau jaune apparaît en haut de la fenêtre, clic gauche sur le bandeau et ==> Acceptez d'installer le contrôle ActiveX
* Le téléchargement est alors proposé.
* Le scan va à présent s'initialiser et mettre à jour sa base de données
* A présent, vous choisir la cible. C'est à dire indiquer quel emplacement va être analysé. Choisir My computer.
* Le scan est à présent lancé, il ne reste plus qu'à attendre qu'il se termine.
* Une fois le scan achevé, vous obtenez une fenêtre (en fonction de ce qui est trouvé sur votre PC) :
* Il ne reste plus qu'à enregistrer le rapport afin de pouvoir le poster sur le forum
/!\ N'oublie pas de mettre a jour tous tes logiciel de protection
As tu fais un scan avec les deux , ok. Fais aussi un scan avec SPYBOT , il est gratuit et tres bien!!!! Dis nous ce que tu trouves , et exuse moi pour l'erreur! :)
Eh bien voila j'ai fait un scan avec spybot ,qui a tres bien fonctionner, mais ne m'as pas fourni de rapport a vous envoyer.De plus, je ne trouve pas le logiciel MAM avec google pourriez vous me fournir un lien ? Et enfin, XaTon m'avais recommandé le logiciel kaspersky mais il ne fonctionne pas... il me dise a chaque fois qu'un autre antivirus est en cours d'éxécution mais ce n'est pas le cas Auriez vous une solution? merci d'avance!
Bien voila, j'ai télécharger le logiciel malwarebites et j'ai scanner mon ordi avec, tout s'est bien passer.Cependant, le second logiciel kaspersky n'a lui pas fonctionner, il affiche en rouge qu'un autre antivirus est en cours d'éxécution, mais ce n'est pas le cas.Auriez vous une solution?Merci d'avance!
Mam est un abréviation du logiciel Malwarebytes
~~~~~~~~~~~~~~> Malwarebytes <~~~~~~~~~~~~~~~~~~~
- Télécharger Malwarebytes
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
~~~~~~~~~~~~~~> Malwarebytes <~~~~~~~~~~~~~~~~~~~
- Télécharger Malwarebytes
- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu clique dessus pour l’afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller
Alors fait ceci ; )
~~~~~~~~~~~~~~~~~> Ccleaner <~~~~~~~~~~~~~~~~~~~
* Télécharger et installer CCleaner .
> http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
/!\ Ne pas installer la Yahoo! Toolbar /!\
* Dans l'onglet "Nettoyeur", cliquer sur "Analyser".
* Une fois l'analyse terminée, cliquer sur "Nettoyer".
* Recommencer jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
* Dans l'onglet " Registre ", cliquer sur " Chercher les erreurs "
* Une fois l'analyse terminée, cliquer sur " Corriger les erreurs sélectionnées "
* Recommencer jusqu’à ce qu’il ne trouve plus rien.
~~~~~~~~~~~~~~~~~> Ccleaner <~~~~~~~~~~~~~~~~~~~
* Télécharger et installer CCleaner .
> http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
/!\ Ne pas installer la Yahoo! Toolbar /!\
* Dans l'onglet "Nettoyeur", cliquer sur "Analyser".
* Une fois l'analyse terminée, cliquer sur "Nettoyer".
* Recommencer jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
* Dans l'onglet " Registre ", cliquer sur " Chercher les erreurs "
* Une fois l'analyse terminée, cliquer sur " Corriger les erreurs sélectionnées "
* Recommencer jusqu’à ce qu’il ne trouve plus rien.
Re,
donc tout était à faire pour le navipromo.
Le rapport de ZHPDiag maintenant.
donc tout était à faire pour le navipromo.
Le rapport de ZHPDiag maintenant.
Tout d'abord, le lien demander :
http://www.cijoint.fr/cjlink.php?file=cj200907/cijlEHd4x6.txt
Puis le rapport :
Rapport de ZHPDiag v1.23.10 par Nicolas Coolman
Enregistré le 12/07/2009 17:38:09
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\wanmpsvc.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww38.humoursexy.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} -
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: GStartup.lnk - C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Date Manager.lnk - C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\favicon.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AOL Connectivity Service (AOL ACS) - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - C:\WINDOWS\wanmpsvc.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-philippe moulherat).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-ancelin).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-sybille).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-celine rouquette).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-valerian).job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Adobe Flash Player 9 ActiveX - D27CDB6E-AE6D-11CF-96B8-444553540000 - (not file)
O40 - ASIC: Viewpoint Media Player - {03F998B2-0E00-11D3-A498-00104B6EB52E} - C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0306003B.dll
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Viewpoint Media Player - {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0306003B.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for WDM 3D Audio Driver (ALCXSENS) - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet (FETNDIS) - C:\WINDOWS\system32\DRIVERS\fetnd5.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Padus ASPI Shell (pfc) - C:\WINDOWS\system32\drivers\pfc.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (no object) (S3SavageNB) - C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Pilote de filtrage Sony USB (SONYPVU1) (SONYPVU1) - C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: SAMSUNG Mobile USB Device 1.0 driver (WDM) (ss_bus) - C:\WINDOWS\system32\DRIVERS\ss_bus.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Filter (ss_mdfl) - C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Drivers (ss_mdm) - C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Concentrateur USB2 (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Filtre de bus AGP VIA (viaagp) - C:\WINDOWS\system32\DRIVERS\viaagp.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WAN Miniport (ATW) (wanatw) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ACDSee 6.0 PowerPack
O42 - Logiciel: AOL - Assistant de désinstallation
O42 - Logiciel: AOL Auto-diagnostic
O42 - Logiciel: AOL Coach Version 1.0(Build:20040229.1 fr)
O42 - Logiciel: AOL Toolbar
O42 - Logiciel: Action Man Destruction X (mini-game)
O42 - Logiciel: Adibou V.3.10 (C:)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Reader 9.1 - Français
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Atlas Mundial Multimedia
O42 - Logiciel: Civilization: Call to Power
O42 - Logiciel: Dofus 1.24.0
O42 - Logiciel: Dofus 1.25.0
O42 - Logiciel: DofusBeta 1.27.0
O42 - Logiciel: Ecran de veille AOL Photos
O42 - Logiciel: Enciclopedia Multimedia de los Seres Vivos
O42 - Logiciel: Forte Standard 2.0
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: HP Product Detection
O42 - Logiciel: Half-Life
O42 - Logiciel: HijackThis 1.99.1
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Jasc Paint Shop Pro 9
O42 - Logiciel: Learn2 Player (Uninstall Only)
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Les Sims™ 3
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office 97 Professional
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft WSE 3.0 Runtime
O42 - Logiciel: Nintendo Desktop Manager
O42 - Logiciel: Nostale Online FR (Remove)
O42 - Logiciel: QuickTime
O42 - Logiciel: RTP for RM2K (Png, Wav, Midi, Fonts)
O42 - Logiciel: RealPlayer Basic
O42 - Logiciel: RegTool
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: Shadows 3.0
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Text-To-Speech-Runtime
O42 - Logiciel: The Smurfs
O42 - Logiciel: Theme Hospital
O42 - Logiciel: Thème Zelda
O42 - Logiciel: Transformers(TM) - Le Jeu
O42 - Logiciel: Utilitaires Sierra
O42 - Logiciel: Viewpoint Media Player
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live installer
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Zelda Oni Link Begins 2.1
O42 - Logiciel: Zelda Return of the Hylian 5.3
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: eoEngine 5.1
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SYSTEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SERVICES
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aolshare
O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nullsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aolback
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aammmonm
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BOONTY Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Teleca Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Scanner
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\i4j_jres
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MAGIX Shared
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ACD Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Jasc Software Inc
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Blizzard Entertainment
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/06/2009 - 17:51:12 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 01/06/2009 - 19:56:14 ---A- C:\WINDOWS\outlook.pst
O44 - LFC:Last File Created 03/07/2009 - 17:07:06 ---A- C:\WINDOWS\SIERRA.INI
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 10/06/2009 - 14:48:56 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 11/07/2009 - 15:20:04 ---A- C:\WINDOWS\System32\CONFIG.NT
O44 - LFC:Last File Created 12/07/2009 - 15:32:58 ---A- C:\WINDOWS\wininit.ini
O44 - LFC:Last File Created 12/07/2009 - 16:28:20 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 12/07/2009 - 16:28:28 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 12/07/2009 - 16:28:32 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 12/07/2009 - 16:29:28 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 12/07/2009 - 16:30:02 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 12/07/2009 - 16:30:08 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 12/07/2009 - 16:30:12 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 12/07/2009 - 16:32:46 --HA- C:\WINDOWS\System32\FFASTLOG.TXT
O44 - LFC:Last File Created 12/07/2009 - 16:33:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 15/06/2009 - 09:48:32 ---A- C:\WINDOWS\QTFont.for
O44 - LFC:Last File Created 15/06/2009 - 09:48:32 --HA- C:\WINDOWS\QTFont.qfn
O44 - LFC:Last File Created 16/06/2009 - 07:30:02 ---A- C:\WINDOWS\RESULT.QTW
O44 - LFC:Last File Created 17/06/2009 - 10:27:44 ---A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:Last File Created 17/06/2009 - 10:27:56 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:03:22 ---A- C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:03:22 ---A- C:\WINDOWS\Prefetch\_INS5176._MP-23834F0A.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:07:36 ---A- C:\WINDOWS\Prefetch\HL.EXE-17B410E2.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:07:38 ---A- C:\WINDOWS\Prefetch\AHUI.EXE-10CE5D84.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:08:02 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:10:48 ---A- C:\WINDOWS\Prefetch\ZELDAROTH.EXE-0726740A.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:40:36 ---A- C:\WINDOWS\Prefetch\ZELDAOLB.EXE-048E9365.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 18:21:48 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 18:22:00 ---A- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\AUTORUN.EXE-055703AF.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\SIMS3SETUP.EXE-0E9FEA51.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\SIMS3SETUP.EXE-32584E69.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:28 ---A- C:\WINDOWS\Prefetch\THE SIMS 3_CODE.EXE-12C29567.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:42:48 ---A- C:\WINDOWS\Prefetch\DOTNETFX.EXE-2AAFEDBE.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:43:46 ---A- C:\WINDOWS\Prefetch\INSTALL.EXE-2EDD9058.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:45:44 ---A- C:\WINDOWS\Prefetch\REGTLIBV12.EXE-0E2FA54B.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:46:56 ---A- C:\WINDOWS\Prefetch\MOFCOMP.EXE-01718E95.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:47:02 ---A- C:\WINDOWS\Prefetch\ASPNET_REGIIS.EXE-009D6E80.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:47:12 ---A- C:\WINDOWS\Prefetch\REGSVCS.EXE-11A17120.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:50:24 ---A- C:\WINDOWS\Prefetch\NGEN.EXE-38021CCC.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\Prefetch\LODCTR.EXE-1009C3B4.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:04 ---A- C:\WINDOWS\Prefetch\VCREDIST_X86.EXE-1069BB72.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:10 ---A- C:\WINDOWS\Prefetch\VCREDI~3.EXE-31428BFA.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:36 ---A- C:\WINDOWS\Prefetch\MSI8B.TMP-072C119C.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:40 ---A- C:\WINDOWS\Prefetch\VP6INSTALL.EXE-0D83D9BE.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:52 ---A- C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:04 ---A- C:\WINDOWS\Prefetch\SIMS3LAUNCHER.EXE-0A05C558.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:08 ---A- C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:08 ---A- C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:18 ---A- C:\WINDOWS\Prefetch\TS3.EXE-22AC6119.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 10:09:38 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 10:09:54 ---A- C:\WINDOWS\Prefetch\DLLHOST.EXE-40073C2F.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 11:36:04 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 16:39:12 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A9161EE.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:38:44 ---A- C:\WINDOWS\Prefetch\EXCEL.EXE-1C75F8D6.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:40:42 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-26C14117.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:42:54 ---A- C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:42:56 ---A- C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
O45 - LFCP:Last File Created Prefetch 10/07/2009 - 14:39:28 ---A- C:\WINDOWS\Prefetch\MSCORSVW.EXE-1BF30400.pf
O45 - LFCP:Last File Created Prefetch 10/07/2009 - 22:57:18 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B315295.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\ASHSERV.EXE-3B661600.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\ASWUPDSV.EXE-040CB91E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\LSASS.EXE-20DB6D1B.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2164E410.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:50 ---A- C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:08 ---A- C:\WINDOWS\Prefetch\AOLACSD.EXE-1E50F516.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:08 ---A- C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:10 ---A- C:\WINDOWS\Prefetch\CISVC.EXE-21F69875.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:18 ---A- C:\WINDOWS\Prefetch\AOLLOAD.EXE-05C5C091.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:18 ---A- C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:22 ---A- C:\WINDOWS\Prefetch\WANMPSVC.EXE-079295ED.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:24:12 ---A- C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:24:40 ---A- C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:42:56 ---A- C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-0033799D.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 15:11:24 ---A- C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 15:11:24 ---A- C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:03:26 ---A- C:\WINDOWS\Prefetch\WINWORD.EXE-10D55173.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:05:36 ---A- C:\WINDOWS\Prefetch\READER~1.EXE-37B45700.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:05:56 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-0E2E676E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:06:48 ---A- C:\WINDOWS\Prefetch\ACDSEE6.EXE-102B22BB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:06:50 ---A- C:\WINDOWS\Prefetch\DBLOCALSERVER.EXE-30CBAA24.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:00 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-30975F34.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:30 ---A- C:\WINDOWS\Prefetch\POWERPNT.EXE-17CE3F4E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2AE85815.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:10:16 ---A- C:\WINDOWS\Prefetch\WORDPAD.EXE-02314C89.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:10:32 ---A- C:\WINDOWS\Prefetch\PAINT SHOP PRO 9.EXE-2FA9821C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:11:14 ---A- C:\WINDOWS\Prefetch\REGISTER.EXE-3A4930CA.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:11:34 ---A- C:\WINDOWS\Prefetch\JASCUPDATE.EXE-085F4031.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:13:02 ---A- C:\WINDOWS\Prefetch\AGENT.EXE-06FC5CDE.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:27:36 ---A- C:\WINDOWS\Prefetch\ADBERDR910_FR_FR.EXE-21DE3A90.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:28:26 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:28:34 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-0AD8652C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:29:44 ---A- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:32:52 ---A- C:\WINDOWS\Prefetch\EULA.EXE-2546E412.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:00:32 ---A- C:\WINDOWS\Prefetch\IE8-WINDOWSXP-X86-FRA.EXE-195E491C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:00:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-485CD3BD.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:01:00 ---A- C:\WINDOWS\Prefetch\IESETUP.EXE-29AFBC97.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:01:20 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 10:03:58 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:03:54 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:13:06 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:10 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:28 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-3A1F13AE.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:56 ---A- C:\WINDOWS\Prefetch\CNMSE9E.EXE-1AB094D7.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:27:06 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A41998E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:44 ---A- C:\WINDOWS\Prefetch\UPLAUNCHER.EXE-35829E5B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:50 ---A- C:\WINDOWS\Prefetch\DOFUS.DLL-2398F48E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:52 ---A- C:\WINDOWS\Prefetch\DOFUS.EXE-2750C82D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:36 ---A- C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:40 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:42 ---A- C:\WINDOWS\Prefetch\NSINET.EXE-20415ACB.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:36:58 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:37:38 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:54:10 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:54:16 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:20:12 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:28:18 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:31:20 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:31:22 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:32 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:36 ---A- C:\WINDOWS\Prefetch\HPZTSB04.EXE-2611387D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:40 ---A- C:\WINDOWS\Prefetch\MCUPDATE.EXE-2A2835B2.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:44 ---A- C:\WINDOWS\Prefetch\MCAGENT.EXE-168D195B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:46 ---A- C:\WINDOWS\Prefetch\COMPANION.EXE-0B9B328D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:46 ---A- C:\WINDOWS\Prefetch\SOUNDMAN.EXE-19745A34.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:48 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:50 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:52 ---A- C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:52 ---A- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:54 ---A- C:\WINDOWS\Prefetch\AOLTRAY.EXE-02BFDCBA.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:56 ---A- C:\WINDOWS\Prefetch\OSA.EXE-33CE5E8A.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:58 ---A- C:\WINDOWS\Prefetch\AOL.EXE-22B532C7.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:58 ---A- C:\WINDOWS\Prefetch\FINDFAST.EXE-201E95F4.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:00 ---A- C:\WINDOWS\Prefetch\WAOL.EXE-24D5BF1A.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:18 ---A- C:\WINDOWS\Prefetch\SHELLMON.EXE-0D5DF70B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:20 ---A- C:\WINDOWS\Prefetch\AOLTPSPD.EXE-22F124E1.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:48 ---A- C:\WINDOWS\Prefetch\AOLSOFTWARE.EXE-08E97166.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:06 ---A- C:\WINDOWS\Prefetch\AOLNYSEV.EXE-2EE1E660.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:06 ---A- C:\WINDOWS\Prefetch\AOLNYSEV.EXE-3536C2D6.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:26 ---A- C:\WINDOWS\Prefetch\CIDAEMON.EXE-27AE97A4.pf
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:28:54 ---A- C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:29:06 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:29:06 ---A- C:\WINDOWS\Prefetch\DFRGFAT.EXE-03D95883.pf
O45 - LFCP:Last File Created Prefetch 23/06/2009 - 18:32:52 ---A- C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf
O45 - LFCP:Last File Created Prefetch 25/06/2009 - 14:23:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-44F2D249.pf
O45 - LFCP:Last File Created Prefetch 25/06/2009 - 14:50:50 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3362D32E.pf
O45 - LFCP:Last File Created Prefetch 26/06/2009 - 16:40:46 ---A- C:\WINDOWS\Prefetch\GQMWEQI.EXE-3232A1C7.pf
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\1209546266\EE\aolsoftware.exe"="C:\Program Files\Fichiers communs\AOL\1209546266\EE\aolsoftware.exe:*:Enabled:AOL Shared Components"
O47 - AAKE:Key Export SP - "C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat:*:Enabled:La Bataille pour la Terre du Milieu(tm)"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\LIVECALL.EXE"="C:\Program Files\Windows Live\Messenger\LIVECALL.EXE:*:Enabled:Windows Live Messenger (Phone)"
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\LIVECALL.EXE"="C:\Program Files\Windows Live\Messenger\LIVECALL.EXE:*:Enabled:Windows Live Messenger (Phone)"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\AutoRun\command - F:\tmf3w3g0.com
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\explore\command - F:\tmf3w3g0.com
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\open\command - F:\tmf3w3g0.com
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP60"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP61"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="(MCI) Microsoft Video for Windows"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="(MCI) CD Audio"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="(MCI) Midi Sequencer"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="(MCI) Sound"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="MIDI Mapper"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="IMA ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="Microsoft ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc."
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo codec by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="Microsoft RLE Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="Microsoft Video 1"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="Microsoft Audio Compression Manager"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"lhacm.acm"="Lernout And Hauspie Codecs"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Realtek AC'97 Audio"
O52 - TDSD:HKLM\...\drivers.desc\"vp6vfw.dll"="EA VP6 Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System
http://www.cijoint.fr/cjlink.php?file=cj200907/cijlEHd4x6.txt
Puis le rapport :
Rapport de ZHPDiag v1.23.10 par Nicolas Coolman
Enregistré le 12/07/2009 17:38:09
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\wanmpsvc.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww38.humoursexy.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} -
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: GStartup.lnk - C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Date Manager.lnk - C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\favicon.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{BFE58292-C7D9-4032-9F29-4143616CE3DC}: NameServer = 205.188.146.145
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AOL Connectivity Service (AOL ACS) - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - C:\WINDOWS\wanmpsvc.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-philippe moulherat).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-ancelin).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-sybille).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-celine rouquette).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Recherche de mises à jour sur McAfee.com (MOULHERA-6EECDE-valerian).job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Adobe Flash Player 9 ActiveX - D27CDB6E-AE6D-11CF-96B8-444553540000 - (not file)
O40 - ASIC: Viewpoint Media Player - {03F998B2-0E00-11D3-A498-00104B6EB52E} - C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0306003B.dll
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Viewpoint Media Player - {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0306003B.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for WDM 3D Audio Driver (ALCXSENS) - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet (FETNDIS) - C:\WINDOWS\system32\DRIVERS\fetnd5.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Padus ASPI Shell (pfc) - C:\WINDOWS\system32\drivers\pfc.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (no object) (S3SavageNB) - C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Pilote de filtrage Sony USB (SONYPVU1) (SONYPVU1) - C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: SAMSUNG Mobile USB Device 1.0 driver (WDM) (ss_bus) - C:\WINDOWS\system32\DRIVERS\ss_bus.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Filter (ss_mdfl) - C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Drivers (ss_mdm) - C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Concentrateur USB2 (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Filtre de bus AGP VIA (viaagp) - C:\WINDOWS\system32\DRIVERS\viaagp.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WAN Miniport (ATW) (wanatw) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ACDSee 6.0 PowerPack
O42 - Logiciel: AOL - Assistant de désinstallation
O42 - Logiciel: AOL Auto-diagnostic
O42 - Logiciel: AOL Coach Version 1.0(Build:20040229.1 fr)
O42 - Logiciel: AOL Toolbar
O42 - Logiciel: Action Man Destruction X (mini-game)
O42 - Logiciel: Adibou V.3.10 (C:)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Reader 9.1 - Français
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Atlas Mundial Multimedia
O42 - Logiciel: Civilization: Call to Power
O42 - Logiciel: Dofus 1.24.0
O42 - Logiciel: Dofus 1.25.0
O42 - Logiciel: DofusBeta 1.27.0
O42 - Logiciel: Ecran de veille AOL Photos
O42 - Logiciel: Enciclopedia Multimedia de los Seres Vivos
O42 - Logiciel: Forte Standard 2.0
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: HP Product Detection
O42 - Logiciel: Half-Life
O42 - Logiciel: HijackThis 1.99.1
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Jasc Paint Shop Pro 9
O42 - Logiciel: Learn2 Player (Uninstall Only)
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Les Sims™ 3
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office 97 Professional
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft WSE 3.0 Runtime
O42 - Logiciel: Nintendo Desktop Manager
O42 - Logiciel: Nostale Online FR (Remove)
O42 - Logiciel: QuickTime
O42 - Logiciel: RTP for RM2K (Png, Wav, Midi, Fonts)
O42 - Logiciel: RealPlayer Basic
O42 - Logiciel: RegTool
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: Shadows 3.0
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Text-To-Speech-Runtime
O42 - Logiciel: The Smurfs
O42 - Logiciel: Theme Hospital
O42 - Logiciel: Thème Zelda
O42 - Logiciel: Transformers(TM) - Le Jeu
O42 - Logiciel: Utilitaires Sierra
O42 - Logiciel: Viewpoint Media Player
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live installer
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Zelda Oni Link Begins 2.1
O42 - Logiciel: Zelda Return of the Hylian 5.3
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: eoEngine 5.1
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SYSTEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SERVICES
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aolshare
O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nullsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aolback
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\aammmonm
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BOONTY Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Teleca Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Scanner
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\i4j_jres
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MAGIX Shared
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ACD Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Jasc Software Inc
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Blizzard Entertainment
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/06/2009 - 17:51:12 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 01/06/2009 - 19:56:14 ---A- C:\WINDOWS\outlook.pst
O44 - LFC:Last File Created 03/07/2009 - 17:07:06 ---A- C:\WINDOWS\SIERRA.INI
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 10/06/2009 - 14:48:56 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 11/07/2009 - 15:20:04 ---A- C:\WINDOWS\System32\CONFIG.NT
O44 - LFC:Last File Created 12/07/2009 - 15:32:58 ---A- C:\WINDOWS\wininit.ini
O44 - LFC:Last File Created 12/07/2009 - 16:28:20 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 12/07/2009 - 16:28:28 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 12/07/2009 - 16:28:32 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 12/07/2009 - 16:29:28 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 12/07/2009 - 16:30:02 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 12/07/2009 - 16:30:08 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 12/07/2009 - 16:30:12 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 12/07/2009 - 16:32:46 --HA- C:\WINDOWS\System32\FFASTLOG.TXT
O44 - LFC:Last File Created 12/07/2009 - 16:33:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 15/06/2009 - 09:48:32 ---A- C:\WINDOWS\QTFont.for
O44 - LFC:Last File Created 15/06/2009 - 09:48:32 --HA- C:\WINDOWS\QTFont.qfn
O44 - LFC:Last File Created 16/06/2009 - 07:30:02 ---A- C:\WINDOWS\RESULT.QTW
O44 - LFC:Last File Created 17/06/2009 - 10:27:44 ---A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:Last File Created 17/06/2009 - 10:27:56 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:03:22 ---A- C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:03:22 ---A- C:\WINDOWS\Prefetch\_INS5176._MP-23834F0A.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:07:36 ---A- C:\WINDOWS\Prefetch\HL.EXE-17B410E2.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:07:38 ---A- C:\WINDOWS\Prefetch\AHUI.EXE-10CE5D84.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:08:02 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:10:48 ---A- C:\WINDOWS\Prefetch\ZELDAROTH.EXE-0726740A.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 17:40:36 ---A- C:\WINDOWS\Prefetch\ZELDAOLB.EXE-048E9365.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 18:21:48 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf
O45 - LFCP:Last File Created Prefetch 03/07/2009 - 18:22:00 ---A- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\AUTORUN.EXE-055703AF.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\SIMS3SETUP.EXE-0E9FEA51.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:18 ---A- C:\WINDOWS\Prefetch\SIMS3SETUP.EXE-32584E69.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:23:28 ---A- C:\WINDOWS\Prefetch\THE SIMS 3_CODE.EXE-12C29567.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:42:48 ---A- C:\WINDOWS\Prefetch\DOTNETFX.EXE-2AAFEDBE.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:43:46 ---A- C:\WINDOWS\Prefetch\INSTALL.EXE-2EDD9058.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:45:44 ---A- C:\WINDOWS\Prefetch\REGTLIBV12.EXE-0E2FA54B.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:46:56 ---A- C:\WINDOWS\Prefetch\MOFCOMP.EXE-01718E95.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:47:02 ---A- C:\WINDOWS\Prefetch\ASPNET_REGIIS.EXE-009D6E80.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:47:12 ---A- C:\WINDOWS\Prefetch\REGSVCS.EXE-11A17120.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:50:24 ---A- C:\WINDOWS\Prefetch\NGEN.EXE-38021CCC.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:51:44 ---A- C:\WINDOWS\Prefetch\LODCTR.EXE-1009C3B4.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:04 ---A- C:\WINDOWS\Prefetch\VCREDIST_X86.EXE-1069BB72.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:10 ---A- C:\WINDOWS\Prefetch\VCREDI~3.EXE-31428BFA.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:36 ---A- C:\WINDOWS\Prefetch\MSI8B.TMP-072C119C.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:40 ---A- C:\WINDOWS\Prefetch\VP6INSTALL.EXE-0D83D9BE.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:52:52 ---A- C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:04 ---A- C:\WINDOWS\Prefetch\SIMS3LAUNCHER.EXE-0A05C558.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:08 ---A- C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:08 ---A- C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 09:55:18 ---A- C:\WINDOWS\Prefetch\TS3.EXE-22AC6119.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 10:09:38 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 10:09:54 ---A- C:\WINDOWS\Prefetch\DLLHOST.EXE-40073C2F.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 11:36:04 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf
O45 - LFCP:Last File Created Prefetch 07/07/2009 - 16:39:12 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A9161EE.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:38:44 ---A- C:\WINDOWS\Prefetch\EXCEL.EXE-1C75F8D6.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:40:42 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-26C14117.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:42:54 ---A- C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf
O45 - LFCP:Last File Created Prefetch 09/07/2009 - 12:42:56 ---A- C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
O45 - LFCP:Last File Created Prefetch 10/07/2009 - 14:39:28 ---A- C:\WINDOWS\Prefetch\MSCORSVW.EXE-1BF30400.pf
O45 - LFCP:Last File Created Prefetch 10/07/2009 - 22:57:18 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B315295.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\ASHSERV.EXE-3B661600.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\ASWUPDSV.EXE-040CB91E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\LSASS.EXE-20DB6D1B.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:42 ---A- C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2164E410.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:06:50 ---A- C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:08 ---A- C:\WINDOWS\Prefetch\AOLACSD.EXE-1E50F516.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:08 ---A- C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:10 ---A- C:\WINDOWS\Prefetch\CISVC.EXE-21F69875.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:18 ---A- C:\WINDOWS\Prefetch\AOLLOAD.EXE-05C5C091.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:18 ---A- C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:07:22 ---A- C:\WINDOWS\Prefetch\WANMPSVC.EXE-079295ED.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:24:12 ---A- C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:24:40 ---A- C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 10:42:56 ---A- C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-0033799D.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 15:11:24 ---A- C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 15:11:24 ---A- C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:03:26 ---A- C:\WINDOWS\Prefetch\WINWORD.EXE-10D55173.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:05:36 ---A- C:\WINDOWS\Prefetch\READER~1.EXE-37B45700.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:05:56 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-0E2E676E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:06:48 ---A- C:\WINDOWS\Prefetch\ACDSEE6.EXE-102B22BB.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:06:50 ---A- C:\WINDOWS\Prefetch\DBLOCALSERVER.EXE-30CBAA24.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:00 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-30975F34.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:30 ---A- C:\WINDOWS\Prefetch\POWERPNT.EXE-17CE3F4E.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:08:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2AE85815.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:10:16 ---A- C:\WINDOWS\Prefetch\WORDPAD.EXE-02314C89.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:10:32 ---A- C:\WINDOWS\Prefetch\PAINT SHOP PRO 9.EXE-2FA9821C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:11:14 ---A- C:\WINDOWS\Prefetch\REGISTER.EXE-3A4930CA.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:11:34 ---A- C:\WINDOWS\Prefetch\JASCUPDATE.EXE-085F4031.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:13:02 ---A- C:\WINDOWS\Prefetch\AGENT.EXE-06FC5CDE.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:27:36 ---A- C:\WINDOWS\Prefetch\ADBERDR910_FR_FR.EXE-21DE3A90.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:28:26 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:28:34 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-0AD8652C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:29:44 ---A- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 18:32:52 ---A- C:\WINDOWS\Prefetch\EULA.EXE-2546E412.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:00:32 ---A- C:\WINDOWS\Prefetch\IE8-WINDOWSXP-X86-FRA.EXE-195E491C.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:00:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-485CD3BD.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:01:00 ---A- C:\WINDOWS\Prefetch\IESETUP.EXE-29AFBC97.pf
O45 - LFCP:Last File Created Prefetch 11/07/2009 - 23:01:20 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 10:03:58 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:03:54 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:13:06 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:10 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:28 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-3A1F13AE.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:26:56 ---A- C:\WINDOWS\Prefetch\CNMSE9E.EXE-1AB094D7.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 13:27:06 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A41998E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:44 ---A- C:\WINDOWS\Prefetch\UPLAUNCHER.EXE-35829E5B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:50 ---A- C:\WINDOWS\Prefetch\DOFUS.DLL-2398F48E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:04:52 ---A- C:\WINDOWS\Prefetch\DOFUS.EXE-2750C82D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:36 ---A- C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:40 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 14:06:42 ---A- C:\WINDOWS\Prefetch\NSINET.EXE-20415ACB.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:36:58 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:37:38 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:54:10 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 15:54:16 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:20:12 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:28:18 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:31:20 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:31:22 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:32 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:36 ---A- C:\WINDOWS\Prefetch\HPZTSB04.EXE-2611387D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:40 ---A- C:\WINDOWS\Prefetch\MCUPDATE.EXE-2A2835B2.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:44 ---A- C:\WINDOWS\Prefetch\MCAGENT.EXE-168D195B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:46 ---A- C:\WINDOWS\Prefetch\COMPANION.EXE-0B9B328D.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:46 ---A- C:\WINDOWS\Prefetch\SOUNDMAN.EXE-19745A34.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:48 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:50 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:52 ---A- C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:52 ---A- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:54 ---A- C:\WINDOWS\Prefetch\AOLTRAY.EXE-02BFDCBA.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:56 ---A- C:\WINDOWS\Prefetch\OSA.EXE-33CE5E8A.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:58 ---A- C:\WINDOWS\Prefetch\AOL.EXE-22B532C7.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:32:58 ---A- C:\WINDOWS\Prefetch\FINDFAST.EXE-201E95F4.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:00 ---A- C:\WINDOWS\Prefetch\WAOL.EXE-24D5BF1A.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:18 ---A- C:\WINDOWS\Prefetch\SHELLMON.EXE-0D5DF70B.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:20 ---A- C:\WINDOWS\Prefetch\AOLTPSPD.EXE-22F124E1.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:33:48 ---A- C:\WINDOWS\Prefetch\AOLSOFTWARE.EXE-08E97166.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:06 ---A- C:\WINDOWS\Prefetch\AOLNYSEV.EXE-2EE1E660.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:06 ---A- C:\WINDOWS\Prefetch\AOLNYSEV.EXE-3536C2D6.pf
O45 - LFCP:Last File Created Prefetch 12/07/2009 - 16:37:26 ---A- C:\WINDOWS\Prefetch\CIDAEMON.EXE-27AE97A4.pf
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:28:54 ---A- C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:29:06 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:Last File Created Prefetch 22/06/2009 - 11:29:06 ---A- C:\WINDOWS\Prefetch\DFRGFAT.EXE-03D95883.pf
O45 - LFCP:Last File Created Prefetch 23/06/2009 - 18:32:52 ---A- C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf
O45 - LFCP:Last File Created Prefetch 25/06/2009 - 14:23:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-44F2D249.pf
O45 - LFCP:Last File Created Prefetch 25/06/2009 - 14:50:50 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3362D32E.pf
O45 - LFCP:Last File Created Prefetch 26/06/2009 - 16:40:46 ---A- C:\WINDOWS\Prefetch\GQMWEQI.EXE-3232A1C7.pf
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL"
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\1209546266\EE\aolsoftware.exe"="C:\Program Files\Fichiers communs\AOL\1209546266\EE\aolsoftware.exe:*:Enabled:AOL Shared Components"
O47 - AAKE:Key Export SP - "C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat:*:Enabled:La Bataille pour la Terre du Milieu(tm)"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\LIVECALL.EXE"="C:\Program Files\Windows Live\Messenger\LIVECALL.EXE:*:Enabled:Windows Live Messenger (Phone)"
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\LIVECALL.EXE"="C:\Program Files\Windows Live\Messenger\LIVECALL.EXE:*:Enabled:Windows Live Messenger (Phone)"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\AutoRun\command - F:\tmf3w3g0.com
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\explore\command - F:\tmf3w3g0.com
O51 - MPSK:{22b97160-c535-11dd-84f1-00038a000015}\Shell\open\command - F:\tmf3w3g0.com
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP60"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP61"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="(MCI) Microsoft Video for Windows"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="(MCI) CD Audio"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="(MCI) Midi Sequencer"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="(MCI) Sound"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="MIDI Mapper"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="IMA ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="Microsoft ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc."
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo codec by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="Microsoft RLE Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="Microsoft Video 1"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="Microsoft Audio Compression Manager"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"lhacm.acm"="Lernout And Hauspie Codecs"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Realtek AC'97 Audio"
O52 - TDSD:HKLM\...\drivers.desc\"vp6vfw.dll"="EA VP6 Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System
Re,
On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
* Vérifie que tu as fermé/désactivé tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.
Envoie le contenu de C:\ComboFix.txt dans ta prochaine réponse afin que je l'examine.
On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
* Vérifie que tu as fermé/désactivé tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.
Envoie le contenu de C:\ComboFix.txt dans ta prochaine réponse afin que je l'examine.
Salut,
Pour désactiver les protections résidentes, Avast notamment, regardes ici :
https://forum.pcastuces.com/default.asp
PS : je pense que le Lyonnais a vu Eorezo et qu' il te demandera d' installer Ad-Remover par la suite pour la suppression.
Bonne continuation ...
Pour désactiver les protections résidentes, Avast notamment, regardes ici :
https://forum.pcastuces.com/default.asp
PS : je pense que le Lyonnais a vu Eorezo et qu' il te demandera d' installer Ad-Remover par la suite pour la suppression.
Bonne continuation ...
Fix Navipromo version 4.0.1 commencé le 12/07/2009 17:19:59,29
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 11.07.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : BIOS Date: 09/13/04 09:52:14 Ver: 08.00.09
USER : philippe moulherat ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090711-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:76 Go (Free:30 Go)
D:\ (CD or DVD)
E:\ (USB)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\WINDOWS\system32\agsse.dat supprimé !
C:\WINDOWS\system32\gooqc.dat supprimé !
C:\WINDOWS\system32\iqkiayw.dat supprimé !
C:\WINDOWS\system32\mcoyiuc.exe supprimé !
C:\WINDOWS\system32\mcoyiuc.dat supprimé !
C:\WINDOWS\system32\mcoyiuc_navps.dat supprimé !
C:\WINDOWS\prefetch\mcoyiuc*.pf supprimé !
C:\WINDOWS\system32\sgsqwkw.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\philippe moulherat\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé 12/07/2009 17:32:24,96 ***