Besoin daide pour désintaler total security

Résolu
Niitro Messages postés 24 Statut Membre -  
 baladur13 -
Bonjour,
comme dit plus haut j'ai besoin d'aide pour désinstaller ce maudit anti-virus.
J'ai suivi plusieurs aide , mais malheureusement je ne suis pas très bon en informatique et je ne comprend pas très bien les explications .
J'ai juste compris que je devais utiliser RSIT mais je ne comprend pas les étapes à suivre après , donc si quelqu'un pouvait me les expliqués plus simplement si possible car cela fais assez longtemps que je tente d'effacer ce logiciel.
Je vous remercie d'avance.
Configuration: Windows XP
Firefox 3.0.13

36 réponses

  • 1
  • 2
Résumé de la discussion

Désinstaller un antivirus sous Windows XP et comprendre les étapes à suivre après l’outil RSIT constituent la problématique centrale pour les utilisateurs moins expérimentés et pour assurer une élimination efficace.
Plusieurs réponses proposent des solutions pratiques comme l'utilisation de RSIT, l'outil ComboFix ou des guides d'utilisation, afin d'éliminer les éléments malveillants et nettoyer le poste.
Des procédures décrites incluent la désactivation des protections résidentes, l'exécution de l'outil dans le bureau, la génération de rapports et le partage des logs pour une analyse.
En cas de doute, les échanges évoquent la vérification des programmes installés et la consultation de rapports comme RSIT.txt et info.txt pour évaluer l'infection et les actions à réaliser.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ah oui...

    Commence par désinstaller un antivirus, il n'en faut qu'un seul.

    /!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

    --> Télécharge ComboFix (de sUBs) sur ton Bureau.
    --> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
    --> Il va te demander d'installer la console de récupération : accepte.
    --> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    4
  2. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Bonjour,

    --> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    --> Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

    --> Clique sur Continue à l'écran Disclaimer.

    --> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    --> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    3
  3. XaTon Messages postés 2160 Statut Membre 208
     
    Salut

    Fait ceci

    ~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~

    - Telecharger Hijack
    >http://www.infos-du-net.com/telecharger/HijackThis.html

    Une fois Hijack installer, exécuter le :
    - Cliquer sur "Do a system scan and save a logfile"

    - Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
    - Faire édition / sélectionner tout
    - Clic droit / copier

    - Poste moi le rapport entier

    0
  4. XaTon Messages postés 2160 Statut Membre 208
     
    Bonne continuation Destrio5

    Tchaô
    a vous deux
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Je n'avais pas vu que tu avais posté.

    HijackThis n'est pas assez complet.
    0
  7. XaTon Messages postés 2160 Statut Membre 208
     
    Je n'avais pas vu que tu avais posté. 


    Pas grave , sa c'est joué a 10 secondes

    Je commence a fatiguer , donc a toi l'honneur

    ^^

    0
  8. Niitro Messages postés 24 Statut Membre
     
    bonjour Destrio5 et merci de ta rapidité ,
    j'ai téléchargé RSIT comme tu me l'as conseillé mais il apparait seulement le Log est-ce normal?
    0
  9. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Si tu l'as déjà lancé une fois, oui.

    Tu trouveras le rapport info dans C:\rsit.
    0
  10. Niitro Messages postés 24 Statut Membre
     
    Très bien je te les donne :

    >>>>>>>>>>>>>LOG<<<<<<<<<<<<
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by HP_Propriétaire at 2009-08-28 00:58:59
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 32 GB (22%) free of 146 GB
    Total RAM: 382 MB (7% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:59:05, on 28/08/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\TUProgSt.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
    C:\Program Files\trend micro\HP_Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=13928&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.apple.com/fr/itunes/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [15820934] C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Internet Connection Wizard Setup Tool] C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Startup: ikowin32.exe
    O4 - Startup: Notification de cadeaux MSN.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: icwsetup.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{584EF6B8-7235-4758-B0EB-0064E512F6AF}: NameServer = 85.255.115.58,85.255.112.116
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E1D2AB50-1CEB-4AE7-B108-F6DED529D54C}: NameServer = 85.255.115.58,85.255.112.116
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    0
  11. Niitro Messages postés 24 Statut Membre
     
    Par "Commence par désinstaller un antivirus, il n'en faut qu'un seul. "
    tu veux dire que j'en ai plusieurs ? étant donné que je ne suis pas le seul utilisateur de cet ordi cela ne m'entonnerai pas ...
    0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Il y a Avast et Norton.
    0
  13. Niitro Messages postés 24 Statut Membre
     
    ComboFix 09-08-27.02 - HP_Propriétaire 28/08/2009 1:19.1.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.382.96 [GMT 2:00]
    Running from: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
    AV: avast! antivirus 4.8.1351 [VPS 090827-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\data
    c:\data\patch01_01.fs
    c:\documents and settings\All Users\Application Data\15820934
    c:\documents and settings\All Users\Application Data\15820934\15820934
    c:\documents and settings\All Users\Application Data\15820934\15820934.exe
    c:\documents and settings\All Users\Application Data\15820934\pc15820934ins
    c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    c:\documents and settings\All Users\Application Data\Solt Lake Software
    c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206002413546.log
    c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206104522500.log
    c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206110440140.log
    c:\documents and settings\All Users\Application Data\Starware
    c:\documents and settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\FindIt.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\FindItHot.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\findithotxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\finditxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\games.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\Highlight.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\highlighthotxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\highlightxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\logo.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\logoxp.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\Reference.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\referencehotxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\referencexp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\screensaver.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\Weather.bmp
    c:\documents and settings\All Users\Application Data\Starware\buttons\weatherhotxp.png
    c:\documents and settings\All Users\Application Data\Starware\buttons\weatherxp.png
    c:\documents and settings\All Users\Application Data\Starware\contexts\error.xml
    c:\documents and settings\All Users\Application Data\Starware\contexts\related.xml
    c:\documents and settings\All Users\Application Data\Starware\contexts\travel.xml
    c:\documents and settings\All Users\Application Data\ZangoSA
    c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA.dat
    c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
    c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
    c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
    c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
    c:\program files\AskSearch\bin\DefaultSearch.dll
    c:\program files\Fichiers communs\WinAntiVirus Pro 2006
    c:\program files\HbTools
    c:\program files\HbTools\Bin\4.7.2.1\dBenderC.dll
    c:\program files\HbTools\Bin\HbtUninst.exe
    c:\program files\HbTools\HbTools.log
    c:\program files\HbTools\HbTools_1136393056.log
    c:\program files\HbTools\HbTools_1137566291.log
    c:\program files\HbTools\HbTools_1138386967.log
    c:\program files\HbTools\HbTools_1139211698.log
    c:\program files\HbTools\HbTools_1139920975.log
    c:\program files\HbTools\HbTools_1140685244.log
    c:\program files\HbTools\HbTools_1141403599.log
    c:\program files\HbTools\HbTools_1142185282.log
    c:\program files\HbTools\HbTools_1143238130.log
    c:\program files\HbTools\HbTools_1144774595.log
    c:\program files\HbTools\HbTools_1145722514.log
    c:\program files\instant access
    c:\program files\instant access\Center\Fun-Games.lnk
    c:\program files\instant access\Center\GAMES-DESKTOP.COM.upd
    c:\program files\instant access\Center\GAMES-DESKTOP.upd
    c:\program files\instant access\Center\SERIALPLAYERS.upd
    c:\program files\instant access\Center\tray1.ico
    c:\program files\instant access\DesktopIcons\Fun-Games.lnk
    c:\program files\instant access\Dialer\113208559\es6-scripts.dlv4.com\Common\8886f7dca31f8f6eb1e9024a1e93ee36.html
    c:\program files\instant access\Dialer\113208559\fp.gad-network.com\67d61db41f263527329270cf614a7a7b.html
    c:\program files\instant access\Dialer\113208559\SERIALPLAYERS.lnk
    c:\program files\instant access\Dialer\393005738\es6-scripts.dlv4.com\Common\a611f07e578804c79b3af325a252ca5b.html
    c:\program files\instant access\Dialer\393005738\SERIALPLAYERS.lnk
    c:\program files\instant access\Dialer\393005738\www.epass-key.com\9836705ee32a016de45b422a695c8720.html
    c:\program files\instant access\Dialer\570370277\es6-scripts.dlv4.com\Common\b2f2c2bea4e6709a2e874e5c118e86f9.html
    c:\program files\instant access\Dialer\570370277\GAMES-DESKTOP.lnk
    c:\program files\instant access\Dialer\570370277\www.epass-key.com\4234b7c14a253961f7b6cf13e0201a49.html
    c:\program files\instant access\Dialer\614962178\es6-scripts.dlv4.com\Common\4cc4d04cb7a3522aab3bfb79da8cbd7b.html
    c:\program files\instant access\Dialer\614962178\fp.gad-network.com\d8303b55449276941453f794f02b7f55.html
    c:\program files\instant access\Dialer\614962178\SERIALPLAYERS.lnk
    c:\program files\instant access\Dialer\689325458\es6-scripts.dlv4.com\Common\2fd1c5875aa15ffb344a4ece29fe1244.html
    c:\program files\instant access\Dialer\689325458\fp.gad-network.com\6c340d333594e3b87e5d19ba66d8b970.html
    c:\program files\instant access\Dialer\689325458\GAMES-DESKTOP.lnk
    c:\program files\instant access\Dialer\994874928\es6-scripts.dlv4.com\Common\51a8859237d759ebdedd5e3d06ae0c8a.html
    c:\program files\instant access\Dialer\994874928\fp.gad-network.com\b52478c9c0928f7c305ce89677ec0a6a.html
    c:\program files\instant access\Dialer\994874928\GAMES-DESKTOP.COM.lnk
    c:\program files\instant access\Multi\20061004181048\Common\module.php
    c:\program files\instant access\Multi\20061004181048\dialerexe.ini
    c:\program files\instant access\Multi\20061004181048\js\js_api_dialer.php
    c:\program files\instant access\Multi\20061004181048\medias\button1.gif
    c:\program files\instant access\Multi\20061004181048\medias\button2.gif
    c:\program files\instant access\Multi\20061004181048\medias\button3.gif
    c:\program files\instant access\Multi\20061004181048\medias\button4.gif
    c:\program files\instant access\Multi\20061004181048\medias\dialer.ico
    c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
    c:\program files\montorgueil
    c:\program files\montorgueil\14.04948
    c:\program files\montorgueil\ParisMec\ParisMec.ico
    c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
    c:\program files\PCHealthCenter
    c:\program files\PCHealthCenter\0.gif
    c:\program files\PCHealthCenter\1.gif
    c:\program files\PCHealthCenter\1.ico
    c:\program files\PCHealthCenter\2.gif
    c:\program files\PCHealthCenter\2.ico
    c:\program files\PCHealthCenter\3.gif
    c:\program files\PCHealthCenter\foo.txt
    c:\program files\PCHealthCenter\sc.html
    c:\program files\screensavers.com
    c:\program files\screensavers.com\Installer\bin\iebyterange.xml
    c:\program files\screensavers.com\Installer\bin\iebyterange.xml.backup
    c:\program files\screensavers.com\Installer\bin\siuninst.exe
    c:\program files\ShoppingReport
    c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
    c:\program files\ShoppingReport\Uninst.exe
    c:\program files\TS-2009
    c:\program files\TS-2009\totalsecure.s2
    c:\program files\TS-2009\totalsecure.s3
    c:\program files\TS-2009\totalsecure.s6
    c:\program files\TS-2009\uninstall.exe
    c:\program files\videosoft
    c:\program files\videosoft\Uninstall.exe
    c:\program files\winantivirus pro 2006
    c:\program files\WinAntiVirus Pro 2006\history.db
    c:\program files\WinPCap
    c:\program files\WinPCap\rpcapd.exe
    c:\program files\zango
    c:\program files\zango\bin\10.3.75.0\arrow.ico
    c:\program files\zango\bin\10.3.75.0\CntntCntr.dll
    c:\program files\zango\bin\10.3.75.0\copyright.txt
    c:\program files\zango\bin\10.3.75.0\CoreSrv.dll
    c:\program files\zango\bin\10.3.75.0\firefox\extensions\chrome.manifest
    c:\program files\zango\bin\10.3.75.0\firefox\extensions\components\npclntax.xpt
    c:\program files\zango\bin\10.3.75.0\firefox\extensions\install.rdf
    c:\program files\zango\bin\10.3.75.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
    c:\program files\zango\bin\10.3.75.0\HostIE.dll
    c:\program files\zango\bin\10.3.75.0\HostOE.dll
    c:\program files\zango\bin\10.3.75.0\HostOL.dll
    c:\program files\zango\bin\10.3.75.0\link.ico
    c:\program files\zango\bin\10.3.75.0\OEAddOn.exe
    c:\program files\zango\bin\10.3.75.0\Srv.exe
    c:\program files\zango\bin\10.3.75.0\Toolbar.dll
    c:\program files\zango\bin\10.3.75.0\Wallpaper.dll
    c:\program files\zango\bin\10.3.75.0\Weather.exe
    c:\program files\zango\bin\10.3.75.0\WeSkin.dll
    c:\program files\zango\bin\10.3.75.0\ZangoSA.exe
    c:\program files\zango\bin\10.3.75.0\ZangoSAAX.dll
    c:\program files\zango\bin\10.3.75.0\ZangoSADF.exe
    c:\program files\zango\bin\10.3.75.0\ZangoSAHook.dll
    c:\program files\zango\bin\10.3.75.0\ZangoUninstaller.exe
    c:\recycler\S-1-5-21-1242983221-992244275-1784959909-501
    c:\recycler\S-1-5-21-308827527-3909201078-4104962599-1008
    c:\recycler\S-1-5-21-3137409478-3730925868-1976940642-1008
    c:\recycler\S-1-5-21-3245804521-2740501762-3650072237-1008
    c:\recycler\S-1-5-21-3616617761-875328341-2521263613-1008
    c:\recycler\S-1-5-21-3833088236-622994-2235584449-1008
    c:\recycler\S-1-5-21-3970352356-535226454-1514621777-1008
    C:\resycled
    c:\windows\1009viz5565.dll
    c:\windows\10131n5t-a-virusz6f9.dll
    c:\windows\10592worm5zc.exe
    c:\windows\10c9addwa5e1829z.dll
    c:\windows\11206vi5u92c9z.ocx
    c:\windows\11458z9y459.bin
    c:\windows\11502zp9mbot5385.dll
    c:\windows\1150s5eaz599.exe
    c:\windows\11f4downzoad9r5825.bin
    c:\windows\12779not5a-vizus551.dll
    c:\windows\127955ozm749.exe
    c:\windows\12z59not-a-v5rus1dc.dll
    c:\windows\13057hackz5ol6b9.bin
    c:\windows\13485szy3d99.exe
    c:\windows\1349spyzare525.ocx
    c:\windows\13785spambo9z9e5.bin
    c:\windows\13b3szeal1592.bin
    c:\windows\143069zy5c5.exe
    c:\windows\14597hackt9ol3z5.bin
    c:\windows\1460azdwar527129.bin
    c:\windows\1513troj759z.cpl
    c:\windows\155159a5ktooz692.cpl
    c:\windows\15536hac5zool599.bin
    c:\windows\155889irus14fz.cpl
    c:\windows\1561z9arse664.bin
    c:\windows\15754vi9us1ze.dll
    c:\windows\15a3zparse9563.exe
    c:\windows\15bzthief3984.exe
    c:\windows\15z41tr9j3e.bin
    c:\windows\15z8vir2911.dll
    c:\windows\15zst5al26719.exe
    c:\windows\1643vi522z99.dll
    c:\windows\1658spy799z.bin
    c:\windows\16699ha5kz9ol421.dll
    c:\windows\169dba5kdoor301z.ocx
    c:\windows\17aathreat9955z.ocx
    c:\windows\1822not-a-vi5usz09.exe
    c:\windows\1845hreat1z299.exe
    c:\windows\186359ot-a-zirus1cd.dll
    c:\windows\189esparsez517.exe
    c:\windows\18z145roj36d9.ocx
    c:\windows\18zcbac9d5or1388.ocx
    c:\windows\19052troj3z.cpl
    c:\windows\19209hacktzoldc5.ocx
    c:\windows\19274virusz95.ocx
    c:\windows\192bvzr815.cpl
    c:\windows\19556virus56z.exe
    c:\windows\196bs9zal1885.ocx
    c:\windows\19740t5oz82.cpl
    c:\windows\19895zr2693.ocx
    c:\windows\1d9thie9589z.ocx
    c:\windows\1z007hackto59600.ocx
    c:\windows\1z595virus993.ocx
    c:\windows\1zabspyw9r53124.bin
    c:\windows\200565rojdz9.cpl
    c:\windows\2050trzj926.bin
    c:\windows\2065znot-9-virus525.exe
    c:\windows\20983not-a-zi5us9a2.bin
    c:\windows\20z08spam5ot910.bin
    c:\windows\20z86tr5j916.cpl
    c:\windows\20z98hacktool59d.bin
    c:\windows\21527h5cktoo95zd.ocx
    c:\windows\21557szy539.ocx
    c:\windows\2249zs5y79c.cpl
    c:\windows\22558sp9mbotzfb.bin
    c:\windows\22585zpambotc9.exe
    c:\windows\2292h5c9tzol4c1.exe
    c:\windows\22z34troj5b9.bin
    c:\windows\23237h9c5tool106z.exe
    c:\windows\23312v9rus25z.cpl
    c:\windows\235905pamboz25a.cpl
    c:\windows\23654sz9mbot12e.ocx
    c:\windows\23698not-a-zi5us6fd.exe
    c:\windows\2395zpy2fd.cpl
    c:\windows\23997not-a95iruz5f4.exe
    c:\windows\23z13spam9ot595.exe
    c:\windows\24754sp9mboz79.cpl
    c:\windows\24900spambot265z.ocx
    c:\windows\24925tzal355.ocx
    c:\windows\24z58t9oj115.dll
    c:\windows\24z745roj259.ocx
    c:\windows\25129s9a5bot4a5z.dll
    c:\windows\25295szy365.cpl
    c:\windows\25539hack9ooz1c0.cpl
    c:\windows\25583hackzool5f9.dll
    c:\windows\2572t9reatz3406.cpl
    c:\windows\25cddownlzade92353.exe
    c:\windows\25dzs5yware5869.dll
    c:\windows\25e0threat19z569.ocx
    c:\windows\263cstealz952.bin
    c:\windows\26506h9zktool754.bin
    c:\windows\2666zw95m72c.cpl
    c:\windows\26z989a5ktool461.ocx
    c:\windows\27152noz-a-5irus9bc.cpl
    c:\windows\27725spa9bot574z.cpl
    c:\windows\27989viru558z.ocx
    c:\windows\27z589ot-5-virus47d.dll
    c:\windows\28482zi5u95f8.exe
    c:\windows\2859virzs585.cpl
    c:\windows\28947tr5jz39.exe
    c:\windows\29438spambzt47c5.exe
    c:\windows\2945t5oj60fz.exe
    c:\windows\29595worz5e8.exe
    c:\windows\296z3tr9j2895.ocx
    c:\windows\29z5t9re5t19442.bin
    c:\windows\29zfv9r1595.bin
    c:\windows\2b3baczdo9r2519.dll
    c:\windows\2b4azh9eat5023.dll
    c:\windows\2b5zsteal297.ocx
    c:\windows\2d9b5hief9294z.bin
    c:\windows\2e50spyware935z.cpl
    c:\windows\2z025troj591.dll
    c:\windows\2z99spy529.exe
    c:\windows\2z9fdo5nloader958.dll
    c:\windows\2zc1a5dware569.ocx
    c:\windows\30092h5ckzool5b9.dll
    c:\windows\300fst9al1957z.cpl
    c:\windows\3081w5rmzba9.ocx
    c:\windows\30971spzmbo51e6.exe
    c:\windows\31239hzeat283945.cpl
    c:\windows\31289zirus750.exe
    c:\windows\315569py3z.cpl
    c:\windows\31676zr9j28c5.dll
    c:\windows\32026notza-vi59s7a1.cpl
    c:\windows\32551vz9us15d.exe
    c:\windows\327z3tr9j555.bin
    c:\windows\3459pz652.cpl
    c:\windows\3503addza9e2301.bin
    c:\windows\350thiez909.cpl
    c:\windows\35259not-a-virus2d9z.cpl
    c:\windows\354b9par5z2265.bin
    c:\windows\354dspywa9e29z5.exe
    c:\windows\3570hazkto9l20c.exe
    c:\windows\3595s5yz92.ocx
    c:\windows\3595zpambot91c.exe
    c:\windows\359zworm7d.cpl
    c:\windows\35e9thiefz6.cpl
    c:\windows\35zathreat26196.dll
    c:\windows\3618not-azv9rus525.cpl
    c:\windows\37945p9626z.cpl
    c:\windows\37dzth5e9139.dll
    c:\windows\3832zp5mb9t3d9.ocx
    c:\windows\39323hack5oolzc9.bin
    c:\windows\3953zhie9938.ocx
    c:\windows\39751virus2ze5.bin
    c:\windows\3aebthrzat15159.dll
    c:\windows\3azb59dware1758.cpl
    c:\windows\3b30az5ware8819.exe
    c:\windows\3b71t9re5z9077.cpl
    c:\windows\3bz9stea52164.bin
    c:\windows\3c55s9ywzre3128.dll
    c:\windows\3e4abackzoor9115.exe
    c:\windows\3ee3downlo9der1z95.dll
    c:\windows\3z64spyware9593.exe
    c:\windows\3zc79te5l3254.ocx
    c:\windows\4009vizu529c.bin
    c:\windows\40z9add5are3101.bin
    c:\windows\419zd5wnloader1688.ocx
    c:\windows\424c9hrzat51040.cpl
    c:\windows\4259z9y46e.ocx
    c:\windows\4335thizf947.cpl
    c:\windows\438st5az2393.cpl
    c:\windows\449backdooz1555.exe
    c:\windows\44ba9kdoor2587z.bin
    c:\windows\450as9arsez531.dll
    c:\windows\4513spzware25935.bin
    c:\windows\452f9irz433.dll
    c:\windows\45a9virz956.cpl
    c:\windows\45e4spywaze2969.exe
    c:\windows\45e9tzief19925.ocx
    c:\windows\4658threat189z2.ocx
    c:\windows\4669nzt-a-viru9656.dll
    c:\windows\48z7ba9kdo5r2099.exe
    c:\windows\4909addwaze2569.cpl
    c:\windows\4941zir1535.ocx
    c:\windows\49465acktool629z.bin
    c:\windows\4975backdozr2829.cpl
    c:\windows\4a0aback5o9rz580.ocx
    c:\windows\4b53thze9t22740.cpl
    c:\windows\4b98baz5door1489.cpl
    c:\windows\4c43threat1z1895.dll
    c:\windows\4czdv5r9233.dll
    c:\windows\4d295hief204z9.dll
    c:\windows\4d88d9wnlzader27225.cpl
    c:\windows\4e9ez5y9are387.exe
    c:\windows\4eb2zpywar53059.exe
    c:\windows\5000ha5kz9ol4fa.dll
    c:\windows\5006th59at7944z.cpl
    c:\windows\50964zroj649.cpl
    c:\windows\5097no9za-virus6d.bin
    c:\windows\50a6spy9aze3157.dll
    c:\windows\50z4stea95186.ocx
    c:\windows\50z7spar5e31179.cpl
    c:\windows\518zspambo9e25.ocx
    c:\windows\5229downloadzr9530.bin
    c:\windows\5285spyware9z60.exe
    c:\windows\52e7thzeat504469.dll
    c:\windows\530z9r91.bin
    c:\windows\53457v9rzs3de.cpl
    c:\windows\536bsp9ware12z9.cpl
    c:\windows\536sz9mb5t40f.cpl
    c:\windows\5499viru92z3.dll
    c:\windows\54aes9ars514z6.dll
    c:\windows\5508hackzo5l6f9.bin
    c:\windows\5536threa92z527.ocx
    c:\windows\5559spa9sez.dll
    c:\windows\55e0spzw9re2507.exe
    c:\windows\565zspambo9359.dll
    c:\windows\5695s9yze25.exe
    c:\windows\5765wor9z29.dll
    c:\windows\57espy9aze2492.cpl
    c:\windows\585espyware301z9.bin
    c:\windows\59029troz5a2.dll
    c:\windows\59145aczdoor1366.bin
    c:\windows\5955troj9fez.exe
    c:\windows\59995hacktooz7e8.cpl
    c:\windows\59e5azdw5re602.bin
    c:\windows\5a58steal92z.cpl
    c:\windows\5ad1steal1z39.dll
    c:\windows\5bf9thizf2616.cpl
    c:\windows\5cecvir2z499.exe
    c:\windows\5cedbackdo9r235z5.dll
    c:\windows\5cfdzhief379.bin
    c:\windows\5d595hreat815z.bin
    c:\windows\5e64v59553z.ocx
    c:\windows\5fc9backzoor2303.exe
    c:\windows\5z18ad9ware2704.cpl
    c:\windows\5z1asteal1903.dll
    c:\windows\5z49ir1088.dll
    c:\windows\5z82t9ief2912.cpl
    c:\windows\5z84addware9933.exe
    c:\windows\5z93addware2555.ocx
    c:\windows\5z9cvir985.cpl
    c:\windows\61059aczdoor1146.ocx
    c:\windows\6245tzrea926588.ocx
    c:\windows\64e0d5wzloader9032.bin
    c:\windows\6521ste9l2z63.exe
    c:\windows\652f9iz1175.ocx
    c:\windows\655eaddwarz9204.ocx
    c:\windows\655zspyware3949.cpl
    c:\windows\6595spz75.bin
    c:\windows\659a5ddwarez989.ocx
    c:\windows\65a0sp9rze595.bin
    c:\windows\65z7spyw9re1255.dll
    c:\windows\66699acktz5l766.cpl
    c:\windows\66b2baczd5or1496.exe
    c:\windows\6748spyw5z91025.ocx
    c:\windows\6788zh5ef1669.dll
    c:\windows\680dba95door2z79.cpl
    c:\windows\6901thre5t29691z.cpl
    c:\windows\6901vi575z.bin
    c:\windows\6958wozm1e95.ocx
    c:\windows\6abdth9efz255.cpl
    c:\windows\6ad4thie5z996.dll
    c:\windows\6b49t5zef2030.bin
    c:\windows\6c1z59r2654.cpl
    c:\windows\6cvirz529.dll
    c:\windows\6e00downzoad5r1019.ocx
    c:\windows\6e2edow5l9ader1z59.dll
    c:\windows\6e2fdoznloade92256.dll
    c:\windows\6f195te9l394z.ocx
    c:\windows\6zcfad5ware9379.cpl
    c:\windows\70459zoj7b5.exe
    c:\windows\720th5zf9001.ocx
    c:\windows\72azaddware30509.exe
    c:\windows\7357s5ywaze1911.bin
    c:\windows\7437w5rz75b9.ocx
    c:\windows\74b8backdoo9322z5.ocx
    c:\windows\7563stz9l349.dll
    c:\windows\75bb9teaz1505.cpl
    c:\windows\762dsp9w5ze969.dll
    c:\windows\7856wor9279z.ocx
    c:\windows\7865baczdoor1998.ocx
    c:\windows\78c3s9yware1056z.cpl
    c:\windows\7932s5y4z9.exe
    c:\windows\795bsparsez2715.bin
    c:\windows\79easpywaz93085.exe
    c:\windows\79ffthief5877z.exe
    c:\windows\7b79zownloader20495.bin
    c:\windows\7b9fthief1z95.cpl
    c:\windows\7e5eadzwa5e7519.ocx
    c:\windows\7f91s5ezl2267.exe
    c:\windows\7z15s9eal1357.cpl
    c:\windows\7za59ir35.exe
    c:\windows\81es9ywar5z474.bin
    c:\windows\824v5rz299.exe
    c:\windows\8319zpy5005.bin
    c:\windows\8999spy65z.ocx
    c:\windows\9009vir5z312.cpl
    c:\windows\9035zirus6f9.cpl
    c:\windows\90786hack5ooz4aa.dll
    c:\windows\9115vi59z61b.cpl
    c:\windows\922dbazkd5or1166.dll
    c:\windows\925dspyware1z54.dll
    c:\windows\9273vi5us28z.ocx
    c:\windows\9283thi5f6z8.cpl
    c:\windows\93193worz7645.cpl
    c:\windows\940695roj1d7z.dll
    c:\windows\9445downloader25z3.bin
    c:\windows\9495zpyware3012.dll
    c:\windows\94z89s5ambot6ab.cpl
    c:\windows\9513viru974z.ocx
    c:\windows\953aa5dwzre2.dll
    c:\windows\9552zteal3201.cpl
    c:\windows\9554zorm9d6.cpl
    c:\windows\9580sparse4z1.bin
    c:\windows\95avi9248z.dll
    c:\windows\962vizus295.bin
    c:\windows\9651thre5z9659.exe
    c:\windows\968t5rea9z0150.exe
    c:\windows\9715vir1z33.exe
    c:\windows\987zwor53d9.ocx
    c:\windows\9885zspam5ot653.cpl
    c:\windows\99246spz658.dll
    c:\windows\99703no5-a-virzs689.dll
    c:\windows\9c25bazkd5or91.dll
    c:\windows\9dacv5r92z.dll
    c:\windows\9faspyware9z58.exe
    c:\windows\9z02worm1059.bin
    c:\windows\9z0n9t-a-virus2895.cpl
    c:\windows\9z523worm30e.exe
    c:\windows\9z54v9ru5768.cpl
    c:\windows\9z590troj587.bin
    c:\windows\9z908viru54a2.exe
    c:\windows\a5fsparse279z.ocx
    c:\windows\a79a9zw5re1043.dll
    c:\windows\b53viz990.dll
    c:\windows\bad59z1797.cpl
    c:\windows\bkqxdons.dll
    c:\windows\c92thie95193z.bin
    c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by OPTIMA SYSTEMS
    c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by OPTIMA SYSTEMS \uninstall.exe
    c:\windows\DUNGEON SIEGE 2 AUTOCRACK by OPTIMA SYSTEMS
    c:\windows\DUNGEON SIEGE 2 AUTOCRACK by OPTIMA SYSTEMS \uninstall.exe
    c:\windows\e5evi959z.exe
    c:\windows\exgq.exe
    c:\windows\ez5sp9rse2505.dll
    c:\windows\Installer\102255b.msp
    c:\windows\Installer\10def5c.msi
    c:\windows\Installer\11dbcc.msi
    c:\windows\Installer\11dbd2.msi
    c:\windows\Installer\11ddbf.msi
    c:\windows\Installer\1275a34.msp
    c:\windows\Installer\157b1bf.msi
    c:\windows\Installer\157b1c8.msi
    c:\windows\Installer\173ce3a.msi
    c:\windows\Installer\173cee7.msi
    c:\windows\Installer\173cee8.msp
    c:\windows\Installer\173cee9.msp
    c:\windows\Installer\173ceea.msp
    c:\windows\Installer\173ceeb.msp
    c:\windows\Installer\173ceec.msp
    c:\windows\Installer\173ceed.msp
    c:\windows\Installer\173ceee.msp
    c:\windows\Installer\173ceef.msp
    c:\windows\Installer\173cef0.msp
    c:\windows\Installer\178dad9.msi
    c:\windows\Installer\178dada.msp
    c:\windows\Installer\178dadb.msp
    c:\windows\Installer\178dadc.msp
    c:\windows\Installer\178dadd.msp
    c:\windows\Installer\178dade.msp
    c:\windows\Installer\178dadf.msp
    c:\windows\Installer\178dae0.msp
    c:\windows\Installer\178dae1.msp
    c:\windows\Installer\178dae2.msp
    c:\windows\Installer\178dae3.msp
    c:\windows\Installer\179181a.msp
    c:\windows\Installer\1791824.msp
    c:\windows\Installer\17a5385.msi
    c:\windows\Installer\17b52cb.msi
    c:\windows\Installer\17b52cc.msp
    c:\windows\Installer\17b52cd.msp
    c:\windows\Installer\17b52ce.msp
    c:\windows\Installer\17b52cf.msp
    c:\windows\Installer\17b52d0.msp
    c:\windows\Installer\17b52e0.msi
    c:\windows\Installer\17b52e1.msp
    c:\windows\Installer\17b52e2.msp
    c:\windows\Installer\17b52e3.msp
    c:\windows\Installer\17b52e4.msp
    c:\windows\Installer\17b52e5.msp
    c:\windows\Installer\17b52e6.msp
    c:\windows\Installer\17b52e7.msp
    c:\windows\Installer\17b52ee.msi
    c:\windows\Installer\17c2826.msi
    c:\windows\Installer\17c2831.msi
    c:\windows\Installer\17c283c.msi
    c:\windows\Installer\17c289a.msi
    c:\windows\Installer\17c28a7.msi
    c:\windows\Installer\17c28ad.msi
    c:\windows\Installer\17c28b3.msi
    c:\windows\Installer\17c28b9.msi
    c:\windows\Installer\17c28c0.msi
    c:\windows\Installer\17c28ca.msi
    c:\windows\Installer\17c28d0.msi
    c:\windows\Installer\19161ed.msi
    c:\windows\Installer\19363aa.msi
    c:\windows\Installer\193d577.msi
    c:\windows\Installer\1a5143.msi
    c:\windows\Installer\1a5149.msi
    c:\windows\Installer\1a9e386.msi
    c:\windows\Installer\1ad1578.msi
    c:\windows\Installer\1cc0346.msp
    c:\windows\Installer\25227af.msi
    c:\windows\Installer\258eb.msp
    c:\windows\Installer\26d964b.msi
    c:\windows\Installer\2702121.msp
    c:\windows\Installer\2d0f500.msi
    c:\windows\Installer\2d0f501.msp
    c:\windows\Installer\2d0f502.msp
    c:\windows\Installer\2d0f503.msp
    c:\windows\Installer\2d0f504.msp
    c:\windows\Installer\2d0f505.msp
    c:\windows\Installer\2d0f506.msp
    c:\windows\Installer\2d0f507.msp
    c:\windows\Installer\2d0f508.msp
    c:\windows\Installer\2d0f509.msp
    c:\windows\Installer\2d17f46.msi
    c:\windows\Installer\2d17f5f.msp
    c:\windows\Installer\2daea7.msi
    c:\windows\Installer\2ecea51.msi
    c:\windows\Installer\324fd9.msi
    c:\windows\Installer\356f0.msi
    c:\windows\Installer\356f6.msi
    c:\windows\Installer\356fc.msi
    c:\windows\Installer\3d5d0b.msi
    c:\windows\Installer\3ed080.msi
    c:\windows\Installer\43a5f4.msi
    c:\windows\Installer\43a5f8.msi
    c:\windows\Installer\45c6a.msi
    c:\windows\Installer\45c82.msp
    c:\windows\Installer\4bb1bc.msi
    c:\windows\Installer\4bb1c8.msi
    c:\windows\Installer\54ef3c.msi
    c:\windows\Installer\553d8.msi
    c:\windows\Installer\6ab77a.msi
    c:\windows\Installer\6c614.msi
    c:\windows\Installer\711a50.msp
    c:\windows\Installer\711a5a.msp
    c:\windows\Installer\711a64.msp
    c:\windows\Installer\75865.msi
    c:\windows\Installer\7587e.msp
    c:\windows\Installer\7589ac.msi
    c:\windows\Installer\770f2.msi
    c:\windows\Installer\7acb4.msi
    c:\windows\Installer\7acb5.msp
    c:\windows\Installer\7acb6.msp
    c:\windows\Installer\7acb7.msp
    c:\windows\Installer\7acb8.msp
    c:\windows\Installer\7acb9.msp
    c:\windows\Installer\7acba.msp
    c:\windows\Installer\7acbb.msp
    c:\windows\Installer\7acbc.msp
    c:\windows\Installer\7acbd.msp
    c:\windows\Installer\82607.msp
    c:\windows\Installer\8f09a0.msi
    c:\windows\Installer\8f09de.msi
    c:\windows\Installer\97b77f.msi
    c:\windows\Installer\98ebd.msi
    c:\windows\Installer\98ec9.msi
    c:\windows\Installer\9a4bb3.msi
    c:\windows\Installer\9aa59d.msi
    c:\windows\Installer\a18821.msi
    c:\windows\Installer\a18ac9.msi
    c:\windows\Installer\a18b03.msi
    c:\windows\Installer\a18b12.msi
    c:\windows\Installer\a491a.msp
    c:\windows\Installer\a87409.msi
    c:\windows\Installer\b8d2b.msp
    c:\windows\Installer\b8d2c.msp
    c:\windows\Installer\c3d22.msi
    c:\windows\Installer\e3751d.msi
    c:\windows\Installer\e37524.msi
    c:\windows\Installer\e37541.msp
    c:\windows\Installer\f1ff2.msi
    c:\windows\Installer\f71ce.msi
    c:\windows\k.txt
    c:\windows\pack.epk
    c:\windows\system32\1017noz-a-vi5u9f0.dll
    c:\windows\system32\103975ir9sz72.exe
    c:\windows\system32\105z1hack9oo5172.exe
    c:\windows\system32\10636w59m73z.dll
    c:\windows\system32\10d7s9arsz3625.dll
    c:\windows\system32\10f19ac5zoor595.ocx
    c:\windows\system32\11195pywarez99.cpl
    c:\windows\system32\11397spa9boz1555.cpl
    c:\windows\system32\119dspar5z1532.ocx
    c:\windows\system32\1230szars92548.ocx
    c:\windows\system32\124z9py54d.exe
    c:\windows\system32\1295ad5zare2979.dll
    c:\windows\system32\13199z59us3bd.dll
    c:\windows\system32\13556nz5-a-virus492.bin
    c:\windows\system32\13727s5ambo947z.exe
    c:\windows\system32\13732not-a-5zr9s3b1.exe
    c:\windows\system32\1392sparze1553.exe
    c:\windows\system32\146e5zeal292.dll
    c:\windows\system32\15008zorm493.ocx
    c:\windows\system32\150fzhi9f1558.bin
    c:\windows\system32\1519vzrus69b5.dll
    c:\windows\system32\1531s9y179z.cpl
    c:\windows\system32\153zb5ckdoor9666.ocx
    c:\windows\system32\15499zot-a-vir5s373.exe
    c:\windows\system32\15592z9555e.cpl
    c:\windows\system32\15599worm57z.cpl
    c:\windows\system32\15730woz959.dll
    c:\windows\system32\1589virus9z.ocx
    c:\windows\system32\15945hazkt9ol738.bin
    c:\windows\system32\15945trojzaf.ocx
    c:\windows\system32\15992trozfe.dll
    c:\windows\system32\15999spz205.dll
    c:\windows\system32\15a8th9ez2675.exe
    c:\windows\system32\15z22hacktool91d.ocx
    c:\windows\system32\16014trzj3995.ocx
    c:\windows\system32\16557zorm956.exe
    c:\windows\system32\16615py49z.dll
    c:\windows\system32\16z47not-a5viru9298.exe
    c:\windows\system32\174z0spambot7459.ocx
    c:\windows\system32\17593wo5z2cd.exe
    c:\windows\system32\1819hackt95lz1b.exe
    c:\windows\system32\18758hackt9oz593.exe
    c:\windows\system32\193bsteaz5834.ocx
    c:\windows\system32\1943backzoor5621.dll
    c:\windows\system32\19515spy3z8.ocx
    c:\windows\system32\19516trz919c.exe
    c:\windows\system32\195939zy40f.ocx
    c:\windows\system32\19599hzcktoo5145.ocx
    c:\windows\system32\19719trzj7195.dll
    c:\windows\system32\197459pamboz3925.bin
    c:\windows\system32\1978thr5at21z0.exe
    c:\windows\system32\19944vizus554.bin
    c:\windows\system32\19955no9-a-virzs30b.cpl
    c:\windows\system32\19d0zhief5023.cpl
    c:\windows\system32\1azath59at41.cpl
    c:\windows\system32\1deczhief3569.ocx
    c:\windows\system32\1e97backdzor591.exe
    c:\windows\system32\1z439tr9j1f5.dll
    c:\windows\system32\1z5989orm5de.ocx
    c:\windows\system32\1z808w9rm6f45.cpl
    c:\windows\system32\1z999virus15.cpl
    c:\windows\system32\1zebth9eat13657.bin
    c:\windows\system32\20418hackto9l55z.ocx
    c:\windows\system32\2065troj789z.bin
    c:\windows\system32\20z559roj5e4.dll
    c:\windows\system32\21140vz9us5a.cpl
    c:\windows\system32\21509wormzf1.ocx
    c:\windows\system32\21635zacktoo994.ocx
    c:\windows\system32\2183not-a95irzs7b0.exe
    c:\windows\system32\21zet5ief1059.ocx
    c:\windows\system32\220305izus2b9.bin
    c:\windows\system32\22145tea9756z.ocx
    c:\windows\system32\2269backdo5rz9669.exe
    c:\windows\system32\232z1s9y4a5.dll
    c:\windows\system32\23522spzm9ot5af5.bin
    c:\windows\system32\235zvir19339.bin
    c:\windows\system32\236aste9l18z5.ocx
    c:\windows\system32\23fc9hreaz15430.cpl
    c:\windows\system32\23z57spamb9t2e9.bin
    c:\windows\system32\24752not-a-zi95s31d.dll
    c:\windows\system32\24z16ha9ktoolf5.exe
    c:\windows\system32\254z1s9y1a.ocx
    c:\windows\system32\254z4not9a-virus39e.cpl
    c:\windows\system32\25564z95-a-virusce.cpl
    c:\windows\system32\2579zworm45.cpl
    c:\windows\system32\2589s5zware9105.bin
    c:\windows\system32\25971viruz4c0.bin
    c:\windows\system32\25989troj37z.dll
    c:\windows\system32\259fa9dzare1572.cpl
    c:\windows\system32\25czdo9nloade5330.bin
    c:\windows\system32\25tro95z.cpl
    c:\windows\system32\26059szambot9d3.ocx
    c:\windows\system32\26376spamz9t56b.cpl
    c:\windows\system32\26422virzs955.bin
    c:\windows\system32\2651zha9ktool4b8.exe
    c:\windows\system32\26751s95zbot423.bin
    c:\windows\system32\26z69v9rus485.exe
    c:\windows\system32\270659irzs718.exe
    c:\windows\system32\2725addware1z69.exe
    c:\windows\system32\27451not9azvirus2f7.ocx
    c:\windows\system32\27508szambotf9.cpl
    c:\windows\system32\2755w9rm4z.ocx
    c:\windows\system32\27889ot5a-viruz367.dll
    c:\windows\system32\28139hacktool58bz.bin
    c:\windows\system32\28770h9cztool735.exe
    c:\windows\system32\287aadd95rz2859.dll
    c:\windows\system32\2928zh5cktool1b5.bin
    c:\windows\system32\2931t5iefz702.exe
    c:\windows\system32\293345roz5e8.ocx
    c:\windows\system32\295sparsz1928.dll
    c:\windows\system32\29926no9-a-zirus95.exe
    c:\windows\system32\29z19not-a-v9rus345.bin
    c:\windows\system32\2d93zi53264.bin
    c:\windows\system32\2e96a9dware253z.bin
    c:\windows\system32\2f5aszeal1099.ocx
    c:\windows\system32\2z40t5ie92359.bin
    c:\windows\system32\2z93a9dware7435.bin
    c:\windows\system32\2z995hacktool69c.ocx
    c:\windows\system32\2z9bthief9165.exe
    c:\windows\system32\3019vzr5557.dll
    c:\windows\system32\30335tro95zb.dll
    c:\windows\system32\30557ha9kt5oz4de.exe
    c:\windows\system32\3085bazk5o9r2689.dll
    c:\windows\system32\30972z5cktool594.exe
    c:\windows\system32\30z23w5r9e2.exe
    c:\windows\system32\31245h9cktoolz.ocx
    c:\windows\system32\3124s9y5are16z7.ocx
    c:\windows\system32\312c5par9z3202.bin
    c:\windows\system32\3152ztr9j41.bin
    c:\windows\system32\31570worm73z9.dll
    c:\windows\system32\31945noz-a-virus445.exe
    c:\windows\system32\31afthi953028z.dll
    c:\windows\system32\31d9doznloader9035.dll
    c:\windows\system32\3209thze5462.bin
    c:\windows\system32\320caz9ware1562.dll
    c:\windows\system32\32125spazb9t5d4.dll
    c:\windows\system32\3277add5zr93014.dll
    c:\windows\system32\3349spyz59.dll
    c:\windows\system32\3395vzrus559.ocx
    c:\windows\system32\3540zhackto9l264.cpl
    c:\windows\system32\35ca9ir2z65.cpl
    c:\windows\system32\3639threat159z8.ocx
    c:\windows\system32\365sz59l2961.exe
    c:\windows\system32\37429pambot25cz.dll
    c:\windows\system32\375bazkd5or679.cpl
    c:\windows\system32\39382tr5z83.exe
    c:\windows\system32\396159y436z.dll
    c:\windows\system32\3980not-9-vi5us1az.bin
    c:\windows\system32\3c9espar5e3z70.bin
    c:\windows\system32\3de4dowzloa5er7589.dll
    c:\windows\system32\3f6zt9r5at4881.ocx
    c:\windows\system32\3fa9downlo9der2z55.exe
    c:\windows\system32\3z0esp9ware2059.ocx
    c:\windows\system32\3z3aspar5e29529.exe
    c:\windows\system32\3z46wo5931c.bin
    c:\windows\system32\3z85backdoo520199.ocx
    c:\windows\system32\40635pars92167z.bin
    c:\windows\system32\4169notza-virus9ab5.dll
    c:\windows\system32\4271woz5295.dll
    c:\windows\system32\42d59dd5are8z5.ocx
    c:\windows\system32\44za5teal12509.dll
    c:\windows\system32\4579downlo5dzr785.exe
    c:\windows\system32\457a5zckdoor914.exe
    c:\windows\system32\45c65ackdoorz4169.cpl
    c:\windows\system32\469eadd5are41z.dll
    c:\windows\system32\47265rz9a3.exe
    c:\windows\system32\4987b5ckdozr2935.dll
    c:\windows\system32\4992bac5door33z.exe
    c:\windows\system32\4995d9wnloa5ez734.dll
    c:\windows\system32\49ddbackd9oz29705.bin
    c:\windows\system32\4a765te9lz826.cpl
    c:\windows\system32\4c0dow5zo9der3025.dll
    c:\windows\system32\4d24vi9z4095.cpl
    c:\windows\system32\4d68s5zware29299.exe
    c:\windows\system32\4d7azhr5at29524.dll
    c:\windows\system32\4f539hizf2596.ocx
    c:\windows\system32\4f99t9ief5396z.exe
    c:\windows\system32\4zcfa95ware3176.ocx
    c:\windows\system32\502879zy5e.dll
    c:\windows\system32\502szam5ot4d49.ocx
    c:\windows\system32\50515not-a-virus1c9z.exe
    c:\windows\system32\5056bac9dozr713.cpl
    c:\windows\system32\5078add9arz33.cpl
    c:\windows\system32\50czdo9nloader922.dll
    c:\windows\system32\50e1thief1769z.ocx
    c:\windows\system32\50z5steal9994.dll
    c:\windows\system32\5149spyzare1941.cpl
    c:\windows\system32\5158s9arsz743.bin
    c:\windows\system32\51941wormz19.exe
    c:\windows\system32\51zethief28659.dll
    c:\windows\system32\52z9virus157.dll
    c:\windows\system32\53a1z5r969.exe
    c:\windows\system32\5468threz927998.ocx
    c:\windows\system32\5506do5nlozder695.cpl
    c:\windows\system32\5507tzreat121479.ocx
    c:\windows\system32\5550thie9504z.ocx
    c:\windows\system32\5595szarse2926.ocx
    c:\windows\system32\55ado9nloader1z9.cpl
    c:\windows\system32\55bd9zreat5559.cpl
    c:\windows\system32\562downloazer3097.exe
    c:\windows\system32\5674ha9ztool337.ocx
    c:\windows\system32\5762zte5l1965.bin
    c:\windows\system32\5767zackt9ol689.bin
    c:\windows\system32\57fcazdw5re13929.cpl
    c:\windows\system32\582589pzmbot7c7.bin
    c:\windows\system32\582ztro91df.dll
    c:\windows\system32\58875zdware9115.bin
    c:\windows\system32\5896zot-a-viru9335.bin
    c:\windows\system32\5992vir25z9.bin
    c:\windows\system32\5aa6threaz25809.ocx
    c:\windows\system32\5b88zhie51898.ocx
    c:\windows\system32\5c2spars925z5.bin
    c:\windows\system32\5c66downloadez5879.cpl
    c:\windows\system32\5c67ad5w9rz1447.exe
    c:\windows\system32\5d59vzr9922.cpl
    c:\windows\system32\5d99zteal14525.cpl
    c:\windows\system32\5dzcsparse14059.bin
    c:\windows\system32\5e215zdwa9e1977.dll
    c:\windows\system32\5f19z9yware2765.exe
    c:\windows\system32\5f19zpars92556.ocx
    c:\windows\system32\5f55ba5kdz9r2566.ocx
    c:\windows\system32\5fddzhr5at299949.bin
    c:\windows\system32\5ffvir20z9.exe
    c:\windows\system32\5z92downloade92808.dll
    c:\windows\system32\6215not-a-vizus954.dll
    c:\windows\system32\633459zm7e4.dll
    c:\windows\system32\6455wor59f5z.cpl
    c:\windows\system32\65539pyware1z55.exe
    c:\windows\system32\6635tz9e5t25523.bin
    c:\windows\system32\66925zrus308.dll
    c:\windows\system32\66b79ddzare65.exe
    c:\windows\system32\675bspazse69.exe
    c:\windows\system32\6815spamb9t41cz.ocx
    c:\windows\system32\6902spywar51957z.bin
    c:\windows\system32\69035irus952z.exe
    c:\windows\system32\692b5dzw9re2600.bin
    c:\windows\system32\6951szy6a25.exe
    c:\windows\system32\696bzhief2059.cpl
    c:\windows\system32\6991doz9loader5964.ocx
    c:\windows\system32\6999thiz51420.bin
    c:\windows\system32\69dcthzeat25505.exe
    c:\windows\system32\69z5not-a5vir9s169.exe
    c:\windows\system32\6a4cthzeat19859.exe
    c:\windows\system32\6f5zvir2495.ocx
    c:\windows\system32\6f8aviz1596.cpl
    c:\windows\system32\6z65ad9wa5e2112.cpl
    c:\windows\system32\6z98wor5c09.exe
    c:\windows\system32\70a5doznloa5er1999.exe
    c:\windows\system32\7212nzt-a-5i9us3d1.exe
    c:\windows\system32\73a59zyware2375.ocx
    c:\windows\system32\7468zp5mbo97b7.bin
    c:\windows\system32\7579thzef17219.ocx
    c:\windows\system32\75e759iez312.bin
    c:\windows\system32\76cfba9kdooz4015.ocx
    c:\windows\system32\76d7th9ea547z3.exe
    c:\windows\system32\76e9thie565z.bin
    c:\windows\system32\77465ir9358z.ocx
    c:\windows\system32\7869b5ckdozr2226.exe
    c:\windows\system32\789aspar592583z.exe
    c:\windows\system32\7906not-a-5irus54z.bin
    c:\windows\system32\7907backzoor1556.cpl
    c:\windows\system32\7969threat15287z.ocx
    c:\windows\system32\798a5iz890.bin
    c:\windows\system32\7a095hizf1724.dll
    c:\windows\system32\7c1dthief9z65.bin
    c:\windows\system32\7d65z9reat9351.cpl
    c:\windows\system32\7e69st5z93255.ocx
    c:\windows\system32\7f2zv5r197.ocx
    c:\windows\system32\7z50spyware94385.exe
    c:\windows\system32\7zc5backd9or2553.cpl
    c:\windows\system32\7zf5st95l1579.exe
    c:\windows\system32\8195wor59az.cpl
    c:\windows\system32\85409roz707.bin
    c:\windows\system32\85559zy729.bin
    c:\windows\system32\85675oz-a-virus739.bin
    c:\windows\system32\8965zroj59.cpl
    c:\windows\system32\89zthi5f20369.bin
    c:\windows\system32\8z099roj5f9.exe
    c:\windows\system32\8z91troj945.ocx
    c:\windows\system32\9009ot-z-vi5us7e6.dll
    c:\windows\system32\9023zpa5se2900.dll
    c:\windows\system32\91a35teal1z91.exe
    c:\windows\system32\91adste5lz206.bin
    c:\windows\system32\924z5ot-9-virus5c1.bin
    c:\windows\system32\9257troj76z.cpl
    c:\windows\system32\926z3n5t-a-virus68c.bin
    c:\windows\system32\93760spa5bot7zc.ocx
    c:\windows\system32\939v5zus1ad.exe
    c:\windows\system32\93a9th5efz875.cpl
    c:\windows\system32\9412zro548.exe
    c:\windows\system32\946cs5ealz539.ocx
    c:\windows\system32\94z4steal5354.dll
    c:\windows\system32\9504zvirus1e5.cpl
    c:\windows\system32\9572viz1035.bin
    c:\windows\system32\95821s5azbot148.ocx
    c:\windows\system32\9589viz161.ocx
    c:\windows\system32\95cdad5ware212z.cpl
    c:\windows\system32\95cdaddwaz51761.ocx
    c:\windows\system32\95zvi9us494.bin
    c:\windows\system32\96060w5rz127.bin
    c:\windows\system32\9634n5tza-v9rus1f7.ocx
    c:\windows\system32\96814sp5mbotz8d.cpl
    c:\windows\system32\96a5viz744.ocx
    c:\windows\system32\96asteal5z76.dll
    c:\windows\system32\97557szy6e5.dll
    c:\windows\system32\975z7spy636.ocx
    c:\windows\system32\9906w5zm10a.dll
    c:\windows\system32\9919worm25z.ocx
    c:\windows\system32\991tzie5999.cpl
    c:\windows\system32\9940s5a9bot3zd.dll
    c:\windows\system32\9954vzr2422.ocx
    c:\windows\system32\9969s5yz31.bin
    c:\windows\system32\99d4addware1536z.bin
    c:\windows\system32\99z7spy5a5.dll
    c:\windows\system32\9bezaddware1075.exe
    c:\windows\system32\9d4fthre5t332z.bin
    c:\windows\system32\9z14wo5mf49.cpl
    c:\windows\system32\9z67tr9j105.exe
    c:\windows\system32\a539teal28z9.bin
    c:\windows\system32\ac5s9zware459.bin
    c:\windows\system32\b55stealz990.ocx
    c:\windows\system32\b5fspzr9e395.bin
    c:\windows\system32\b95bzckdoor1260.exe
    c:\windows\system32\cfasp59se268z.ocx
    c:\windows\system32\ddstea922z5.dll
    c:\windows\system32\drivers\npf.sys
    c:\windows\system32\ff3th5ef1195z.cpl
    c:\windows\system32\kdfinj.dll
    c:\windows\system32\Packet.dll
    c:\windows\system32\ps2.bat
    c:\windows\system32\pthreadVC.dll
    c:\windows\system32\WanPacket.dll
    c:\windows\system32\wpcap.dll
    c:\windows\system32\z081add9ar52192.cpl
    c:\windows\system32\z1648wo95ca.dll
    c:\windows\system32\z225troj199.bin
    c:\windows\system32\z2867wo5m459.exe
    c:\windows\system32\z4855s5ambot1c09.dll
    c:\windows\system32\z49f5teal2906.cpl
    c:\windows\system32\z4b79hreat31425.exe
    c:\windows\system32\z5529worm97f.cpl
    c:\windows\system32\z5855w9rm143.dll
    c:\windows\system32\z6665hac9tool5b7.exe
    c:\windows\system32\z692thr5at1132.exe
    c:\windows\system32\z7020not5a-virus449.dll
    c:\windows\system32\z702vi59.exe
    c:\windows\system32\z769thr5at18805.exe
    c:\windows\system32\z8540tro9298.ocx
    c:\windows\system32\z8735pambo938f.exe
    c:\windows\system32\z8a5do9nl5ader2735.bin
    c:\windows\system32\zcbasp9ware2035.cpl
    c:\windows\system32\zd67t9reat14258.ocx
    c:\windows\system32\zdd2ba5kd9or1370.exe
    c:\windows\system32\ze59steal1914.ocx
    c:\windows\tmlpcert2007
    c:\windows\woprdagt.exe
    c:\windows\z0473not-a-virus5b59.exe
    c:\windows\z0517troj689.bin
    c:\windows\z105wor56f19.cpl
    c:\windows\z19backdoo5303.ocx
    c:\windows\z236s95rse1525.ocx
    c:\windows\z41c5hreat98617.bin
    c:\windows\z49225ot-a-virus3fd9.exe
    c:\windows\z5544not-a-v95us3a6.cpl
    c:\windows\z5556tr59785.bin
    c:\windows\z56599py6cb.cpl
    c:\windows\z56c5hreat39619.ocx
    c:\windows\z585spywa9e1673.exe
    c:\windows\z755thi9f2890.ocx
    c:\windows\z79addw5re1999.cpl
    c:\windows\z8143sp5796.ocx
    c:\windows\z8953virus11d.exe
    c:\windows\z8993hackt5ol9d.exe
    c:\windows\z9559tr9j1555.bin
    c:\windows\z993bac5door999.cpl
    c:\windows\z9955not-a-vir5s3f9.bin
    c:\windows\z995thief205.dll
    c:\windows\za45threat22596.dll
    c:\windows\zac5ad9war53227.cpl
    c:\windows\zc85steal28759.ocx
    c:\windows\zd1abackdoor21589.dll
    c:\windows\zf119hief28285.bin
    c:\windows\zf59s9yware2849.cpl
    D:\resycled
    c:\recycler\S-1-5-21-1242983221-992244275-1784959909-1008 . . . . failed to delete

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_GAOPDXSERV.SYS
    -------\Legacy_npf
    -------\Service_gaopdxserv.sys
    -------\Service_npf

    ((((((((((((((((((((((((( Files Created from 2009-07-27 to 2009-08-27 )))))))))))))))))))))))))))))))
    .

    2009-08-27 16:51 . 2009-08-27 22:59 -------- d-----w- c:\program files\trend micro
    2009-08-27 16:51 . 2009-08-27 16:52 -------- d-----w- C:\rsit
    2009-08-27 08:40 . 2009-08-27 08:40 33792 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
    2009-08-26 23:54 . 2009-08-26 23:55 -------- d-----w- c:\program files\iTunes
    2009-08-26 23:54 . 2009-08-26 23:55 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-08-26 23:52 . 2009-08-26 23:52 -------- d-----w- c:\program files\Bonjour
    2009-08-26 23:50 . 2009-08-26 23:51 -------- d-----w- c:\program files\QuickTime
    2009-08-26 23:45 . 2009-07-09 10:16 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-08-11 13:49 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
    2009-08-11 13:49 . 2006-10-16 14:10 23856 ----a-w- c:\windows\system32\spupdsvc.exe
    2009-08-11 13:42 . 2009-08-11 13:42 -------- d-----w- c:\program files\Cyanide
    2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\HP_Prop\Bullfrog
    2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\HP_Prop
    2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\windows\system\KEEPER
    2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\program files\Bullfrog
    2009-08-09 18:13 . 2009-08-09 18:13 -------- d-----w- C:\KEEPER
    2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\AskSearch
    2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\AskBarDis
    2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\uTorrent
    2009-07-29 19:49 . 2009-07-29 19:49 -------- d-----w- c:\program files\trust global

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-08-27 10:41 . 2009-01-25 16:07 189744 ----a-w- c:\windows\system32\PnkBstrB.exe
    2009-08-27 10:31 . 2009-01-25 16:07 139904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2009-08-25 09:27 . 2009-07-01 23:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Loud spam else tool
    2009-08-23 13:19 . 2009-07-17 17:17 -------- d-----w- c:\program files\MpcStar
    2009-08-17 16:10 . 2009-02-17 00:43 1279456 ----a-w- c:\windows\system32\aswBoot.exe
    2009-08-17 16:06 . 2009-02-17 00:43 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2009-08-17 16:06 . 2009-02-17 00:43 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2009-08-17 16:05 . 2009-02-17 00:43 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-08-17 16:05 . 2009-02-17 00:43 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-08-17 16:04 . 2009-02-17 00:43 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-08-17 16:04 . 2009-02-17 00:43 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-08-17 16:03 . 2009-02-17 00:43 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2009-08-17 16:02 . 2009-02-17 00:43 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-08-13 17:41 . 2009-07-16 15:45 -------- d-----w- c:\program files\CometBird
    2009-08-11 17:45 . 2009-02-03 19:30 -------- d-----w- c:\program files\Microsoft Games
    2009-08-06 20:51 . 2009-07-16 15:39 -------- d-----w- c:\program files\BitComet
    2009-08-02 11:47 . 2009-07-01 23:49 -------- d-----w- c:\program files\Adverts
    2009-07-28 12:57 . 2009-07-28 12:49 -------- d-----w- c:\program files\MediaInfo
    2009-07-28 12:56 . 2009-07-28 12:56 604488 ----a-w- c:\windows\system32\TUProgSt.exe
    2009-07-28 12:56 . 2009-07-28 12:56 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2009-07-28 12:56 . 2009-07-28 12:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
    2009-07-28 12:51 . 2009-07-28 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
    2009-07-28 12:51 . 2009-07-28 12:51 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-07-26 13:05 . 2009-07-26 13:05 -------- d-----w- c:\program files\Aimersoft
    2009-07-22 16:54 . 2008-06-16 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2009-07-22 10:53 . 2008-10-30 14:17 -------- d-----w- c:\program files\Wakfu
    2009-07-21 15:53 . 2009-07-02 20:52 -------- d-----w- c:\program files\Everest Poker
    2009-07-19 09:18 . 2009-02-22 16:00 -------- d-----w- c:\program files\BitSpirit
    2009-07-19 09:15 . 2008-10-25 20:24 -------- d-----w- c:\program files\Gpotato.eu
    2009-07-15 09:48 . 2009-07-28 12:56 29000 ----a-w- c:\windows\system32\uxtuneup.dll
    2009-07-13 12:22 . 2009-07-13 12:22 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
    2009-07-09 10:16 . 2009-02-25 10:32 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-07-02 18:05 . 2009-03-28 15:33 -------- d-----w- c:\program files\NDSROM Player
    2009-07-01 23:49 . 2009-07-01 23:49 -------- d-----w- c:\program files\MessengerPlus! 3
    2009-07-01 01:13 . 2009-01-25 16:06 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
    2009-06-30 23:56 . 2007-07-05 20:55 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
    2009-06-06 10:03 . 2009-02-17 20:27 96 ---ha-w- c:\windows\system32\HsInfo.dat
    2009-01-24 21:50 . 2005-09-17 13:59 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

    [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
    [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

    [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
    [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-29 68856]
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-02-06 3572984]
    "Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-03-24 3587120]
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-07-31 288048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-01-02 36972]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-06 339968]
    "HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
    "HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
    "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
    "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
    "SSC_UserPrompt"="c:\program files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-08-16 218240]
    "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
    "IS CfgWiz"="c:\program files\Norton Internet Security\cfgwiz.exe" [2004-08-24 132248]
    "URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 33936]
    "PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
    "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
    "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
    "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-07-01 190024]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
    "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
    "AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

    c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
    AutoTBar.exe [2003-9-30 57344]

    c:\documents and settings\Administrateur.NOM-EB85C523610\Menu D‚marrer\Programmes\D‚marrage\
    AutoTBar.exe [2003-9-30 57344]

    c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
    AutoTBar.exe [2003-9-30 57344]

    c:\documents and settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
    ikowin32.exe [2004-8-5 23040]
    Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Propri‚taire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-6-15 135680]

    c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-5 258048]
    icwsetup.exe [2009-8-27 33792]
    Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-25 67128]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-25 688128]

    c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
    AutoTBar.exe [2003-9-30 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
    "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
    "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
    "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
    "c:\\Program Files\\Metin2_France\\metin2.bin"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Cyanide\\Dungeon Party\\DungeonParty.exe"=
    "c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "7720:TCP"= 7720:TCP:BitComet 7720 TCP
    "7720:UDP"= 7720:UDP:BitComet 7720 UDP
    "1:TCP"= 1:TCP:jjj

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17/02/2009 02:43 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17/02/2009 02:43 20560]
    R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [28/07/2009 14:56 604488]
    R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [31/05/2009 02:15 79104]
    S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [31/07/2009 20:45 234888]
    S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [31/05/2009 02:15 131072]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 XDva221;XDva221;\??\c:\windows\system32\XDva221.sys --> c:\windows\system32\XDva221.sys [?]
    S3 XDva224;XDva224;\??\c:\windows\system32\XDva224.sys --> c:\windows\system32\XDva224.sys [?]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Contents of the 'Scheduled Tasks' folder

    2009-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2009-08-27 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 09:00]

    2009-08-21 c:\windows\Tasks\Norton Security Scan.job
    - c:\program files\Norton Security Scan\Nss.exe [2008-01-09 02:08]

    2005-01-02 c:\windows\Tasks\Symantec NetDetect.job
    - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-01-02 17:22]
    .
    - - - - ORPHANS REMOVED - - - -

    URLSearchHooks-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
    Toolbar-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
    WebBrowser-{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - (no file)
    HKLM-Run-15820934 - c:\documents and settings\All Users\Application Data\15820934\15820934.exe
    HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe

    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.ask.com/?o=13928&l=dis
    uSearch Page = hxxp://www.google.com
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
    uSearch Bar =
    mStart Page = hxxp://www.yahoo.com
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
    uInternet Connection Wizard,ShellNext = hxxp://www.apple.com/fr/itunes/download/
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-28 01:43
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    c:\docume~1\HP_PRO~1\LOCALS~1\Temp\RGI4.tmp 7136 bytes

    scan completed successfully
    hidden files: 1

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(800)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(3972)
    c:\program files\MessengerPlus! 3\MsgPlusLoader.dll
    c:\windows\system32\msi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\windows\system32\ati2evxx.exe
    c:\program files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\program files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\
    0
  14. Niitro Messages postés 24 Statut Membre
     
    Voila dsl pour l'attente mais mon ordi n'est pas du dernier crie ...
    0
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Tu n'as pas venu pour rien.

    ---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
    ---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
    ---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
    ---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
    ---> Sélectionne Exécuter un examen rapide.
    ---> Clique sur Rechercher. L'analyse démarre.

    A la fin de l'analyse, un message s'affiche :

    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    ---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
    ---> Ferme tes navigateurs.
    Si des malwares ont été détectés, clique sur Afficher les résultats.
    ---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
    ---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    0
  16. Niitro Messages postés 24 Statut Membre
     
    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2707
    Windows 5.1.2600 Service Pack 2

    28/08/2009 02:24:21
    mbam-log-2009-08-28 (02-24-21).txt

    Type de recherche: Examen rapide
    Eléments examinés: 123992
    Temps écoulé: 8 minute(s), 0 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 26
    Fichier(s) infecté(s): 334

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\WiniBlueSoft (Rogue.WiniBlue) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\IESkins (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1041655.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1043399.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057185.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057776.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1384577.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1416861.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2258213.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2563373.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2656897.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3750949.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3752096.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3893498.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\442905.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\575811.sdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023894 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024148 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026054 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026149 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027037 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000028063 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000029298 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032930 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033079 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000044868 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000047858 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052008 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052451 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052615 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000057533 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059264 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059554 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000061533 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000062177 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063490 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063625 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063820 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000064073 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065105 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065154 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065227 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000068631 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000074984 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000081898 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082129 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082797 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000083033 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\116977 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\12457 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13632 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1491 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19650 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20516 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20970 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\23928 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\247895 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25063 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25424 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\266291 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27505 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\29547 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\296128 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\303579 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\306 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32242 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32418 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32887 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\3338 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33695 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34374 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34911 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\374830 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\37616 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39228 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39232 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\411116 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4142 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\41499 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\42849 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44228 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44279 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44293 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4442 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44878 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\451453 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\459338 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\472390 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\477407 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\479957 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49442 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49444 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\51174 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\520094 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\52968 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\53842 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\54488 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\546899 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\553177 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\571472 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\572023 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\578104 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\57973 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59598 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\624121 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\628262 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\658110 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67469 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68055 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68098 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\690746 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69235 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69263 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\703600 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704965 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705060 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705131 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705150 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705248 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705252 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705265 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705290 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705461 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\711791 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\716428 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\733622 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\738320 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\742100 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\744920 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\745356 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\749298 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750789 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\75089 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750891 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\7521 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\78600 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79432 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79986 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81293 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\82011 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\83226 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\85365 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\86587 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\87304 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90008 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90271 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90358 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95678 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95704 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97494 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97741 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\98250 (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat\3754.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\top7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\videosoft\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\ikowin32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    0
  17. Niitro Messages postés 24 Statut Membre
     
    Voila j'espère ne pas avoir fais de mauvaises manipulations
    0
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ● Relance MBAM, va dans Quarantaine et supprime tout.

    ● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

    ● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
    ● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
    ● Au menu principal, choisis l'option L.
    ● Poste le rapport généré (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    0
  19. Niitro Messages postés 24 Statut Membre
     
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_Q | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 26/08/2009 à 6:37 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 2:35:17, 28/08/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ v5.1.2600
    Nom du PC: NOM-EB85C523610 | Utilisateur actuel: HP_Propri‚taire
    .
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    Service: "ASKUpgrade"
    .
    HKCR\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKCU\Software\Grand Virtual
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    .
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe
    C:\Program Files\AskBarDis\bar\bin
    C:\Program Files\AskBarDis\bar\Cache
    C:\Program Files\AskBarDis\bar\History
    C:\Program Files\AskBarDis\bar\Settings
    C:\Program Files\AskBarDis\bar\bin\askBar.dll
    C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
    C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
    C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
    C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    C:\Program Files\AskBarDis\bar\bin\psvince.dll
    C:\Program Files\AskBarDis\bar\Cache\022D75E6
    C:\Program Files\AskBarDis\bar\Cache\022DCB0B.bin
    C:\Program Files\AskBarDis\bar\Cache\022DEA4B.bin
    C:\Program Files\AskBarDis\bar\Cache\022DEC3F.bin
    C:\Program Files\AskBarDis\bar\Cache\0232D786.bin
    C:\Program Files\AskBarDis\bar\Cache\0232DFB4.bin
    C:\Program Files\AskBarDis\bar\Cache\0232E1F6.bin
    C:\Program Files\AskBarDis\bar\Cache\files.ini
    C:\Program Files\AskBarDis\bar\History\search
    C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
    C:\Program Files\AskBarDis\bar\Settings\config.dat
    C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
    C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
    C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
    C:\Program Files\AskBarDis
    C:\Program Files\AskSearch\bin
    C:\Program Files\AskSearch
    C:\Program Files\Everest Poker\casino.exe
    C:\Program Files\Everest Poker\CStart.exe
    C:\Program Files\Everest Poker\data
    C:\Program Files\Everest Poker\Everest Poker.exe
    C:\Program Files\Everest Poker\gvbase.dll
    C:\Program Files\Everest Poker\gvcrt.dll
    C:\Program Files\Everest Poker\gvgfx-dib.dll
    C:\Program Files\Everest Poker\gvgfx.dll
    C:\Program Files\Everest Poker\gvmain.dll
    C:\Program Files\Everest Poker\gvmain.exe
    C:\Program Files\Everest Poker\gvnetwork.dll
    C:\Program Files\Everest Poker\gvsound.dll
    C:\Program Files\Everest Poker\history
    C:\Program Files\Everest Poker\init.ini
    C:\Program Files\Everest Poker\log.dat
    C:\Program Files\Everest Poker\settings.ini
    C:\Program Files\Everest Poker\toc_fr.ini
    C:\Program Files\Everest Poker\data\fonts
    C:\Program Files\Everest Poker\data\mp-lobby
    C:\Program Files\Everest Poker\data\mp-poker
    C:\Program Files\Everest Poker\data\shared
    C:\Program Files\Everest Poker\data\startup
    C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
    C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
    C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
    C:\Program Files\Everest Poker\data\mp-poker\background
    C:\Program Files\Everest Poker\data\mp-poker\fr
    C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
    C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
    C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
    C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
    C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
    C:\Program Files\Everest Poker\data\shared\fr
    C:\Program Files\Everest Poker\data\shared\shared
    C:\Program Files\Everest Poker\data\shared\fr\country.txt
    C:\Program Files\Everest Poker\data\shared\fr\language.txt
    C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps
    C:\Program Files\Everest Poker\data\shared\shared\sounds
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
    C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
    C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
    C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
    C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
    C:\Program Files\Everest Poker\data\startup\en
    C:\Program Files\Everest Poker\data\startup\fr
    C:\Program Files\Everest Poker\data\startup\shared
    C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
    C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
    C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
    C:\Program Files\Everest Poker\data\startup\shared\bitmaps
    C:\Program Files\Everest Poker\data\startup\shared\icons
    C:\Program Files\Everest Poker\data\startup\shared\sounds
    C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
    C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
    C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
    C:\Program Files\Everest Poker\history\4.txt
    C:\Program Files\Everest Poker\history\6.txt
    C:\Program Files\Everest Poker
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\searchplugins\ask.xml
    C:\Documents and Settings\HP_Propri‚taire\Bureau\Everest Poker.exe
    C:\Documents and Settings\HP_Propri‚taire\Bureau\autre\Everest Poker.exe
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@pacificpoker[2].txt
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@partypoker[2].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.0.13 *
    .
    Nom du profil: fzh42cwq.default (HP_Propri‚taire)
    .
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13");
    .
    .
    .
    * Internet Explorer Version 6.0.2900.2180 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs : res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    10333 Octet(s) - C:\Ad-Report-CLEAN.log
    .
    3 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
    2 Fichier(s) - C:\WINDOWS\Temp
    .
    19 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    31 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
    .
    Fin à: 2:50:13 | 28/08/2009
    .
    ============== E.O.F ==============
    .
    0
  20. Niitro Messages postés 24 Statut Membre
     
    Voila ... quelle longue procédure pour un aussi vicieux anti-virus ....
    0
  21. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    --> Désinstalle Ad-Remover.

    --> Menu Démarrer > Exécuter > Tape combofix /u et valide.

    --> Refais un scan RSIT et poste le rapport log.
    0
  • 1
  • 2