besoin daide pour désintaler total security Résolu

Question

Bonjour,
comme dit plus haut j'ai besoin d'aide pour désinstaller ce maudit anti-virus.
J'ai suivi plusieurs aide , mais malheureusement je ne suis pas très bon en informatique et je ne comprend pas très bien les explications . 
J'ai juste compris que je devais utiliser RSIT mais je ne comprend pas les étapes à suivre après , donc si quelqu'un pouvait me les expliqués plus simplement si possible car cela fais assez longtemps que je tente d'effacer ce logiciel.
Je vous remercie d'avance.

Destrio5 · Accepted Answer

Ah oui...

Commence par désinstaller un antivirus, il n'en faut qu'un seul.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

XaTon · Answer

Salut

Fait ceci

~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~

- Telecharger Hijack 
>http://www.infos-du-net.com/telecharger/HijackThis.html

Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"

- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier

- Poste moi le rapport entier

Destrio5 · Answer

Bonjour,

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

XaTon · Answer

Bonne continuation Destrio5

Tchaô a vous deux

Destrio5 · Answer

Je n'avais pas vu que tu avais posté.

HijackThis n'est pas assez complet.

XaTon · Answer

Je n'avais pas vu que tu avais posté. 

Pas grave , sa c'est joué a 10 secondes 

Je commence a fatiguer , donc a toi l'honneur

^^

Niitro · Answer

bonjour Destrio5 et merci de ta rapidité ,
j'ai téléchargé RSIT comme tu me l'as conseillé mais il apparait seulement le Log est-ce normal?

Destrio5 · Answer

Si tu l'as déjà lancé une fois, oui.

Tu trouveras le rapport info dans C:\rsit.

Niitro · Answer

Très bien je te les donne :

>>>>>>>>>>>>>LOG<<<<<<<<<<<<
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-08-28 00:58:59
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 32 GB (22%) free of 146 GB
Total RAM: 382 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:59:05, on 28/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.apple.com/fr/itunes/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [15820934] C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Internet Connection Wizard Setup Tool] C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Startup: Notification de cadeaux MSN.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: icwsetup.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{584EF6B8-7235-4758-B0EB-0064E512F6AF}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1D2AB50-1CEB-4AE7-B108-F6DED529D54C}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

Niitro · Answer

Par "Commence par désinstaller un antivirus, il n'en faut qu'un seul. "
tu veux dire que j'en ai plusieurs ? étant donné que je ne suis pas le seul utilisateur de cet ordi cela ne m'entonnerai pas ...

Destrio5 · Answer

Il y a Avast et Norton.

Niitro · Answer

ComboFix 09-08-27.02 - HP_Propriétaire 28/08/2009  1:19.1.1 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.2.1252.33.1036.18.382.96 [GMT 2:00]
Running from: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090827-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\data
c:\data\patch01_01.fs
c:\documents and settings\All Users\Application Data\15820934
c:\documents and settings\All Users\Application Data\15820934\15820934
c:\documents and settings\All Users\Application Data\15820934\15820934.exe
c:\documents and settings\All Users\Application Data\15820934\pc15820934ins
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\Solt Lake Software
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206002413546.log
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206104522500.log
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206110440140.log
c:\documents and settings\All Users\Application Data\Starware
c:\documents and settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\FindIt.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\FindItHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\findithotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\finditxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\games.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Highlight.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\highlighthotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\highlightxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\logo.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\logoxp.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Reference.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttonseferencehotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttonseferencexp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\screensaver.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Weather.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\weatherhotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\weatherxp.png
c:\documents and settings\All Users\Application Data\Starware\contexts\error.xml
c:\documents and settings\All Users\Application Data\Starware\contextselated.xml
c:\documents and settings\All Users\Application Data\Starware\contexts	ravel.xml
c:\documents and settings\All Users\Application Data\ZangoSA
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\Fichiers communs\WinAntiVirus Pro 2006
c:\program files\HbTools
c:\program files\HbTools\Bin\4.7.2.1\dBenderC.dll
c:\program files\HbTools\Bin\HbtUninst.exe
c:\program files\HbTools\HbTools.log
c:\program files\HbTools\HbTools_1136393056.log
c:\program files\HbTools\HbTools_1137566291.log
c:\program files\HbTools\HbTools_1138386967.log
c:\program files\HbTools\HbTools_1139211698.log
c:\program files\HbTools\HbTools_1139920975.log
c:\program files\HbTools\HbTools_1140685244.log
c:\program files\HbTools\HbTools_1141403599.log
c:\program files\HbTools\HbTools_1142185282.log
c:\program files\HbTools\HbTools_1143238130.log
c:\program files\HbTools\HbTools_1144774595.log
c:\program files\HbTools\HbTools_1145722514.log
c:\program files\instant access
c:\program files\instant access\Center\Fun-Games.lnk
c:\program files\instant access\Center\GAMES-DESKTOP.COM.upd
c:\program files\instant access\Center\GAMES-DESKTOP.upd
c:\program files\instant access\Center\SERIALPLAYERS.upd
c:\program files\instant access\Center	ray1.ico
c:\program files\instant access\DesktopIcons\Fun-Games.lnk
c:\program files\instant access\Dialer\113208559\es6-scripts.dlv4.com\Common\8886f7dca31f8f6eb1e9024a1e93ee36.html
c:\program files\instant access\Dialer\113208559\fp.gad-network.com\67d61db41f263527329270cf614a7a7b.html
c:\program files\instant access\Dialer\113208559\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\393005738\es6-scripts.dlv4.com\Common\a611f07e578804c79b3af325a252ca5b.html
c:\program files\instant access\Dialer\393005738\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\393005738\www.epass-key.com\9836705ee32a016de45b422a695c8720.html
c:\program files\instant access\Dialer\570370277\es6-scripts.dlv4.com\Common\b2f2c2bea4e6709a2e874e5c118e86f9.html
c:\program files\instant access\Dialer\570370277\GAMES-DESKTOP.lnk
c:\program files\instant access\Dialer\570370277\www.epass-key.com\4234b7c14a253961f7b6cf13e0201a49.html
c:\program files\instant access\Dialer\614962178\es6-scripts.dlv4.com\Common\4cc4d04cb7a3522aab3bfb79da8cbd7b.html
c:\program files\instant access\Dialer\614962178\fp.gad-network.com\d8303b55449276941453f794f02b7f55.html
c:\program files\instant access\Dialer\614962178\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\689325458\es6-scripts.dlv4.com\Common\2fd1c5875aa15ffb344a4ece29fe1244.html
c:\program files\instant access\Dialer\689325458\fp.gad-network.com\6c340d333594e3b87e5d19ba66d8b970.html
c:\program files\instant access\Dialer\689325458\GAMES-DESKTOP.lnk
c:\program files\instant access\Dialer\994874928\es6-scripts.dlv4.com\Common\51a8859237d759ebdedd5e3d06ae0c8a.html
c:\program files\instant access\Dialer\994874928\fp.gad-network.com\b52478c9c0928f7c305ce89677ec0a6a.html
c:\program files\instant access\Dialer\994874928\GAMES-DESKTOP.COM.lnk
c:\program files\instant access\Multi\20061004181048\Common\module.php
c:\program files\instant access\Multi\20061004181048\dialerexe.ini
c:\program files\instant access\Multi\20061004181048\js\js_api_dialer.php
c:\program files\instant access\Multi\20061004181048\medias\button1.gif
c:\program files\instant access\Multi\20061004181048\medias\button2.gif
c:\program files\instant access\Multi\20061004181048\medias\button3.gif
c:\program files\instant access\Multi\20061004181048\medias\button4.gif
c:\program files\instant access\Multi\20061004181048\medias\dialer.ico
c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
c:\program files\montorgueil
c:\program files\montorgueil\14.04948
c:\program files\montorgueil\ParisMec\ParisMec.ico
c:\program files\Mozilla Firefox\plugins
pclntax_ZangoSA.dll
c:\program files\PCHealthCenter
c:\program files\PCHealthCenter\0.gif
c:\program files\PCHealthCenter\1.gif
c:\program files\PCHealthCenter\1.ico
c:\program files\PCHealthCenter\2.gif
c:\program files\PCHealthCenter\2.ico
c:\program files\PCHealthCenter\3.gif
c:\program files\PCHealthCenter\foo.txt
c:\program files\PCHealthCenter\sc.html
c:\program files\screensavers.com
c:\program files\screensavers.com\Installer\bin\iebyterange.xml
c:\program files\screensavers.com\Installer\bin\iebyterange.xml.backup
c:\program files\screensavers.com\Installer\bin\siuninst.exe
c:\program files\ShoppingReport
c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
c:\program files\ShoppingReport\Uninst.exe
c:\program files\TS-2009
c:\program files\TS-2009	otalsecure.s2
c:\program files\TS-2009	otalsecure.s3
c:\program files\TS-2009	otalsecure.s6
c:\program files\TS-2009\uninstall.exe
c:\program files\videosoft
c:\program files\videosoft\Uninstall.exe
c:\program files\winantivirus pro 2006
c:\program files\WinAntiVirus Pro 2006\history.db
c:\program files\WinPCap
c:\program files\WinPCappcapd.exe
c:\program files\zango
c:\program files\zango\bin\10.3.75.0\arrow.ico
c:\program files\zango\bin\10.3.75.0\CntntCntr.dll
c:\program files\zango\bin\10.3.75.0\copyright.txt
c:\program files\zango\bin\10.3.75.0\CoreSrv.dll
c:\program files\zango\bin\10.3.75.0\firefox\extensions\chrome.manifest
c:\program files\zango\bin\10.3.75.0\firefox\extensions\components
pclntax.xpt
c:\program files\zango\bin\10.3.75.0\firefox\extensions\install.rdf
c:\program files\zango\bin\10.3.75.0\firefox\extensions\plugins
pclntax_ZangoSA.dll
c:\program files\zango\bin\10.3.75.0\HostIE.dll
c:\program files\zango\bin\10.3.75.0\HostOE.dll
c:\program files\zango\bin\10.3.75.0\HostOL.dll
c:\program files\zango\bin\10.3.75.0\link.ico
c:\program files\zango\bin\10.3.75.0\OEAddOn.exe
c:\program files\zango\bin\10.3.75.0\Srv.exe
c:\program files\zango\bin\10.3.75.0\Toolbar.dll
c:\program files\zango\bin\10.3.75.0\Wallpaper.dll
c:\program files\zango\bin\10.3.75.0\Weather.exe
c:\program files\zango\bin\10.3.75.0\WeSkin.dll
c:\program files\zango\bin\10.3.75.0\ZangoSA.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAAX.dll
c:\program files\zango\bin\10.3.75.0\ZangoSADF.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAHook.dll
c:\program files\zango\bin\10.3.75.0\ZangoUninstaller.exe
c:ecycler\S-1-5-21-1242983221-992244275-1784959909-501
c:ecycler\S-1-5-21-308827527-3909201078-4104962599-1008
c:ecycler\S-1-5-21-3137409478-3730925868-1976940642-1008
c:ecycler\S-1-5-21-3245804521-2740501762-3650072237-1008
c:ecycler\S-1-5-21-3616617761-875328341-2521263613-1008
c:ecycler\S-1-5-21-3833088236-622994-2235584449-1008
c:ecycler\S-1-5-21-3970352356-535226454-1514621777-1008
C:esycled
c:\windows\1009viz5565.dll
c:\windows\10131n5t-a-virusz6f9.dll
c:\windows\10592worm5zc.exe
c:\windows\10c9addwa5e1829z.dll
c:\windows\11206vi5u92c9z.ocx
c:\windows\11458z9y459.bin
c:\windows\11502zp9mbot5385.dll
c:\windows\1150s5eaz599.exe
c:\windows\11f4downzoad9r5825.bin
c:\windows\12779not5a-vizus551.dll
c:\windows\127955ozm749.exe
c:\windows\12z59not-a-v5rus1dc.dll
c:\windows\13057hackz5ol6b9.bin
c:\windows\13485szy3d99.exe
c:\windows\1349spyzare525.ocx
c:\windows\13785spambo9z9e5.bin
c:\windows\13b3szeal1592.bin
c:\windows\143069zy5c5.exe
c:\windows\14597hackt9ol3z5.bin
c:\windows\1460azdwar527129.bin
c:\windows\1513troj759z.cpl
c:\windows\155159a5ktooz692.cpl
c:\windows\15536hac5zool599.bin
c:\windows\155889irus14fz.cpl
c:\windows\1561z9arse664.bin
c:\windows\15754vi9us1ze.dll
c:\windows\15a3zparse9563.exe
c:\windows\15bzthief3984.exe
c:\windows\15z41tr9j3e.bin
c:\windows\15z8vir2911.dll
c:\windows\15zst5al26719.exe
c:\windows\1643vi522z99.dll
c:\windows\1658spy799z.bin
c:\windows\16699ha5kz9ol421.dll
c:\windows\169dba5kdoor301z.ocx
c:\windows\17aathreat9955z.ocx
c:\windows\1822not-a-vi5usz09.exe
c:\windows\1845hreat1z299.exe
c:\windows\186359ot-a-zirus1cd.dll
c:\windows\189esparsez517.exe
c:\windows\18z145roj36d9.ocx
c:\windows\18zcbac9d5or1388.ocx
c:\windows\19052troj3z.cpl
c:\windows\19209hacktzoldc5.ocx
c:\windows\19274virusz95.ocx
c:\windows\192bvzr815.cpl
c:\windows\19556virus56z.exe
c:\windows\196bs9zal1885.ocx
c:\windows\19740t5oz82.cpl
c:\windows\19895zr2693.ocx
c:\windows\1d9thie9589z.ocx
c:\windows\1z007hackto59600.ocx
c:\windows\1z595virus993.ocx
c:\windows\1zabspyw9r53124.bin
c:\windows\200565rojdz9.cpl
c:\windows\2050trzj926.bin
c:\windows\2065znot-9-virus525.exe
c:\windows\20983not-a-zi5us9a2.bin
c:\windows\20z08spam5ot910.bin
c:\windows\20z86tr5j916.cpl
c:\windows\20z98hacktool59d.bin
c:\windows\21527h5cktoo95zd.ocx
c:\windows\21557szy539.ocx
c:\windows\2249zs5y79c.cpl
c:\windows\22558sp9mbotzfb.bin
c:\windows\22585zpambotc9.exe
c:\windows\2292h5c9tzol4c1.exe
c:\windows\22z34troj5b9.bin
c:\windows\23237h9c5tool106z.exe
c:\windows\23312v9rus25z.cpl
c:\windows\235905pamboz25a.cpl
c:\windows\23654sz9mbot12e.ocx
c:\windows\23698not-a-zi5us6fd.exe
c:\windows\2395zpy2fd.cpl
c:\windows\23997not-a95iruz5f4.exe
c:\windows\23z13spam9ot595.exe
c:\windows\24754sp9mboz79.cpl
c:\windows\24900spambot265z.ocx
c:\windows\24925tzal355.ocx
c:\windows\24z58t9oj115.dll
c:\windows\24z745roj259.ocx
c:\windows\25129s9a5bot4a5z.dll
c:\windows\25295szy365.cpl
c:\windows\25539hack9ooz1c0.cpl
c:\windows\25583hackzool5f9.dll
c:\windows\2572t9reatz3406.cpl
c:\windows\25cddownlzade92353.exe
c:\windows\25dzs5yware5869.dll
c:\windows\25e0threat19z569.ocx
c:\windows\263cstealz952.bin
c:\windows\26506h9zktool754.bin
c:\windows\2666zw95m72c.cpl
c:\windows\26z989a5ktool461.ocx
c:\windows\27152noz-a-5irus9bc.cpl
c:\windows\27725spa9bot574z.cpl
c:\windows\27989viru558z.ocx
c:\windows\27z589ot-5-virus47d.dll
c:\windows\28482zi5u95f8.exe
c:\windows\2859virzs585.cpl
c:\windows\28947tr5jz39.exe
c:\windows\29438spambzt47c5.exe
c:\windows\2945t5oj60fz.exe
c:\windows\29595worz5e8.exe
c:\windows\296z3tr9j2895.ocx
c:\windows\29z5t9re5t19442.bin
c:\windows\29zfv9r1595.bin
c:\windows\2b3baczdo9r2519.dll
c:\windows\2b4azh9eat5023.dll
c:\windows\2b5zsteal297.ocx
c:\windows\2d9b5hief9294z.bin
c:\windows\2e50spyware935z.cpl
c:\windows\2z025troj591.dll
c:\windows\2z99spy529.exe
c:\windows\2z9fdo5nloader958.dll
c:\windows\2zc1a5dware569.ocx
c:\windows\30092h5ckzool5b9.dll
c:\windows\300fst9al1957z.cpl
c:\windows\3081w5rmzba9.ocx
c:\windows\30971spzmbo51e6.exe
c:\windows\31239hzeat283945.cpl
c:\windows\31289zirus750.exe
c:\windows\315569py3z.cpl
c:\windows\31676zr9j28c5.dll
c:\windows\32026notza-vi59s7a1.cpl
c:\windows\32551vz9us15d.exe
c:\windows\327z3tr9j555.bin
c:\windows\3459pz652.cpl
c:\windows\3503addza9e2301.bin
c:\windows\350thiez909.cpl
c:\windows\35259not-a-virus2d9z.cpl
c:\windows\354b9par5z2265.bin
c:\windows\354dspywa9e29z5.exe
c:\windows\3570hazkto9l20c.exe
c:\windows\3595s5yz92.ocx
c:\windows\3595zpambot91c.exe
c:\windows\359zworm7d.cpl
c:\windows\35e9thiefz6.cpl
c:\windows\35zathreat26196.dll
c:\windows\3618not-azv9rus525.cpl
c:\windows\37945p9626z.cpl
c:\windows\37dzth5e9139.dll
c:\windows\3832zp5mb9t3d9.ocx
c:\windows\39323hack5oolzc9.bin
c:\windows\3953zhie9938.ocx
c:\windows\39751virus2ze5.bin
c:\windows\3aebthrzat15159.dll
c:\windows\3azb59dware1758.cpl
c:\windows\3b30az5ware8819.exe
c:\windows\3b71t9re5z9077.cpl
c:\windows\3bz9stea52164.bin
c:\windows\3c55s9ywzre3128.dll
c:\windows\3e4abackzoor9115.exe
c:\windows\3ee3downlo9der1z95.dll
c:\windows\3z64spyware9593.exe
c:\windows\3zc79te5l3254.ocx
c:\windows\4009vizu529c.bin
c:\windows\40z9add5are3101.bin
c:\windows\419zd5wnloader1688.ocx
c:\windows\424c9hrzat51040.cpl
c:\windows\4259z9y46e.ocx
c:\windows\4335thizf947.cpl
c:\windows\438st5az2393.cpl
c:\windows\449backdooz1555.exe
c:\windows\44ba9kdoor2587z.bin
c:\windows\450as9arsez531.dll
c:\windows\4513spzware25935.bin
c:\windows\452f9irz433.dll
c:\windows\45a9virz956.cpl
c:\windows\45e4spywaze2969.exe
c:\windows\45e9tzief19925.ocx
c:\windows\4658threat189z2.ocx
c:\windows\4669nzt-a-viru9656.dll
c:\windows\48z7ba9kdo5r2099.exe
c:\windows\4909addwaze2569.cpl
c:\windows\4941zir1535.ocx
c:\windows\49465acktool629z.bin
c:\windows\4975backdozr2829.cpl
c:\windows\4a0aback5o9rz580.ocx
c:\windows\4b53thze9t22740.cpl
c:\windows\4b98baz5door1489.cpl
c:\windows\4c43threat1z1895.dll
c:\windows\4czdv5r9233.dll
c:\windows\4d295hief204z9.dll
c:\windows\4d88d9wnlzader27225.cpl
c:\windows\4e9ez5y9are387.exe
c:\windows\4eb2zpywar53059.exe
c:\windows\5000ha5kz9ol4fa.dll
c:\windows\5006th59at7944z.cpl
c:\windows\50964zroj649.cpl
c:\windows\5097no9za-virus6d.bin
c:\windows\50a6spy9aze3157.dll
c:\windows\50z4stea95186.ocx
c:\windows\50z7spar5e31179.cpl
c:\windows\518zspambo9e25.ocx
c:\windows\5229downloadzr9530.bin
c:\windows\5285spyware9z60.exe
c:\windows\52e7thzeat504469.dll
c:\windows\530z9r91.bin
c:\windows\53457v9rzs3de.cpl
c:\windows\536bsp9ware12z9.cpl
c:\windows\536sz9mb5t40f.cpl
c:\windows\5499viru92z3.dll
c:\windows\54aes9ars514z6.dll
c:\windows\5508hackzo5l6f9.bin
c:\windows\5536threa92z527.ocx
c:\windows\5559spa9sez.dll
c:\windows\55e0spzw9re2507.exe
c:\windows\565zspambo9359.dll
c:\windows\5695s9yze25.exe
c:\windows\5765wor9z29.dll
c:\windows\57espy9aze2492.cpl
c:\windows\585espyware301z9.bin
c:\windows\59029troz5a2.dll
c:\windows\59145aczdoor1366.bin
c:\windows\5955troj9fez.exe
c:\windows\59995hacktooz7e8.cpl
c:\windows\59e5azdw5re602.bin
c:\windows\5a58steal92z.cpl
c:\windows\5ad1steal1z39.dll
c:\windows\5bf9thizf2616.cpl
c:\windows\5cecvir2z499.exe
c:\windows\5cedbackdo9r235z5.dll
c:\windows\5cfdzhief379.bin
c:\windows\5d595hreat815z.bin
c:\windows\5e64v59553z.ocx
c:\windows\5fc9backzoor2303.exe
c:\windows\5z18ad9ware2704.cpl
c:\windows\5z1asteal1903.dll
c:\windows\5z49ir1088.dll
c:\windows\5z82t9ief2912.cpl
c:\windows\5z84addware9933.exe
c:\windows\5z93addware2555.ocx
c:\windows\5z9cvir985.cpl
c:\windows\61059aczdoor1146.ocx
c:\windows\6245tzrea926588.ocx
c:\windows\64e0d5wzloader9032.bin
c:\windows\6521ste9l2z63.exe
c:\windows\652f9iz1175.ocx
c:\windows\655eaddwarz9204.ocx
c:\windows\655zspyware3949.cpl
c:\windows\6595spz75.bin
c:\windows\659a5ddwarez989.ocx
c:\windows\65a0sp9rze595.bin
c:\windows\65z7spyw9re1255.dll
c:\windows\66699acktz5l766.cpl
c:\windows\66b2baczd5or1496.exe
c:\windows\6748spyw5z91025.ocx
c:\windows\6788zh5ef1669.dll
c:\windows\680dba95door2z79.cpl
c:\windows\6901thre5t29691z.cpl
c:\windows\6901vi575z.bin
c:\windows\6958wozm1e95.ocx
c:\windows\6abdth9efz255.cpl
c:\windows\6ad4thie5z996.dll
c:\windows\6b49t5zef2030.bin
c:\windows\6c1z59r2654.cpl
c:\windows\6cvirz529.dll
c:\windows\6e00downzoad5r1019.ocx
c:\windows\6e2edow5l9ader1z59.dll
c:\windows\6e2fdoznloade92256.dll
c:\windows\6f195te9l394z.ocx
c:\windows\6zcfad5ware9379.cpl
c:\windows\70459zoj7b5.exe
c:\windows\720th5zf9001.ocx
c:\windows\72azaddware30509.exe
c:\windows\7357s5ywaze1911.bin
c:\windows\7437w5rz75b9.ocx
c:\windows\74b8backdoo9322z5.ocx
c:\windows\7563stz9l349.dll
c:\windows\75bb9teaz1505.cpl
c:\windows\762dsp9w5ze969.dll
c:\windows\7856wor9279z.ocx
c:\windows\7865baczdoor1998.ocx
c:\windows\78c3s9yware1056z.cpl
c:\windows\7932s5y4z9.exe
c:\windows\795bsparsez2715.bin
c:\windows\79easpywaz93085.exe
c:\windows\79ffthief5877z.exe
c:\windows\7b79zownloader20495.bin
c:\windows\7b9fthief1z95.cpl
c:\windows\7e5eadzwa5e7519.ocx
c:\windows\7f91s5ezl2267.exe
c:\windows\7z15s9eal1357.cpl
c:\windows\7za59ir35.exe
c:\windows\81es9ywar5z474.bin
c:\windows\824v5rz299.exe
c:\windows\8319zpy5005.bin
c:\windows\8999spy65z.ocx
c:\windows\9009vir5z312.cpl
c:\windows\9035zirus6f9.cpl
c:\windows\90786hack5ooz4aa.dll
c:\windows\9115vi59z61b.cpl
c:\windows\922dbazkd5or1166.dll
c:\windows\925dspyware1z54.dll
c:\windows\9273vi5us28z.ocx
c:\windows\9283thi5f6z8.cpl
c:\windows\93193worz7645.cpl
c:\windows\940695roj1d7z.dll
c:\windows\9445downloader25z3.bin
c:\windows\9495zpyware3012.dll
c:\windows\94z89s5ambot6ab.cpl
c:\windows\9513viru974z.ocx
c:\windows\953aa5dwzre2.dll
c:\windows\9552zteal3201.cpl
c:\windows\9554zorm9d6.cpl
c:\windows\9580sparse4z1.bin
c:\windows\95avi9248z.dll
c:\windows\962vizus295.bin
c:\windows\9651thre5z9659.exe
c:\windows\968t5rea9z0150.exe
c:\windows\9715vir1z33.exe
c:\windows\987zwor53d9.ocx
c:\windows\9885zspam5ot653.cpl
c:\windows\99246spz658.dll
c:\windows\99703no5-a-virzs689.dll
c:\windows\9c25bazkd5or91.dll
c:\windows\9dacv5r92z.dll
c:\windows\9faspyware9z58.exe
c:\windows\9z02worm1059.bin
c:\windows\9z0n9t-a-virus2895.cpl
c:\windows\9z523worm30e.exe
c:\windows\9z54v9ru5768.cpl
c:\windows\9z590troj587.bin
c:\windows\9z908viru54a2.exe
c:\windows\a5fsparse279z.ocx
c:\windows\a79a9zw5re1043.dll
c:\windows\b53viz990.dll
c:\windows\bad59z1797.cpl
c:\windows\bkqxdons.dll
c:\windows\c92thie95193z.bin
c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by  OPTIMA SYSTEMS 
c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by  OPTIMA SYSTEMS \uninstall.exe
c:\windows\DUNGEON SIEGE 2 AUTOCRACK by  OPTIMA SYSTEMS 
c:\windows\DUNGEON SIEGE 2 AUTOCRACK by  OPTIMA SYSTEMS \uninstall.exe
c:\windows\e5evi959z.exe
c:\windows\exgq.exe
c:\windows\ez5sp9rse2505.dll
c:\windows\Installer\102255b.msp
c:\windows\Installer\10def5c.msi
c:\windows\Installer\11dbcc.msi
c:\windows\Installer\11dbd2.msi
c:\windows\Installer\11ddbf.msi
c:\windows\Installer\1275a34.msp
c:\windows\Installer\157b1bf.msi
c:\windows\Installer\157b1c8.msi
c:\windows\Installer\173ce3a.msi
c:\windows\Installer\173cee7.msi
c:\windows\Installer\173cee8.msp
c:\windows\Installer\173cee9.msp
c:\windows\Installer\173ceea.msp
c:\windows\Installer\173ceeb.msp
c:\windows\Installer\173ceec.msp
c:\windows\Installer\173ceed.msp
c:\windows\Installer\173ceee.msp
c:\windows\Installer\173ceef.msp
c:\windows\Installer\173cef0.msp
c:\windows\Installer\178dad9.msi
c:\windows\Installer\178dada.msp
c:\windows\Installer\178dadb.msp
c:\windows\Installer\178dadc.msp
c:\windows\Installer\178dadd.msp
c:\windows\Installer\178dade.msp
c:\windows\Installer\178dadf.msp
c:\windows\Installer\178dae0.msp
c:\windows\Installer\178dae1.msp
c:\windows\Installer\178dae2.msp
c:\windows\Installer\178dae3.msp
c:\windows\Installer\179181a.msp
c:\windows\Installer\1791824.msp
c:\windows\Installer\17a5385.msi
c:\windows\Installer\17b52cb.msi
c:\windows\Installer\17b52cc.msp
c:\windows\Installer\17b52cd.msp
c:\windows\Installer\17b52ce.msp
c:\windows\Installer\17b52cf.msp
c:\windows\Installer\17b52d0.msp
c:\windows\Installer\17b52e0.msi
c:\windows\Installer\17b52e1.msp
c:\windows\Installer\17b52e2.msp
c:\windows\Installer\17b52e3.msp
c:\windows\Installer\17b52e4.msp
c:\windows\Installer\17b52e5.msp
c:\windows\Installer\17b52e6.msp
c:\windows\Installer\17b52e7.msp
c:\windows\Installer\17b52ee.msi
c:\windows\Installer\17c2826.msi
c:\windows\Installer\17c2831.msi
c:\windows\Installer\17c283c.msi
c:\windows\Installer\17c289a.msi
c:\windows\Installer\17c28a7.msi
c:\windows\Installer\17c28ad.msi
c:\windows\Installer\17c28b3.msi
c:\windows\Installer\17c28b9.msi
c:\windows\Installer\17c28c0.msi
c:\windows\Installer\17c28ca.msi
c:\windows\Installer\17c28d0.msi
c:\windows\Installer\19161ed.msi
c:\windows\Installer\19363aa.msi
c:\windows\Installer\193d577.msi
c:\windows\Installer\1a5143.msi
c:\windows\Installer\1a5149.msi
c:\windows\Installer\1a9e386.msi
c:\windows\Installer\1ad1578.msi
c:\windows\Installer\1cc0346.msp
c:\windows\Installer\25227af.msi
c:\windows\Installer\258eb.msp
c:\windows\Installer\26d964b.msi
c:\windows\Installer\2702121.msp
c:\windows\Installer\2d0f500.msi
c:\windows\Installer\2d0f501.msp
c:\windows\Installer\2d0f502.msp
c:\windows\Installer\2d0f503.msp
c:\windows\Installer\2d0f504.msp
c:\windows\Installer\2d0f505.msp
c:\windows\Installer\2d0f506.msp
c:\windows\Installer\2d0f507.msp
c:\windows\Installer\2d0f508.msp
c:\windows\Installer\2d0f509.msp
c:\windows\Installer\2d17f46.msi
c:\windows\Installer\2d17f5f.msp
c:\windows\Installer\2daea7.msi
c:\windows\Installer\2ecea51.msi
c:\windows\Installer\324fd9.msi
c:\windows\Installer\356f0.msi
c:\windows\Installer\356f6.msi
c:\windows\Installer\356fc.msi
c:\windows\Installer\3d5d0b.msi
c:\windows\Installer\3ed080.msi
c:\windows\Installer\43a5f4.msi
c:\windows\Installer\43a5f8.msi
c:\windows\Installer\45c6a.msi
c:\windows\Installer\45c82.msp
c:\windows\Installer\4bb1bc.msi
c:\windows\Installer\4bb1c8.msi
c:\windows\Installer\54ef3c.msi
c:\windows\Installer\553d8.msi
c:\windows\Installer\6ab77a.msi
c:\windows\Installer\6c614.msi
c:\windows\Installer\711a50.msp
c:\windows\Installer\711a5a.msp
c:\windows\Installer\711a64.msp
c:\windows\Installer\75865.msi
c:\windows\Installer\7587e.msp
c:\windows\Installer\7589ac.msi
c:\windows\Installer\770f2.msi
c:\windows\Installer\7acb4.msi
c:\windows\Installer\7acb5.msp
c:\windows\Installer\7acb6.msp
c:\windows\Installer\7acb7.msp
c:\windows\Installer\7acb8.msp
c:\windows\Installer\7acb9.msp
c:\windows\Installer\7acba.msp
c:\windows\Installer\7acbb.msp
c:\windows\Installer\7acbc.msp
c:\windows\Installer\7acbd.msp
c:\windows\Installer\82607.msp
c:\windows\Installer\8f09a0.msi
c:\windows\Installer\8f09de.msi
c:\windows\Installer\97b77f.msi
c:\windows\Installer\98ebd.msi
c:\windows\Installer\98ec9.msi
c:\windows\Installer\9a4bb3.msi
c:\windows\Installer\9aa59d.msi
c:\windows\Installer\a18821.msi
c:\windows\Installer\a18ac9.msi
c:\windows\Installer\a18b03.msi
c:\windows\Installer\a18b12.msi
c:\windows\Installer\a491a.msp
c:\windows\Installer\a87409.msi
c:\windows\Installer\b8d2b.msp
c:\windows\Installer\b8d2c.msp
c:\windows\Installer\c3d22.msi
c:\windows\Installer\e3751d.msi
c:\windows\Installer\e37524.msi
c:\windows\Installer\e37541.msp
c:\windows\Installer\f1ff2.msi
c:\windows\Installer\f71ce.msi
c:\windows\k.txt
c:\windows\pack.epk
c:\windows\system32\1017noz-a-vi5u9f0.dll
c:\windows\system32\103975ir9sz72.exe
c:\windows\system32\105z1hack9oo5172.exe
c:\windows\system32\10636w59m73z.dll
c:\windows\system32\10d7s9arsz3625.dll
c:\windows\system32\10f19ac5zoor595.ocx
c:\windows\system32\11195pywarez99.cpl
c:\windows\system32\11397spa9boz1555.cpl
c:\windows\system32\119dspar5z1532.ocx
c:\windows\system32\1230szars92548.ocx
c:\windows\system32\124z9py54d.exe
c:\windows\system32\1295ad5zare2979.dll
c:\windows\system32\13199z59us3bd.dll
c:\windows\system32\13556nz5-a-virus492.bin
c:\windows\system32\13727s5ambo947z.exe
c:\windows\system32\13732not-a-5zr9s3b1.exe
c:\windows\system32\1392sparze1553.exe
c:\windows\system32\146e5zeal292.dll
c:\windows\system32\15008zorm493.ocx
c:\windows\system32\150fzhi9f1558.bin
c:\windows\system32\1519vzrus69b5.dll
c:\windows\system32\1531s9y179z.cpl
c:\windows\system32\153zb5ckdoor9666.ocx
c:\windows\system32\15499zot-a-vir5s373.exe
c:\windows\system32\15592z9555e.cpl
c:\windows\system32\15599worm57z.cpl
c:\windows\system32\15730woz959.dll
c:\windows\system32\1589virus9z.ocx
c:\windows\system32\15945hazkt9ol738.bin
c:\windows\system32\15945trojzaf.ocx
c:\windows\system32\15992trozfe.dll
c:\windows\system32\15999spz205.dll
c:\windows\system32\15a8th9ez2675.exe
c:\windows\system32\15z22hacktool91d.ocx
c:\windows\system32\16014trzj3995.ocx
c:\windows\system32\16557zorm956.exe
c:\windows\system32\16615py49z.dll
c:\windows\system32\16z47not-a5viru9298.exe
c:\windows\system32\174z0spambot7459.ocx
c:\windows\system32\17593wo5z2cd.exe
c:\windows\system32\1819hackt95lz1b.exe
c:\windows\system32\18758hackt9oz593.exe
c:\windows\system32\193bsteaz5834.ocx
c:\windows\system32\1943backzoor5621.dll
c:\windows\system32\19515spy3z8.ocx
c:\windows\system32\19516trz919c.exe
c:\windows\system32\195939zy40f.ocx
c:\windows\system32\19599hzcktoo5145.ocx
c:\windows\system32\19719trzj7195.dll
c:\windows\system32\197459pamboz3925.bin
c:\windows\system32\1978thr5at21z0.exe
c:\windows\system32\19944vizus554.bin
c:\windows\system32\19955no9-a-virzs30b.cpl
c:\windows\system32\19d0zhief5023.cpl
c:\windows\system32\1azath59at41.cpl
c:\windows\system32\1deczhief3569.ocx
c:\windows\system32\1e97backdzor591.exe
c:\windows\system32\1z439tr9j1f5.dll
c:\windows\system32\1z5989orm5de.ocx
c:\windows\system32\1z808w9rm6f45.cpl
c:\windows\system32\1z999virus15.cpl
c:\windows\system32\1zebth9eat13657.bin
c:\windows\system32\20418hackto9l55z.ocx
c:\windows\system32\2065troj789z.bin
c:\windows\system32\20z559roj5e4.dll
c:\windows\system32\21140vz9us5a.cpl
c:\windows\system32\21509wormzf1.ocx
c:\windows\system32\21635zacktoo994.ocx
c:\windows\system32\2183not-a95irzs7b0.exe
c:\windows\system32\21zet5ief1059.ocx
c:\windows\system32\220305izus2b9.bin
c:\windows\system32\22145tea9756z.ocx
c:\windows\system32\2269backdo5rz9669.exe
c:\windows\system32\232z1s9y4a5.dll
c:\windows\system32\23522spzm9ot5af5.bin
c:\windows\system32\235zvir19339.bin
c:\windows\system32\236aste9l18z5.ocx
c:\windows\system32\23fc9hreaz15430.cpl
c:\windows\system32\23z57spamb9t2e9.bin
c:\windows\system32\24752not-a-zi95s31d.dll
c:\windows\system32\24z16ha9ktoolf5.exe
c:\windows\system32\254z1s9y1a.ocx
c:\windows\system32\254z4not9a-virus39e.cpl
c:\windows\system32\25564z95-a-virusce.cpl
c:\windows\system32\2579zworm45.cpl
c:\windows\system32\2589s5zware9105.bin
c:\windows\system32\25971viruz4c0.bin
c:\windows\system32\25989troj37z.dll
c:\windows\system32\259fa9dzare1572.cpl
c:\windows\system32\25czdo9nloade5330.bin
c:\windows\system32\25tro95z.cpl
c:\windows\system32\26059szambot9d3.ocx
c:\windows\system32\26376spamz9t56b.cpl
c:\windows\system32\26422virzs955.bin
c:\windows\system32\2651zha9ktool4b8.exe
c:\windows\system32\26751s95zbot423.bin
c:\windows\system32\26z69v9rus485.exe
c:\windows\system32\270659irzs718.exe
c:\windows\system32\2725addware1z69.exe
c:\windows\system32\27451not9azvirus2f7.ocx
c:\windows\system32\27508szambotf9.cpl
c:\windows\system32\2755w9rm4z.ocx
c:\windows\system32\27889ot5a-viruz367.dll
c:\windows\system32\28139hacktool58bz.bin
c:\windows\system32\28770h9cztool735.exe
c:\windows\system32\287aadd95rz2859.dll
c:\windows\system32\2928zh5cktool1b5.bin
c:\windows\system32\2931t5iefz702.exe
c:\windows\system32\293345roz5e8.ocx
c:\windows\system32\295sparsz1928.dll
c:\windows\system32\29926no9-a-zirus95.exe
c:\windows\system32\29z19not-a-v9rus345.bin
c:\windows\system32\2d93zi53264.bin
c:\windows\system32\2e96a9dware253z.bin
c:\windows\system32\2f5aszeal1099.ocx
c:\windows\system32\2z40t5ie92359.bin
c:\windows\system32\2z93a9dware7435.bin
c:\windows\system32\2z995hacktool69c.ocx
c:\windows\system32\2z9bthief9165.exe
c:\windows\system32\3019vzr5557.dll
c:\windows\system32\30335tro95zb.dll
c:\windows\system32\30557ha9kt5oz4de.exe
c:\windows\system32\3085bazk5o9r2689.dll
c:\windows\system32\30972z5cktool594.exe
c:\windows\system32\30z23w5r9e2.exe
c:\windows\system32\31245h9cktoolz.ocx
c:\windows\system32\3124s9y5are16z7.ocx
c:\windows\system32\312c5par9z3202.bin
c:\windows\system32\3152ztr9j41.bin
c:\windows\system32\31570worm73z9.dll
c:\windows\system32\31945noz-a-virus445.exe
c:\windows\system32\31afthi953028z.dll
c:\windows\system32\31d9doznloader9035.dll
c:\windows\system32\3209thze5462.bin
c:\windows\system32\320caz9ware1562.dll
c:\windows\system32\32125spazb9t5d4.dll
c:\windows\system32\3277add5zr93014.dll
c:\windows\system32\3349spyz59.dll
c:\windows\system32\3395vzrus559.ocx
c:\windows\system32\3540zhackto9l264.cpl
c:\windows\system32\35ca9ir2z65.cpl
c:\windows\system32\3639threat159z8.ocx
c:\windows\system32\365sz59l2961.exe
c:\windows\system32\37429pambot25cz.dll
c:\windows\system32\375bazkd5or679.cpl
c:\windows\system32\39382tr5z83.exe
c:\windows\system32\396159y436z.dll
c:\windows\system32\3980not-9-vi5us1az.bin
c:\windows\system32\3c9espar5e3z70.bin
c:\windows\system32\3de4dowzloa5er7589.dll
c:\windows\system32\3f6zt9r5at4881.ocx
c:\windows\system32\3fa9downlo9der2z55.exe
c:\windows\system32\3z0esp9ware2059.ocx
c:\windows\system32\3z3aspar5e29529.exe
c:\windows\system32\3z46wo5931c.bin
c:\windows\system32\3z85backdoo520199.ocx
c:\windows\system32\40635pars92167z.bin
c:\windows\system32\4169notza-virus9ab5.dll
c:\windows\system32\4271woz5295.dll
c:\windows\system32\42d59dd5are8z5.ocx
c:\windows\system32\44za5teal12509.dll
c:\windows\system32\4579downlo5dzr785.exe
c:\windows\system32\457a5zckdoor914.exe
c:\windows\system32\45c65ackdoorz4169.cpl
c:\windows\system32\469eadd5are41z.dll
c:\windows\system32\47265rz9a3.exe
c:\windows\system32\4987b5ckdozr2935.dll
c:\windows\system32\4992bac5door33z.exe
c:\windows\system32\4995d9wnloa5ez734.dll
c:\windows\system32\49ddbackd9oz29705.bin
c:\windows\system32\4a765te9lz826.cpl
c:\windows\system32\4c0dow5zo9der3025.dll
c:\windows\system32\4d24vi9z4095.cpl
c:\windows\system32\4d68s5zware29299.exe
c:\windows\system32\4d7azhr5at29524.dll
c:\windows\system32\4f539hizf2596.ocx
c:\windows\system32\4f99t9ief5396z.exe
c:\windows\system32\4zcfa95ware3176.ocx
c:\windows\system32\502879zy5e.dll
c:\windows\system32\502szam5ot4d49.ocx
c:\windows\system32\50515not-a-virus1c9z.exe
c:\windows\system32\5056bac9dozr713.cpl
c:\windows\system32\5078add9arz33.cpl
c:\windows\system32\50czdo9nloader922.dll
c:\windows\system32\50e1thief1769z.ocx
c:\windows\system32\50z5steal9994.dll
c:\windows\system32\5149spyzare1941.cpl
c:\windows\system32\5158s9arsz743.bin
c:\windows\system32\51941wormz19.exe
c:\windows\system32\51zethief28659.dll
c:\windows\system32\52z9virus157.dll
c:\windows\system32\53a1z5r969.exe
c:\windows\system32\5468threz927998.ocx
c:\windows\system32\5506do5nlozder695.cpl
c:\windows\system32\5507tzreat121479.ocx
c:\windows\system32\5550thie9504z.ocx
c:\windows\system32\5595szarse2926.ocx
c:\windows\system32\55ado9nloader1z9.cpl
c:\windows\system32\55bd9zreat5559.cpl
c:\windows\system32\562downloazer3097.exe
c:\windows\system32\5674ha9ztool337.ocx
c:\windows\system32\5762zte5l1965.bin
c:\windows\system32\5767zackt9ol689.bin
c:\windows\system32\57fcazdw5re13929.cpl
c:\windows\system32\582589pzmbot7c7.bin
c:\windows\system32\582ztro91df.dll
c:\windows\system32\58875zdware9115.bin
c:\windows\system32\5896zot-a-viru9335.bin
c:\windows\system32\5992vir25z9.bin
c:\windows\system32\5aa6threaz25809.ocx
c:\windows\system32\5b88zhie51898.ocx
c:\windows\system32\5c2spars925z5.bin
c:\windows\system32\5c66downloadez5879.cpl
c:\windows\system32\5c67ad5w9rz1447.exe
c:\windows\system32\5d59vzr9922.cpl
c:\windows\system32\5d99zteal14525.cpl
c:\windows\system32\5dzcsparse14059.bin
c:\windows\system32\5e215zdwa9e1977.dll
c:\windows\system32\5f19z9yware2765.exe
c:\windows\system32\5f19zpars92556.ocx
c:\windows\system32\5f55ba5kdz9r2566.ocx
c:\windows\system32\5fddzhr5at299949.bin
c:\windows\system32\5ffvir20z9.exe
c:\windows\system32\5z92downloade92808.dll
c:\windows\system32\6215not-a-vizus954.dll
c:\windows\system32\633459zm7e4.dll
c:\windows\system32\6455wor59f5z.cpl
c:\windows\system32\65539pyware1z55.exe
c:\windows\system32\6635tz9e5t25523.bin
c:\windows\system32\66925zrus308.dll
c:\windows\system32\66b79ddzare65.exe
c:\windows\system32\675bspazse69.exe
c:\windows\system32\6815spamb9t41cz.ocx
c:\windows\system32\6902spywar51957z.bin
c:\windows\system32\69035irus952z.exe
c:\windows\system32\692b5dzw9re2600.bin
c:\windows\system32\6951szy6a25.exe
c:\windows\system32\696bzhief2059.cpl
c:\windows\system32\6991doz9loader5964.ocx
c:\windows\system32\6999thiz51420.bin
c:\windows\system32\69dcthzeat25505.exe
c:\windows\system32\69z5not-a5vir9s169.exe
c:\windows\system32\6a4cthzeat19859.exe
c:\windows\system32\6f5zvir2495.ocx
c:\windows\system32\6f8aviz1596.cpl
c:\windows\system32\6z65ad9wa5e2112.cpl
c:\windows\system32\6z98wor5c09.exe
c:\windows\system32\70a5doznloa5er1999.exe
c:\windows\system32\7212nzt-a-5i9us3d1.exe
c:\windows\system32\73a59zyware2375.ocx
c:\windows\system32\7468zp5mbo97b7.bin
c:\windows\system32\7579thzef17219.ocx
c:\windows\system32\75e759iez312.bin
c:\windows\system32\76cfba9kdooz4015.ocx
c:\windows\system32\76d7th9ea547z3.exe
c:\windows\system32\76e9thie565z.bin
c:\windows\system32\77465ir9358z.ocx
c:\windows\system32\7869b5ckdozr2226.exe
c:\windows\system32\789aspar592583z.exe
c:\windows\system32\7906not-a-5irus54z.bin
c:\windows\system32\7907backzoor1556.cpl
c:\windows\system32\7969threat15287z.ocx
c:\windows\system32\798a5iz890.bin
c:\windows\system32\7a095hizf1724.dll
c:\windows\system32\7c1dthief9z65.bin
c:\windows\system32\7d65z9reat9351.cpl
c:\windows\system32\7e69st5z93255.ocx
c:\windows\system32\7f2zv5r197.ocx
c:\windows\system32\7z50spyware94385.exe
c:\windows\system32\7zc5backd9or2553.cpl
c:\windows\system32\7zf5st95l1579.exe
c:\windows\system32\8195wor59az.cpl
c:\windows\system32\85409roz707.bin
c:\windows\system32\85559zy729.bin
c:\windows\system32\85675oz-a-virus739.bin
c:\windows\system32\8965zroj59.cpl
c:\windows\system32\89zthi5f20369.bin
c:\windows\system32\8z099roj5f9.exe
c:\windows\system32\8z91troj945.ocx
c:\windows\system32\9009ot-z-vi5us7e6.dll
c:\windows\system32\9023zpa5se2900.dll
c:\windows\system32\91a35teal1z91.exe
c:\windows\system32\91adste5lz206.bin
c:\windows\system32\924z5ot-9-virus5c1.bin
c:\windows\system32\9257troj76z.cpl
c:\windows\system32\926z3n5t-a-virus68c.bin
c:\windows\system32\93760spa5bot7zc.ocx
c:\windows\system32\939v5zus1ad.exe
c:\windows\system32\93a9th5efz875.cpl
c:\windows\system32\9412zro548.exe
c:\windows\system32\946cs5ealz539.ocx
c:\windows\system32\94z4steal5354.dll
c:\windows\system32\9504zvirus1e5.cpl
c:\windows\system32\9572viz1035.bin
c:\windows\system32\95821s5azbot148.ocx
c:\windows\system32\9589viz161.ocx
c:\windows\system32\95cdad5ware212z.cpl
c:\windows\system32\95cdaddwaz51761.ocx
c:\windows\system32\95zvi9us494.bin
c:\windows\system32\96060w5rz127.bin
c:\windows\system32\9634n5tza-v9rus1f7.ocx
c:\windows\system32\96814sp5mbotz8d.cpl
c:\windows\system32\96a5viz744.ocx
c:\windows\system32\96asteal5z76.dll
c:\windows\system32\97557szy6e5.dll
c:\windows\system32\975z7spy636.ocx
c:\windows\system32\9906w5zm10a.dll
c:\windows\system32\9919worm25z.ocx
c:\windows\system32\991tzie5999.cpl
c:\windows\system32\9940s5a9bot3zd.dll
c:\windows\system32\9954vzr2422.ocx
c:\windows\system32\9969s5yz31.bin
c:\windows\system32\99d4addware1536z.bin
c:\windows\system32\99z7spy5a5.dll
c:\windows\system32\9bezaddware1075.exe
c:\windows\system32\9d4fthre5t332z.bin
c:\windows\system32\9z14wo5mf49.cpl
c:\windows\system32\9z67tr9j105.exe
c:\windows\system32\a539teal28z9.bin
c:\windows\system32\ac5s9zware459.bin
c:\windows\system32\b55stealz990.ocx
c:\windows\system32\b5fspzr9e395.bin
c:\windows\system32\b95bzckdoor1260.exe
c:\windows\system32\cfasp59se268z.ocx
c:\windows\system32\ddstea922z5.dll
c:\windows\system32\drivers
pf.sys
c:\windows\system32\ff3th5ef1195z.cpl
c:\windows\system32\kdfinj.dll
c:\windows\system32\Packet.dll
c:\windows\system32\ps2.bat
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\system32\z081add9ar52192.cpl
c:\windows\system32\z1648wo95ca.dll
c:\windows\system32\z225troj199.bin
c:\windows\system32\z2867wo5m459.exe
c:\windows\system32\z4855s5ambot1c09.dll
c:\windows\system32\z49f5teal2906.cpl
c:\windows\system32\z4b79hreat31425.exe
c:\windows\system32\z5529worm97f.cpl
c:\windows\system32\z5855w9rm143.dll
c:\windows\system32\z6665hac9tool5b7.exe
c:\windows\system32\z692thr5at1132.exe
c:\windows\system32\z7020not5a-virus449.dll
c:\windows\system32\z702vi59.exe
c:\windows\system32\z769thr5at18805.exe
c:\windows\system32\z8540tro9298.ocx
c:\windows\system32\z8735pambo938f.exe
c:\windows\system32\z8a5do9nl5ader2735.bin
c:\windows\system32\zcbasp9ware2035.cpl
c:\windows\system32\zd67t9reat14258.ocx
c:\windows\system32\zdd2ba5kd9or1370.exe
c:\windows\system32\ze59steal1914.ocx
c:\windows	mlpcert2007
c:\windows\woprdagt.exe
c:\windows\z0473not-a-virus5b59.exe
c:\windows\z0517troj689.bin
c:\windows\z105wor56f19.cpl
c:\windows\z19backdoo5303.ocx
c:\windows\z236s95rse1525.ocx
c:\windows\z41c5hreat98617.bin
c:\windows\z49225ot-a-virus3fd9.exe
c:\windows\z5544not-a-v95us3a6.cpl
c:\windows\z5556tr59785.bin
c:\windows\z56599py6cb.cpl
c:\windows\z56c5hreat39619.ocx
c:\windows\z585spywa9e1673.exe
c:\windows\z755thi9f2890.ocx
c:\windows\z79addw5re1999.cpl
c:\windows\z8143sp5796.ocx
c:\windows\z8953virus11d.exe
c:\windows\z8993hackt5ol9d.exe
c:\windows\z9559tr9j1555.bin
c:\windows\z993bac5door999.cpl
c:\windows\z9955not-a-vir5s3f9.bin
c:\windows\z995thief205.dll
c:\windows\za45threat22596.dll
c:\windows\zac5ad9war53227.cpl
c:\windows\zc85steal28759.ocx
c:\windows\zd1abackdoor21589.dll
c:\windows\zf119hief28285.bin
c:\windows\zf59s9yware2849.cpl
D:esycled
c:ecycler\S-1-5-21-1242983221-992244275-1784959909-1008 . . . . failed to delete

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GAOPDXSERV.SYS
-------\Legacy_npf
-------\Service_gaopdxserv.sys
-------\Service_npf


(((((((((((((((((((((((((   Files Created from 2009-07-27 to 2009-08-27  )))))))))))))))))))))))))))))))
.

2009-08-27 16:51 . 2009-08-27 22:59	--------	d-----w-	c:\program files	rend micro
2009-08-27 16:51 . 2009-08-27 16:52	--------	d-----w-	C:sit
2009-08-27 08:40 . 2009-08-27 08:40	33792	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
2009-08-26 23:54 . 2009-08-26 23:55	--------	d-----w-	c:\program files\iTunes
2009-08-26 23:54 . 2009-08-26 23:55	--------	d-----w-	c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-26 23:52 . 2009-08-26 23:52	--------	d-----w-	c:\program files\Bonjour
2009-08-26 23:50 . 2009-08-26 23:51	--------	d-----w-	c:\program files\QuickTime
2009-08-26 23:45 . 2009-07-09 10:16	2060288	----a-w-	c:\windows\system32\usbaaplrc.dll
2009-08-11 13:49 . 2006-06-29 11:07	14048	------w-	c:\windows\system32\spmsg2.dll
2009-08-11 13:49 . 2006-10-16 14:10	23856	----a-w-	c:\windows\system32\spupdsvc.exe
2009-08-11 13:42 . 2009-08-11 13:42	--------	d-----w-	c:\program files\Cyanide
2009-08-09 18:14 . 2009-08-09 18:14	--------	d-----w-	c:\documents and settings\HP_Prop\Bullfrog
2009-08-09 18:14 . 2009-08-09 18:14	--------	d-----w-	c:\documents and settings\HP_Prop
2009-08-09 18:14 . 2009-08-09 18:14	--------	d-----w-	c:\windows\system\KEEPER
2009-08-09 18:14 . 2009-08-09 18:14	--------	d-----w-	c:\program files\Bullfrog
2009-08-09 18:13 . 2009-08-09 18:13	--------	d-----w-	C:\KEEPER
2009-07-31 18:44 . 2009-07-31 18:44	--------	d-----w-	c:\program files\AskSearch
2009-07-31 18:44 . 2009-07-31 18:44	--------	d-----w-	c:\program files\AskBarDis
2009-07-31 18:44 . 2009-07-31 18:44	--------	d-----w-	c:\program files\uTorrent
2009-07-29 19:49 . 2009-07-29 19:49	--------	d-----w-	c:\program files	rust global

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 10:41 . 2009-01-25 16:07	189744	----a-w-	c:\windows\system32\PnkBstrB.exe
2009-08-27 10:31 . 2009-01-25 16:07	139904	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2009-08-25 09:27 . 2009-07-01 23:50	--------	d-----w-	c:\documents and settings\All Users\Application Data\Loud spam else tool
2009-08-23 13:19 . 2009-07-17 17:17	--------	d-----w-	c:\program files\MpcStar
2009-08-17 16:10 . 2009-02-17 00:43	1279456	----a-w-	c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-02-17 00:43	93392	----a-w-	c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-02-17 00:43	94160	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-02-17 00:43	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-02-17 00:43	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-02-17 00:43	51376	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-02-17 00:43	23152	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-02-17 00:43	26944	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-02-17 00:43	97480	----a-w-	c:\windows\system32\AvastSS.scr
2009-08-13 17:41 . 2009-07-16 15:45	--------	d-----w-	c:\program files\CometBird
2009-08-11 17:45 . 2009-02-03 19:30	--------	d-----w-	c:\program files\Microsoft Games
2009-08-06 20:51 . 2009-07-16 15:39	--------	d-----w-	c:\program files\BitComet
2009-08-02 11:47 . 2009-07-01 23:49	--------	d-----w-	c:\program files\Adverts
2009-07-28 12:57 . 2009-07-28 12:49	--------	d-----w-	c:\program files\MediaInfo
2009-07-28 12:56 . 2009-07-28 12:56	604488	----a-w-	c:\windows\system32\TUProgSt.exe
2009-07-28 12:56 . 2009-07-28 12:56	361288	----a-w-	c:\windows\system32\TuneUpDefragService.exe
2009-07-28 12:56 . 2009-07-28 12:51	--------	d-----w-	c:\program files\TuneUp Utilities 2009
2009-07-28 12:51 . 2009-07-28 12:51	--------	d-----w-	c:\documents and settings\All Users\Application Data\TuneUp Software
2009-07-28 12:51 . 2009-07-28 12:51	--------	d-sh--w-	c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-07-26 13:05 . 2009-07-26 13:05	--------	d-----w-	c:\program files\Aimersoft
2009-07-22 16:54 . 2008-06-16 11:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-22 10:53 . 2008-10-30 14:17	--------	d-----w-	c:\program files\Wakfu
2009-07-21 15:53 . 2009-07-02 20:52	--------	d-----w-	c:\program files\Everest Poker
2009-07-19 09:18 . 2009-02-22 16:00	--------	d-----w-	c:\program files\BitSpirit
2009-07-19 09:15 . 2008-10-25 20:24	--------	d-----w-	c:\program files\Gpotato.eu
2009-07-15 09:48 . 2009-07-28 12:56	29000	----a-w-	c:\windows\system32\uxtuneup.dll
2009-07-13 12:22 . 2009-07-13 12:22	75048	----a-w-	c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-09 10:16 . 2009-02-25 10:32	39424	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2009-07-02 18:05 . 2009-03-28 15:33	--------	d-----w-	c:\program files\NDSROM Player
2009-07-01 23:49 . 2009-07-01 23:49	--------	d-----w-	c:\program files\MessengerPlus! 3
2009-07-01 01:13 . 2009-01-25 16:06	75064	----a-w-	c:\windows\system32\PnkBstrA.exe
2009-06-30 23:56 . 2007-07-05 20:55	--------	d-----w-	c:\program files\Wolfenstein - Enemy Territory
2009-06-06 10:03 . 2009-02-17 20:27	96	---ha-w-	c:\windows\system32\HsInfo.dat
2009-01-24 21:50 . 2005-09-17 13:59	278528	----a-w-	c:\program files\Fichiers communs\FDEUnInstaller.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47	333192	----a-w-	c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-29 68856]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-02-06 3572984]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-03-24 3587120]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-07-31 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-01-02 36972]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-06 339968]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SSC_UserPrompt"="c:\program files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-08-16 218240]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
"IS CfgWiz"="c:\program files\Norton Internet Security\cfgwiz.exe" [2004-08-24 132248]
"URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 33936]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-07-01 190024]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\documents and settings\Administrateur.NOM-EB85C523610\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\documents and settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2004-8-5 23040]
Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Propri‚taire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-6-15 135680]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-5 258048]
icwsetup.exe [2009-8-27 33792]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-25 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-25 688128]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
"c:\Program Files\Wolfenstein - Enemy Territory\ET.exe"=
"c:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"=
"c:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"=
"c:\Program Files\Veoh Networks\Veoh\VeohClient.exe"=
"c:\Program Files\Metin2_France\metin2.bin"=
"c:\Program Files\Mozilla Firefox\firefox.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\uTorrent\uTorrent.exe"=
"c:\Program Files\Cyanide\Dungeon Party\DungeonParty.exe"=
"c:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe"=
"c:\Program Files\Bonjour\mDNSResponder.exe"=
"c:\Program Files\iTunes\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7720:TCP"= 7720:TCP:BitComet 7720 TCP
"7720:UDP"= 7720:UDP:BitComet 7720 UDP
"1:TCP"= 1:TCP:jjj

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17/02/2009 02:43 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17/02/2009 02:43 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [28/07/2009 14:56 604488]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [31/05/2009 02:15 79104]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [31/07/2009 20:45 234888]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [31/05/2009 02:15 131072]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva221;XDva221;\??\c:\windows\system32\XDva221.sys --> c:\windows\system32\XDva221.sys [?]
S3 XDva224;XDva224;\??\c:\windows\system32\XDva224.sys --> c:\windows\system32\XDva224.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-27 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 09:00]

2009-08-21 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2008-01-09 02:08]

2005-01-02 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-01-02 17:22]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
Toolbar-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
WebBrowser-{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - (no file)
HKLM-Run-15820934 - c:\documents and settings\All Users\Application Data\15820934\15820934.exe
HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?o=13928&l=dis
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
uSearch Bar = 
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://www.apple.com/fr/itunes/download/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-28 01:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  


c:\docume~1\HP_PRO~1\LOCALS~1\Temp\RGI4.tmp 7136 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services
pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3972)
c:\program files\MessengerPlus! 3\MsgPlusLoader.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\program files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\

Niitro · Answer

Voila dsl pour l'attente mais mon ordi n'est pas du dernier crie ...

Destrio5 · Answer

Tu n'as pas venu pour rien.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Niitro · Answer

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2707
Windows 5.1.2600 Service Pack 2

28/08/2009 02:24:21
mbam-log-2009-08-28 (02-24-21).txt

Type de recherche: Examen rapide
Eléments examinés: 123992
Temps écoulé: 8 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 26
Fichier(s) infecté(s): 334

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\WiniBlueSoft (Rogue.WiniBlue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cseport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cses1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\IESkins (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cseport\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cseport\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cses1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1041655.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1043399.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057185.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057776.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1384577.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1416861.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2258213.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2563373.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2656897.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3750949.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3752096.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3893498.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\442905.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\575811.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023894 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024148 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026054 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026149 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027037 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000028063 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000029298 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032930 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033079 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000044868 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000047858 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052008 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052451 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052615 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000057533 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059264 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059554 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000061533 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000062177 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063490 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063625 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063820 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000064073 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065105 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065154 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065227 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000068631 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000074984 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000081898 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082129 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082797 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000083033 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\116977 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\12457 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13632 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1491 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19650 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20516 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20970 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\23928 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\247895 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25063 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25424 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\266291 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27505 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\29547 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\296128 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\303579 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\306 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32242 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32418 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32887 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\3338 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33695 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34374 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34911 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\374830 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\37616 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39228 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39232 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\411116 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4142 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\41499 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\42849 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44228 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44279 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44293 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4442 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44878 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\451453 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\459338 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\472390 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\477407 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\479957 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49442 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49444 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\51174 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\520094 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\52968 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\53842 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\54488 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\546899 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\553177 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\571472 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\572023 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\578104 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\57973 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59598 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\624121 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\628262 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\658110 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67469 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68055 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68098 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\690746 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69235 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69263 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\703600 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704965 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705060 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705131 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705150 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705248 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705252 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705265 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705290 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705461 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\711791 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\716428 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\733622 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\738320 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\742100 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\744920 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\745356 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\749298 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750789 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\75089 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750891 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\7521 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\78600 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79432 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79986 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81293 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\82011 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\83226 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\85365 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\86587 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\87304 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90008 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90271 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90358 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95678 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95704 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97494 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97741 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\98250 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat\3754.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1	2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1	heweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1	op7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1	sd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2	2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2	heweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2	op7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2	sd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad	2_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad	op7.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad	sd_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\videosoft\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\ikowin32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Niitro · Answer

Voila j'espère ne pas avoir fais de mauvaises manipulations

Destrio5 · Answer

&#9679; Relance MBAM, va dans Quarantaine et supprime tout.

&#9679; Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

&#9679; Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
&#9679; Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
&#9679; Au menu principal, choisis l'option L.
&#9679; Poste le rapport généré (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.

Niitro · Answer

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Q | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 26/08/2009 à 6:37 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à:  2:35:17, 28/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™   v5.1.2600
Nom du PC: NOM-EB85C523610 | Utilisateur actuel: HP_Propri‚taire
.
. 
============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== 
.
Service: "ASKUpgrade"
.
HKCR\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Grand Virtual
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
HKLM\Software\Microsoft\Internet Explorer\Toolbar\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
.
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} 
C:\Program Files\AskBarDis\bar 
C:\Program Files\AskBarDis\unins000.dat 
C:\Program Files\AskBarDis\unins000.exe 
C:\Program Files\AskBarDis\bar\bin 
C:\Program Files\AskBarDis\bar\Cache 
C:\Program Files\AskBarDis\bar\History 
C:\Program Files\AskBarDis\bar\Settings 
C:\Program Files\AskBarDis\bar\bin\askBar.dll 
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll 
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe 
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe 
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe 
C:\Program Files\AskBarDis\bar\bin\psvince.dll 
C:\Program Files\AskBarDis\bar\Cache\022D75E6 
C:\Program Files\AskBarDis\bar\Cache\022DCB0B.bin 
C:\Program Files\AskBarDis\bar\Cache\022DEA4B.bin 
C:\Program Files\AskBarDis\bar\Cache\022DEC3F.bin 
C:\Program Files\AskBarDis\bar\Cache\0232D786.bin 
C:\Program Files\AskBarDis\bar\Cache\0232DFB4.bin 
C:\Program Files\AskBarDis\bar\Cache\0232E1F6.bin 
C:\Program Files\AskBarDis\bar\Cache\files.ini 
C:\Program Files\AskBarDis\bar\History\search 
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico 
C:\Program Files\AskBarDis\bar\Settings\config.dat 
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak 
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm 
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm 
C:\Program Files\AskBarDis 
C:\Program Files\AskSearch\bin 
C:\Program Files\AskSearch 
C:\Program Files\Everest Poker\casino.exe 
C:\Program Files\Everest Poker\CStart.exe 
C:\Program Files\Everest Poker\data 
C:\Program Files\Everest Poker\Everest Poker.exe 
C:\Program Files\Everest Poker\gvbase.dll 
C:\Program Files\Everest Poker\gvcrt.dll 
C:\Program Files\Everest Poker\gvgfx-dib.dll 
C:\Program Files\Everest Poker\gvgfx.dll 
C:\Program Files\Everest Poker\gvmain.dll 
C:\Program Files\Everest Poker\gvmain.exe 
C:\Program Files\Everest Poker\gvnetwork.dll 
C:\Program Files\Everest Poker\gvsound.dll 
C:\Program Files\Everest Poker\history 
C:\Program Files\Everest Poker\init.ini 
C:\Program Files\Everest Poker\log.dat 
C:\Program Files\Everest Poker\settings.ini 
C:\Program Files\Everest Poker	oc_fr.ini 
C:\Program Files\Everest Poker\data\fonts 
C:\Program Files\Everest Poker\data\mp-lobby 
C:\Program Files\Everest Poker\data\mp-poker 
C:\Program Files\Everest Poker\data\shared 
C:\Program Files\Everest Poker\data\startup 
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf 
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt 
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt 
C:\Program Files\Everest Poker\data\mp-poker\background 
C:\Program Files\Everest Poker\data\mp-poker\fr 
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt 
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt 
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt 
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt 
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt 
C:\Program Files\Everest Poker\data\shared\fr 
C:\Program Files\Everest Poker\data\shared\shared 
C:\Program Files\Everest Poker\data\shared\fr\country.txt 
C:\Program Files\Everest Poker\data\shared\fr\language.txt 
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt 
C:\Program Files\Everest Poker\data\shared\shared\bitmaps 
C:\Program Files\Everest Poker\data\shared\shared\sounds 
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt 
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art 
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art 
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg 
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg 
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg 
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg 
C:\Program Files\Everest Poker\data\startup\en 
C:\Program Files\Everest Poker\data\startup\fr 
C:\Program Files\Everest Poker\data\startup\shared 
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt 
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt 
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt 
C:\Program Files\Everest Poker\data\startup\shared\bitmaps 
C:\Program Files\Everest Poker\data\startup\shared\icons 
C:\Program Files\Everest Poker\data\startup\shared\sounds 
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art 
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico 
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg 
C:\Program Files\Everest Poker\history\4.txt 
C:\Program Files\Everest Poker\history\6.txt 
C:\Program Files\Everest Poker 
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\searchplugins\ask.xml 
C:\Documents and Settings\HP_Propri‚taire\Bureau\Everest Poker.exe 
C:\Documents and Settings\HP_Propri‚taire\Bureau\autre\Everest Poker.exe 
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@pacificpoker[2].txt 
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@partypoker[2].txt 

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 *
.
 Nom du profil: fzh42cwq.default (HP_Propri‚taire)
.
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13"); 
.
.
.
* Internet Explorer Version 6.0.2900.2180 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
   Tabs	:          	res://ieframe.dll/tabswelcome.htm
.
===================================
.
10333 Octet(s) - C:\Ad-Report-CLEAN.log 
.
3 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp 
2 Fichier(s) - C:\WINDOWS\Temp 
.
19 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
31 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à:  2:50:13 | 28/08/2009
.
============== E.O.F ==============
.

Niitro · Answer

Voila ... quelle longue procédure pour un aussi vicieux anti-virus ....

Destrio5 · Answer

--> Désinstalle Ad-Remover.

--> Menu Démarrer > Exécuter > Tape combofix /u et valide.

--> Refais un scan RSIT et poste le rapport log.

Niitro · Answer

Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-08-28 03:02:31
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 44 GB (30%) free of 146 GB
Total RAM: 382 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:02:41, on 28/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\CF19874.exe
C:\WINDOWS\system32\cscript.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
C:\Program Files	rend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.apple.com/fr/itunes/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
pjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
pjpi150.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

Destrio5 · Answer

Tu as toujours deux antivirus.

Le PC est beaucoup moins infecté mais je vois encore une infection Lop/Swizzor.

--> Télécharge Lop S&D (par Eric_71 & Angeldark) sur ton Bureau.

--> Double-clique dessus pour lancer l'installation.

--> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

--> Patiente jusqu'à la fin du scan.

--> Poste le rapport généré (C:\lopR.txt).

Niitro · Answer

Norton ne veut pas que je le supprime mais me demande de payer donc je prend avast ... si je supprime avast je serais proteger?

Destrio5 · Answer

Norton, tu l'as payé ?

Niitro · Answer

Non mais je ne peut pas le supprimer .

Destrio5 · Answer

ftp://ftp.symantec.com/public/francais/removal_tools/Norton_Removal_Tool.exe

Niitro · Answer

Merci .. t'es super efficace didonc O_o

Niitro · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
   BIOS : Phoenix - Award BIOS v6.00PG
   USER : HP_Propriétaire ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1351 [VPS 090827-0] 4.8.1351 (Not Activated)
   Firewall  : Norton Internet Security 2005 (Activated)
   C:\ (Local Disk) - NTFS - Total:143 Go (Free:52 Go)
   D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
   E:\ (CD or DVD)
   F:\ (USB)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 28/08/2009| 3:14 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [05/08/2008|20:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [09/08/2008|23:42] C:\DOCUME~1\ADMINI~1.NOM\APPLIC~1\Apple Computer
   [09/08/2008|23:42] C:\DOCUME~1\ADMINI~1.NOM\APPLIC~1\Identities
   [09/08/2008|23:42] C:\DOCUME~1\ADMINI~1.NOM\APPLIC~1\Microsoft
   [09/08/2008|23:42] C:\DOCUME~1\ADMINI~1.NOM\APPLIC~1\SampleView
   [09/08/2008|23:42] C:\DOCUME~1\ADMINI~1.NOM\APPLIC~1\Symantec

   [11/01/2009|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [28/07/2009|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
   [27/08/2009|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
   [21/06/2009|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{dd9a9e7625afb6d9307f2cd8e4c1abd8}
   [02/01/2005|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [16/02/2009|23:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
   [25/12/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [02/01/2005|04:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [28/10/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
   [25/12/2007|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
   [26/06/2009|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
   [15/10/2005|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
   [03/02/2009|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
   [15/02/2009|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [02/01/2005|04:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
   [02/01/2005|04:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [21/12/2006|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
   [25/12/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [25/08/2009|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
   [15/10/2005|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
   [28/08/2009|02:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [22/07/2009|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [27/08/2009|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [24/09/2005|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
   [06/02/2009|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonEU
   [19/08/2007|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [21/05/2006|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [11/10/2005|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism
   [02/01/2005|04:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [12/10/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1kfree
   [21/05/2006|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
   [02/01/2005|03:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [21/05/2006|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\shockwave.com
   [02/01/2005|04:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [26/01/2007|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [25/10/2008|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tiger Install
   [28/07/2009|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
   [25/10/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Video Converter Studio
   [24/01/2009|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
   [18/04/2008|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [10/12/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [08/02/2009|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [25/11/2005|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [02/01/2005|04:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
   [25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [02/01/2005|04:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [02/01/2005|04:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
   [02/01/2005|04:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec




   [01/04/2009|19:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AccurateRip
   [30/07/2008|21:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
   [02/05/2006|20:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
   [27/05/2006|12:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Alawar
   [24/01/2009|23:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
   [25/12/2007|19:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVS4YOU
   [16/07/2009|17:51] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CometNetwork
   [03/02/2009|22:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DAEMON Tools
   [03/02/2009|23:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DAEMON Tools Lite
   [03/02/2009|22:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DAEMON Tools Pro
   [01/04/2009|20:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dBpoweramp
   [21/03/2009|14:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DivX
   [18/01/2009|16:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
   [03/03/2007|19:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\funkitron
   [30/05/2008|20:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GarageGames
   [31/07/2006|12:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
   [23/04/2006|19:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
   [25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
   [27/08/2007|21:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\IMVU
   [20/02/2009|01:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InstallShield
   [24/04/2006|20:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
   [15/05/2006|16:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
   [25/12/2008|13:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Logitech
   [22/05/2006|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
   [28/08/2009|02:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
   [15/06/2009|17:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
   [11/08/2009|15:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\mIRC
   [25/10/2008|00:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
   [17/01/2009|23:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
   [25/05/2006|18:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
   [13/06/2008|17:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nexon
   [28/07/2009|14:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenCandy
   [31/07/2009|01:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
   [25/08/2006|15:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
   [25/01/2009|18:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PowerChallenge
   [28/07/2009|14:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
   [02/01/2005|04:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
   [21/05/2006|17:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\shockwave.com
   [15/05/2006|16:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
   [30/04/2006|10:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
   [24/01/2009|23:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
   [28/01/2009|17:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SystemRequirementsLab
   [01/02/2008|17:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
   [21/05/2006|17:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
   [17/07/2009|19:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TigerPlayer
   [02/08/2009|13:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1	rust global
   [28/07/2009|14:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TuneUp Software
   [28/08/2009|01:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\uTorrent
   [22/03/2009|01:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vghd
   [13/12/2008|16:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
   [04/09/2006|10:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Wings3D
   [08/02/2009|23:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Yahoo!

   [11/08/2008|23:06] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Adobe
   [11/08/2008|23:07] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\AdobeUM
   [02/01/2005|04:20] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Apple Computer
   [13/08/2008|12:01] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\dvdcss
   [10/08/2008|15:45] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\GarageGames
   [10/08/2008|14:21] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Google
   [10/08/2008|13:30] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Help
   [25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Identities
   [11/08/2008|12:40] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\InstallShield
   [10/08/2008|14:08] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Macromedia
   [08/10/2008|18:06] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Microsoft
   [10/08/2008|14:27] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Mozilla
   [02/01/2005|04:34] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\SampleView
   [15/08/2008|19:49] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Sun
   [12/08/2008|11:04] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\Symantec
   [10/08/2008|20:27] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\vlc
   [28/09/2008|16:32] C:\DOCUME~1\HP_PRO~1.THO\APPLIC~1\WeatherDPA

   [02/01/2005|04:20] C:\DOCUME~1\HP_PRO~1.000\APPLIC~1\Apple Computer
   [25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1.000\APPLIC~1\Identities
   [02/01/2005|04:53] C:\DOCUME~1\HP_PRO~1.000\APPLIC~1\Microsoft
   [02/01/2005|04:34] C:\DOCUME~1\HP_PRO~1.000\APPLIC~1\SampleView
   [02/01/2005|04:42] C:\DOCUME~1\HP_PRO~1.000\APPLIC~1\Symantec

   [06/12/2008|12:58] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\Adobe
   [23/10/2008|18:09] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\AdobeUM
   [02/01/2005|04:20] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\Apple Computer
   [25/11/2004|05:26] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\Identities
   [24/10/2008|22:11] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\install_5738_MHw0MXwwfHx8fHx8fHw_[2]
   [17/10/2008|22:04] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\Macromedia
   [25/10/2008|14:50] C:\DOCUME~1\HP_PRO~1.001\APPLIC~1\Microsoft


   [02/01/2005|04:20] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
   [17/03/2006|15:12] C:\DOCUME~1\INVIT~1\APPLIC~1\HbTools
   [14/04/2006|12:52] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
   [25/11/2004|05:26] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [17/03/2006|15:12] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
   [02/01/2005|04:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [02/01/2005|04:34] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
   [15/04/2006|12:09] C:\DOCUME~1\INVIT~1\APPLIC~1\ShopperReports
   [02/01/2005|04:42] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

   [02/01/2005|03:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [06/12/2008|13:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
   [02/01/2005|03:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [28/08/2009 03:00][--a------] C:\WINDOWS	asks\Maintenance en 1 clic.job
   [21/08/2009 21:34][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [21/08/2009 18:00][--a------] C:\WINDOWS	asks\Norton Security Scan.job
   [02/01/2005 04:44][--a------] C:\WINDOWS	asks\Symantec NetDetect.job
   [28/08/2009 01:41][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 20:00][-rah-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  MsgPlus SPONSOR INSTALLED !

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
   "DisplayName"="Messenger Plus! 3 & Sponsor"
   "SponsorInstalled"=dword:00000001


   --------------------\  Listing des dossiers dans C:\Program Files

   [02/01/2005|04:18] C:\Program Files\Adobe
   [28/08/2009|03:01] C:\Program Files\Ad-remover
   [02/08/2009|13:47] C:\Program Files\Adverts
   [31/05/2009|02:12] C:\Program Files\AhnLab
   [26/07/2009|15:05] C:\Program Files\Aimersoft
   [17/02/2009|02:43] C:\Program Files\Alwil Software
   [25/12/2008|21:13] C:\Program Files\Apple Software Update
   [29/01/2009|14:29] C:\Program Files\ATI
   [29/01/2009|14:25] C:\Program Files\ATI Technologies
   [16/03/2006|21:36] C:\Program Files\ATnotes
   [14/03/2009|23:30] C:\Program Files\AutoIt3
   [28/10/2008|18:13] C:\Program Files\Avira
   [01/09/2006|22:09] C:\Program Files\Beston
   [06/08/2009|22:51] C:\Program Files\BitComet
   [19/07/2009|11:18] C:\Program Files\BitSpirit
   [13/11/2005|11:56] C:\Program Files\Blender Foundation
   [27/08/2009|01:52] C:\Program Files\Bonjour
   [09/08/2009|20:14] C:\Program Files\Bullfrog
   [10/01/2006|21:09] C:\Program Files\Cap Loto
   [30/01/2006|21:07] C:\Program Files\Cloud
   [13/08/2009|19:41] C:\Program Files\CometBird
   [03/02/2008|18:19] C:\Program Files\Common Files
   [24/11/2004|03:37] C:\Program Files\ComPlus Applications
   [03/11/2008|01:28] C:\Program Files\Conduit
   [20/01/2006|18:40] C:\Program Files\CONTROLTOTAL
   [11/08/2009|15:42] C:\Program Files\Cyanide
   [20/11/2005|20:30] C:\Program Files\directx
   [28/02/2009|18:55] C:\Program Files\DivX
   [25/02/2009|12:47] C:\Program Files\Easy Internet signup
   [10/01/2006|21:03] C:\Program Files\Emjysoft
   [16/02/2006|11:26] C:\Program Files\Error Safe Free
   [01/01/2006|15:04] C:\Program Files\ErrorSafe
   [28/08/2009|01:37] C:\Program Files\Fichiers communs
   [17/05/2008|20:18] C:\Program Files\FlashGet
   [28/01/2009|21:05] C:\Program Files\Full Pack Codecs
   [15/02/2009|22:57] C:\Program Files\Google
   [19/07/2009|11:15] C:\Program Files\Gpotato.eu
   [26/10/2005|13:21] C:\Program Files\GT Interactive
   [23/12/2005|14:41] C:\Program Files\HbTools_Icons
   [02/01/2005|04:09] C:\Program Files\Hewlett-Packard
   [02/01/2005|04:09] C:\Program Files\HP
   [02/01/2005|04:26] C:\Program Files\HPQ
   [01/04/2009|19:57] C:\Program Files\Illustrate
   [20/02/2009|01:09] C:\Program Files\InstallShield Installation Information
   [07/04/2007|22:35] C:\Program Files\InterActual
   [02/01/2005|03:49] C:\Program Files\Internet Explorer
   [02/01/2005|04:50] C:\Program Files\InterVideo
   [25/10/2005|17:41] C:\Program Files\Inventel
   [02/01/2005|04:20] C:\Program Files\iPod
   [27/08/2009|01:55] C:\Program Files\iTunes
   [02/01/2005|03:52] C:\Program Files\Java
   [10/12/2005|14:14] C:\Program Files\JoWooD
   [27/02/2006|22:34] C:\Program Files\JVTorrent
   [10/01/2006|21:48] C:\Program Files\LinCity-NG
   [25/12/2008|13:02] C:\Program Files\Logitech
   [28/08/2009|02:10] C:\Program Files\Malwarebytes' Anti-Malware
   [26/12/2007|18:32] C:\Program Files\MediaCoder
   [28/07/2009|14:57] C:\Program Files\MediaInfo
   [02/01/2005|03:55] C:\Program Files\Messenger
   [02/07/2009|01:49] C:\Program Files\MessengerPlus! 3
   [02/05/2009|03:02] C:\Program Files\Metin2_France
   [16/03/2008|22:53] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [25/11/2004|05:27] C:\Program Files\microsoft frontpage
   [11/08/2009|19:45] C:\Program Files\Microsoft Games
   [23/10/2008|18:05] C:\Program Files\Microsoft Office
   [15/03/2008|23:12] C:\Program Files\Microsoft SQL Server Compact Edition
   [21/05/2006|16:59] C:\Program Files\Microsoft Works
   [25/11/2004|05:27] C:\Program Files\Movie Maker
   [28/08/2009|03:03] C:\Program Files\Mozilla Firefox
   [17/04/2008|18:27] C:\Program Files\Mpath
   [23/08/2009|15:19] C:\Program Files\MpcStar
   [13/08/2008|18:48] C:\Program Files\MSBuild
   [23/10/2008|18:05] C:\Program Files\MSECache
   [25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
   [18/11/2006|23:55] C:\Program Files\MSXML 4.0
   [13/08/2008|18:43] C:\Program Files\MSXML 6.0
   [02/01/2005|04:52] C:\Program Files\muvee Technologies
   [02/07/2009|20:05] C:\Program Files\NDSROM Player
   [23/10/2005|11:53] C:\Program Files
eoSoftware
   [03/07/2007|12:58] C:\Program Files\NetBattle
   [25/01/2009|06:48] C:\Program Files\NetMeeting
   [12/01/2008|21:25] C:\Program Files\NEXON
   [02/01/2005|04:44] C:\Program Files\Norton Internet Security
   [09/08/2008|21:38] C:\Program Files\Norton Security Scan
   [16/12/2005|20:27] C:\Program Files\Nvu
   [23/12/2005|15:03] C:\Program Files\Oberon Media
   [25/11/2004|05:27] C:\Program Files\Online Services
   [18/03/2008|17:04] C:\Program Files\OpenOffice.org 2.3
   [25/01/2009|06:48] C:\Program Files\Outlook Express
   [02/01/2005|04:29] C:\Program Files\PC-Doctor for Windows
   [05/11/2005|23:41] C:\Program Files\Player Metaboli
   [13/08/2006|15:22] C:\Program Files\psx emulation cheater
   [27/08/2009|01:51] C:\Program Files\QuickTime
   [13/08/2008|18:48] C:\Program Files\Reference Assemblies
   [10/01/2009|16:56] C:\Program Files\RKFree
   [11/01/2009|22:38] C:\Program Files\Safari
   [24/11/2005|19:35] C:\Program Files\Securitoo
   [02/01/2005|04:32] C:\Program Files\Services en ligne
   [21/10/2006|15:53] C:\Program Files\Shockwave.com
   [23/12/2005|14:39] C:\Program Files\ShopperReports
   [09/07/2008|13:16] C:\Program Files\Sin
   [21/06/2009|21:46] C:\Program Files\Slayers Online
   [03/02/2009|21:22] C:\Program Files\Smart Projects
   [10/03/2006|21:11] C:\Program Files\SnIco Edit
   [10/01/2006|22:13] C:\Program Files\solarus
   [02/01/2005|04:16] C:\Program Files\Sonic
   [30/01/2006|20:43] C:\Program Files\Space Station Manager
   [06/09/2007|13:13] C:\Program Files\Steam
   [17/08/2008|20:20] C:\Program Files\Sun
   [02/01/2005|04:43] C:\Program Files\Symantec
   [28/01/2009|17:10] C:\Program Files\SystemRequirementsLab
   [29/01/2006|14:57] C:\Program Files\Team6
   [28/08/2009|03:02] C:\Program Files	rend micro
   [29/07/2009|21:49] C:\Program Files	rust global
   [28/07/2009|14:56] C:\Program Files\TuneUp Utilities 2009
   [15/01/2006|11:23] C:\Program Files\UBISOFT
   [24/11/2004|03:37] C:\Program Files\Uninstall Information
   [17/03/2008|22:16] C:\Program Files\Unity
   [31/07/2009|20:44] C:\Program Files\uTorrent
   [08/02/2009|23:16] C:\Program Files\Veoh Networks
   [22/03/2009|11:09] C:\Program Files\vghd
   [29/03/2007|19:26] C:\Program Files\VideoLAN
   [20/01/2006|18:19] C:\Program Files\Visicom Media
   [22/07/2009|12:53] C:\Program Files\Wakfu
   [28/10/2008|18:06] C:\Program Files\Wanadoo
   [15/04/2006|22:30] C:\Program Files\Wanadoo Jeux
   [25/10/2008|00:42] C:\Program Files\Wanadoo Messager
   [01/09/2006|22:10] C:\Program Files\WebCam
   [19/10/2005|16:24] C:\Program Files\WildTangent
   [24/01/2009|14:02] C:\Program Files\Winamp Toolbar
   [24/01/2009|14:42] C:\Program Files\Windows Media Connect 2
   [25/01/2009|06:48] C:\Program Files\Windows Media Player
   [25/01/2009|06:48] C:\Program Files\Windows NT
   [24/11/2004|03:37] C:\Program Files\WindowsUpdate
   [13/11/2005|21:02] C:\Program Files\wings3d_0.98.29b
   [22/03/2007|13:48] C:\Program Files\WinRAR
   [01/09/2006|22:08] C:\Program Files\wmv_vcm
   [13/02/2006|21:39] C:\Program Files\WNI
   [01/07/2009|01:56] C:\Program Files\Wolfenstein - Enemy Territory
   [08/07/2008|17:31] C:\Program Files\WON
   [26/06/2009|20:45] C:\Program Files\World of Warcraft Trial
   [25/11/2004|05:28] C:\Program Files\xerox
   [17/06/2009|22:41] C:\Program Files\Yahoo!
   [05/02/2006|20:05] C:\Program Files\ZC2.10
   [03/04/2008|15:54] C:\Program Files\Zombie VR Studio
   [26/11/2005|12:48] C:\Program Files\Zylom Games

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [08/09/2005|19:42] C:\Program Files\Fichiers communs\Adobe
   [05/10/2005|20:51] C:\Program Files\Fichiers communs\AOL
   [11/01/2009|22:47] C:\Program Files\Fichiers communs\Apple
   [26/12/2007|13:55] C:\Program Files\Fichiers communs\AVSMedia
   [15/10/2005|22:49] C:\Program Files\Fichiers communs\BOONTY Shared
   [25/10/2005|18:03] C:\Program Files\Fichiers communs\DirectX
   [23/12/2005|17:40] C:\Program Files\Fichiers communs\ErrorSafe
   [02/01/2005|04:10] C:\Program Files\Fichiers communs\Hewlett-Packard
   [02/01/2005|04:04] C:\Program Files\Fichiers communs\HP
   [02/01/2005|04:24] C:\Program Files\Fichiers communs\InstallShield
   [02/01/2005|03:52] C:\Program Files\Fichiers communs\Java
   [25/12/2008|13:00] C:\Program Files\Fichiers communs\Logitech
   [15/10/2005|15:39] C:\Program Files\Fichiers communs\Macrovision Shared
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\Microsoft Shared
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
   [02/01/2005|04:52] C:\Program Files\Fichiers communs\muvee Technologies
   [15/04/2006|22:30] C:\Program Files\Fichiers communs\Oberon Media
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
   [21/05/2006|17:35] C:\Program Files\Fichiers communs\Sandlot Shared
   [25/01/2009|06:48] C:\Program Files\Fichiers communs\Services
   [02/01/2005|04:15] C:\Program Files\Fichiers communs\Sonic Shared
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
   [20/01/2006|18:23] C:\Program Files\Fichiers communs\Stardock
   [02/01/2005|04:15] C:\Program Files\Fichiers communs\SureThing Shared
   [13/11/2005|13:22] C:\Program Files\Fichiers communs\SWF Studio
   [27/01/2009|12:23] C:\Program Files\Fichiers communs\Symantec Shared
   [25/11/2004|05:27] C:\Program Files\Fichiers communs\System
   [02/01/2005|04:16] C:\Program Files\Fichiers communs\TiVo Shared
   [15/03/2008|23:07] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [10/01/2006|13:50] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\  Process

   ( 46 Processes )

   MsgPlus.exe ~ [PID:3304]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Thunk road.dat
   C:\Program Files\Adverts
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.adserver5[2].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[2].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[2].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@bigpoint[1].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@cotedazurpalace[2].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@serve.cotedazurpalace[1].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.cotedazurpalace[2].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@www.2xmoinscher[2].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-08-28 03:16:27
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 1480
 
   --------------------\  Recherche d'autres infections

   --------------------\  ROGUES ..

   C:\PROGRA~1\FICHIE~1\ErrorSafe
   C:\PROGRA~1\Error Safe Free
   C:\PROGRA~1\ErrorSafe

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\HP_PRO~1\Bureau\autre\Crack
   C:\DOCUME~1\HP_PRO~1\Bureau\autre\Crack\Fable Cd Key.txt
   C:\DOCUME~1\HP_PRO~1\Bureau\autre\Crack\Fable.exe
   C:\DOCUME~1\HP_PRO~1\Bureau	homas\AUTOCRACK
   C:\DOCUME~1\HP_PRO~1\Bureau	homas\AUTOCRACK\dungeon siege2.nfo
   C:\DOCUME~1\HP_PRO~1\Bureau	homas\AUTOCRACK\PatchVoixtextes.exe
   C:\DOCUME~1\HP_PRO~1\Bureau	homas\AUTOCRACK\Setup.exe


   [F:4][D:0]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
   [F:781][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
   [F:9][D:3]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 28/08/2009| 3:19 - Option : [1]

   --------------------\  Fin du rapport a  3:19:06

Destrio5 · Answer

--> Double-clique sur le raccourci de Lop S&D pour le lancer.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur) 

--> Choisis cette fois-ci l'option 2 (Suppression).

--> Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Niitro · Answer

je n'arrive pas a copier/coller le lopR , normal?

Destrio5 · Answer

Poste-le sans la partie Cracks & Keygens.

Niitro · Answer

Toujours pas .. désolé de te derangé a cette heure au faite ... sinon la total security 4.52 il es supprimer ?

Destrio5 · Answer

Tu peux m'envoyer le rapport par mp.

"sinon la total security 4.52 il es supprimer ?"
--> Oui.

Destrio5 · Answer

Il reste des infections. On finit demain ?

--> Télécharge SystemLook sur ton Bureau.
--> Double-clique sur SystemLook.exe pour le lancer.
--> Copie-colle le texte entre les deux espaces ci-dessous dans la zone texte de SystemLook :




:dir
C:\Program Files	rust global     
C:\DOCUME~1\HP_PRO~1\APPLIC~1	rust global




--> Clique sur le bouton Look pour démarrer l'examen.
--> A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

Niitro · Answer

Désolé je serais pris pendant les prochains jours (et oui la rentrée approche) je ne sais donc pas si j'aurai le temps pour tout ceci mais mon principal ennemi et vaincu è_é  
Je te remerci énormément pour ta patience et ta rapidité . 
J'espère avoir du temps prochainement , bonne fin de vacances !

Destrio5 · Answer

Ok, pas de problème ;)

Besoin daide pour désintaler total security

36 réponses

Votre réponse

Discussions similaires

Newsletters