Hacked by x4x

Résolu
aikakouki Messages postés 75 Statut Membre -  
 gen-hackman -
Bonjour,

Depuis peu, mon ordinateur est contaminé par ce virus ( il y a marqué hacked by x4x sur mon navigateur IE ).
Je ne sais pas quoi faire et j'espère que vous pourrez m'aider.

Merci d'avance.

69 réponses

  • 1
  • 2
  • 3
  • 4
Résumé de la discussion

Un virus affiche 'hacked by x4x' sur le navigateur IE et complique la sécurité de l’ordinateur, ce qui pousse les utilisateurs à rechercher des méthodes de désinfection et de confinement.
Plusieurs conseils suggèrent d'isoler le PC, de connecter les sources externes à un poste sain puis d'utiliser UsbFix en option de suppression et d'analyser le rapport obtenu.
D'autres recommandations décrivent l'usage d'Otm (OldTimer) et ToolsCleaner2 pour nettoyer les traces, les manipulations incluent la désactivation puis la réactivation de la restauration système et parfois le formatage du disque.
Cependant, certains répondants signalent que certaines actions peuvent affecter le bureau et leurs fichiers, et recommandent aussi de vérifier les périphériques externes pour détecter une éventuelle infection croisée.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    bon isole ce pc de l autre et branche toutes tes clé usb et disque dur externes dessus

    ce pc est tres infecté notamment par virut , la pire saloperie qu il soit

    ########

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur ton bureau

    • choisis l'option 2 ( Suppression )

    • Ton bureau disparaitra et le pc redémarrera .

    • Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

    • Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    1
  2. Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   667
     
    salut,

    Telecharges RSIT " Random's System Information Tool " sur ton bureau :
    http://images.malwareremoval.com/random/RSIT.exe

    - Fermes toutes les applications en cours et double clic sur RSIT.exe
    - Selectionnes " Continue " à l'ecran >> RSIT va analyser le pc et verifier si l'outil hijackthis ( version à jour) est présent sur le pc, si ce n'est pas le cas, RSIT le telechargera >> acceptes la license
    - Une fois l'analyse terminée, 2 rapports.txt s'ouvrent, log.txt à l'écran et info.txt dans la barre des taches
    - Postes le contenu des 2 rapports
    0
  3. aikakouki Messages postés 75 Statut Membre 8
     
    Voila les rapports :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FATHI at 2009-09-01 13:28:57
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 155 GB (66%) free of 233 GB
    Total RAM: 2046 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:29:04, on 01/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\NETGEAR\WPN111\wpn111.exe
    C:\Documents and Settings\FATHI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbappHelper.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    D:\sauve1\RSIT.exe
    C:\Program Files\trend micro\FATHI.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = .-~= Hacked by x4x =~-.
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll
    O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: CoolIrisIEHelperObject.CoolIrisIEBHO - {AD0BAB4B-212D-45D7-9E5B-CB1579132715} - C:\Program Files\CoolIris\CoolIrisIEHelperObject.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll
    O2 - BHO: TBSB00982 - {DA3D342F-FF20-4E31-9E82-22334155730C} - C:\Documents and Settings\FATHI\Desktop\Musique Rémi\Antbar\Ant.com Toolbar\tbcore3.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: Ant.com Toolbar - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} - C:\Documents and Settings\FATHI\Desktop\Musique Rémi\Antbar\Ant.com Toolbar\tbcore3.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [regdiit] C:\WINDOWS\system32\win.exe
    O4 - HKLM\..\Run: [CTFMON] C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\FATHI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
    O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - C:\Program Files\CoolIris\CoolIrisPreferences.exe
    O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - C:\Program Files\CoolIris\CoolIrisPreferences.exe
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} (QuickUpload) - http://a01-b01.mypicturetown.com/P2PwebCmdController/x/Upld_47.CAB
    O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    0
  4. Utilisateur anonyme
     
    Salut ,

    Pour avancer Ced_King :

    • Télécharge et install UsbFix

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur ton bureau .

    • Choisis l'option 1 ( Recherche )

    • Laisse travailler l'outil.

    Ensuite post le rapport UsbFix.txt qui apparaitra.

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    • Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    • Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   667
     
    Salut Chiquitine,

    - Merci, j'étais occupé ailleurs ;-)

    aikakouki, continue avec Chiquitine, tu es entre de bonnes mains...

    - je suis quand même au cas où !
    0
  7. aikakouki Messages postés 75 Statut Membre 8
     
    Voila le rapport d'Usbfix :

    ############################## | UsbFix V6.024 |

    User : FATHI (Administrators) # JERFEL-0031A9BF
    Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
    Start at: 14:33:06 | 01/09/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
    Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! antivirus 4.8.1335 [VPS 090831-0] 4.8.1335 [ Enabled | Updated ]
    FW : NVIDIA Firewall[ Enabled ]1.0

    C:\ -> Local Fixed Disk # 228 Go (151,28 Go free) # NTFS
    D:\ -> Local Fixed Disk # 232,88 Go (180,43 Go free) # NTFS
    E:\ -> Removable Disk
    F:\ -> Removable Disk
    G:\ -> Removable Disk
    H:\ -> Removable Disk
    I:\ -> Local Fixed Disk # 4,87 Go (262,28 Mo free) # NTFS
    J:\ -> CD-ROM Disc # 151,79 Mo (0 Mo free) [YP-S3J] # CDFS
    K:\ -> Local Fixed Disk

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\NETGEAR\WPN111\wpn111.exe
    C:\Documents and Settings\FATHI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbappHelper.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\System32\wudfhost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |

    Présent ! J:\autorun.inf

    ################## | Suspect ! ... | https://www.virustotal.com/gui/ |

    ################## | Registre # Clés Run infectieuses |

    Présent ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "CTFMON"
    Présent ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "regdiit"
    Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
    Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe
    Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
    Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
    Présent ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe
    Présent ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\rstrui.exe
    Présent ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\dwwin.exe
    Présent ! HKLM\software\microsoft\security center "AntiVirusOverride" ( 0x1 )

    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{01c459ea-4fef-11dd-89b2-00155810cf6b}
    Shell\AutoRun\command =I:\WD_Windows_Tools\Setup.exe

    HKCU\..\..\Explorer\MountPoints2\{134cc482-0e6b-11de-8bca-00155810cf6b}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

    HKCU\..\..\Explorer\MountPoints2\{1c39f840-2a59-11dd-8954-b9a56ef5626c}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

    HKCU\..\..\Explorer\MountPoints2\{824264d6-26c2-11de-8bf7-00155810cf6b}
    Shell\AutoRun\command =I:\photos.exe
    Shell\explore\command =I:\photos.exe
    Shell\open\command =I:\photos.exe

    HKCU\..\..\Explorer\MountPoints2\{ad963b54-b59c-11dd-8b14-00155810cf6b}
    Shell\AutoRun\command =wscript.exe .\.vbs
    Shell\open\command =wscript.exe .\.vbs

    HKCU\..\..\Explorer\MountPoints2\{b0037904-13cb-11de-8bd5-00155810cf6b}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

    HKCU\..\..\Explorer\MountPoints2\{bcf4ac69-2130-11dd-a1fb-806d6172696f}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

    HKCU\..\..\Explorer\MountPoints2\{ca914c3d-ab06-11dd-8aef-00155810cf6b}
    Shell\Auto\command =I:\sal.xls.exe
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe

    ################## | Cracks / Keygens / Serials |

    ################## | ! Fin du rapport # UsbFix V6.024 ! |
    0
  8. Utilisateur anonyme
     
    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur ton bureau

    • choisis l'option 2 ( Suppression )

    • Ton bureau disparaitra et le pc redémarrera .

    • Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

    • Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  9. aikakouki Messages postés 75 Statut Membre 8
     
    Voila le nouveau rapport :

    ############################## | UsbFix V6.024 |

    User : FATHI (Administrators) # JERFEL-0031A9BF
    Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
    Start at: 14:48:18 | 01/09/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
    Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! antivirus 4.8.1335 [VPS 090831-0] 4.8.1335 [ Enabled | Updated ]
    FW : NVIDIA Firewall[ Enabled ]1.0

    C:\ -> Local Fixed Disk # 228 Go (151,24 Go free) # NTFS
    D:\ -> Local Fixed Disk # 232,88 Go (180,43 Go free) # NTFS
    E:\ -> Removable Disk
    F:\ -> Removable Disk
    G:\ -> Removable Disk
    H:\ -> Removable Disk
    I:\ -> Local Fixed Disk # 4,87 Go (262,28 Mo free) # NTFS
    J:\ -> CD-ROM Disc # 151,79 Mo (0 Mo free) [YP-S3J] # CDFS
    K:\ -> Local Fixed Disk

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\System32\wudfhost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe

    ################## | Fichiers # Dossiers infectieux |

    Non supprimé ! J:\autorun.inf

    ################## | Autres |

    ################## | Suspect ! ... | https://www.virustotal.com/gui/ |

    ################## | Registre # Clés Run infectieuses |

    Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "CTFMON"
    Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "regdiit"
    Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
    Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe
    Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
    Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
    Supprimé ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe
    Supprimé ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\rstrui.exe
    Supprimé ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\dwwin.exe
    # HKLM\software\microsoft\security center "AntiVirusOverride" # -> Reset sucessfully !

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{01c459ea-4fef-11dd-89b2-00155810cf6b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{134cc482-0e6b-11de-8bca-00155810cf6b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{1c39f840-2a59-11dd-8954-b9a56ef5626c}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{824264d6-26c2-11de-8bf7-00155810cf6b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ad963b54-b59c-11dd-8b14-00155810cf6b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b0037904-13cb-11de-8bd5-00155810cf6b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bcf4ac69-2130-11dd-a1fb-806d6172696f}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ca914c3d-ab06-11dd-8aef-00155810cf6b}\Shell\Auto\Command

    ################## | Listing des fichiers présent |

    [13/05/2008 22:52|--a------|0] -> C:\AUTOEXEC.BAT
    [09/08/2009 14:11|-rahs----|322] -> C:\boot.ini
    [13/05/2008 22:52|--a------|0] -> C:\CONFIG.SYS
    [13/05/2008 22:52|-r-hs----|0] -> C:\IO.SYS
    [13/05/2008 22:52|-r-hs----|0] -> C:\MSDOS.SYS
    [14/04/2008 14:00|-rahs----|47564] -> C:\NTDETECT.COM
    [14/04/2008 14:00|-rahs----|250048] -> C:\ntldr
    [?|?|?] -> C:\pagefile.sys
    [26/07/2009 17:20|--ah-----|268] -> C:\sqmdata00.sqm
    [28/07/2009 07:39|--ah-----|268] -> C:\sqmdata01.sqm
    [28/07/2009 19:42|--ah-----|268] -> C:\sqmdata02.sqm
    [29/07/2009 00:17|--ah-----|268] -> C:\sqmdata03.sqm
    [29/07/2009 22:56|--ah-----|268] -> C:\sqmdata04.sqm
    [31/07/2009 22:24|--ah-----|268] -> C:\sqmdata05.sqm
    [17/08/2009 23:09|--ah-----|268] -> C:\sqmdata06.sqm
    [26/07/2009 17:20|--ah-----|244] -> C:\sqmnoopt00.sqm
    [28/07/2009 07:39|--ah-----|244] -> C:\sqmnoopt01.sqm
    [28/07/2009 19:42|--ah-----|244] -> C:\sqmnoopt02.sqm
    [29/07/2009 00:17|--ah-----|244] -> C:\sqmnoopt03.sqm
    [29/07/2009 22:56|--ah-----|244] -> C:\sqmnoopt04.sqm
    [31/07/2009 22:24|--ah-----|244] -> C:\sqmnoopt05.sqm
    [17/08/2009 23:09|--ah-----|244] -> C:\sqmnoopt06.sqm
    [02/08/2009 16:27|--a------|0] -> C:\testwma.raw
    [01/09/2009 14:53|--a------|6068] -> C:\UsbFix.txt
    [25/08/2009 19:00|--ahs----|2145386496] -> D:\pagefile.sys
    [18/10/2007 04:19|-r-------|1146880] -> J:\Autorun.exe
    [15/02/2006 05:49|-r-------|47] -> J:\Autorun.inf

    ################## | Cracks / Keygens / Serials |

    ################## | ! Fin du rapport # UsbFix V6.024 ! |
    0
  10. Utilisateur anonyme
     
    • Telecharge malwarebytes

    • Tu l´instale, le programme va se mettre automatiquement a jour.

    • Une fois a jour, le programme va se lancer.

    • Click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    • Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".

    • Puis click sur "rechercher".

    • Laisse le scanner le pc...

    • Si des elements on ete trouvés > click sur supprimer la selection.

    • Si il t´es demandé de redemarrer > click sur "yes".

    • A la fin un rapport va s´ouvrir, sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

    • Copie et colle le rapport stp.
    0
  11. aikakouki Messages postés 75 Statut Membre 8
     
    Voila le rapport :

    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2725
    Windows 5.1.2600 Service Pack 3

    01/09/2009 15:44:21
    mbam-log-2009-09-01 (15-44-21).txt

    Type de recherche: Examen rapide
    Eléments examinés: 93040
    Temps écoulé: 6 minute(s), 42 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 48
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 54
    Fichier(s) infecté(s): 459

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smileyapp (Adware.DoubleD) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome\locale (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\searchplugins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\0.0.0.0 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\0.0.0.0\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\0.0.0.0\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\0.0.0.0\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\0.0.0.0\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\bin (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\OEActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\HookAPINT.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\msvcr80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\MyDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\ProductInfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Riched20Smiley.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbAol.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbappHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbasst.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbIE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbMsn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbOL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbOLEX.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbsvc.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbYahoo8.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbYahoo9.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\DDAutoComplete.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\SmileyCore.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\TBFFHelper.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\bin\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\Module_WebDropdown_07.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_07.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\Module_WebDropdown_07.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.4.20920\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090721-165142.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090721-175617.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090721-201655.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090721-202503.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090721-223247.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090723-000410.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-010706.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-095635.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-100240.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-102717.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-102806.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-151929.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090725-193303.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-090357.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-090532.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-090715.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-091915.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-094811.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-125930.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-165216.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-171035.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-193655.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-193726.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-193838.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-213751.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-213829.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-215345.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-193601.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-201315.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-203755.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-180450.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090802-133919.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-135816.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-194913.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-200931.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-201105.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090806-121748.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\FATHI\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.43
    0
  12. Utilisateur anonyme
     
    réouvre malewarebyte's , va sur quarantaine et supprime tout

    relance RSIT et post log.txt stp

    0
  13. aikakouki Messages postés 75 Statut Membre 8
     
    Voila :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FATHI at 2009-09-01 16:05:27
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 163 GB (70%) free of 233 GB
    Total RAM: 2046 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:05:31, on 01/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\NETGEAR\WPN111\wpn111.exe
    C:\Documents and Settings\FATHI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    D:\sauve1\RSIT(2).exe
    C:\Program Files\trend micro\FATHI.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: CoolIrisIEHelperObject.CoolIrisIEBHO - {AD0BAB4B-212D-45D7-9E5B-CB1579132715} - C:\Program Files\CoolIris\CoolIrisIEHelperObject.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll
    O2 - BHO: TBSB00982 - {DA3D342F-FF20-4E31-9E82-22334155730C} - C:\Documents and Settings\FATHI\Desktop\Musique Rémi\Antbar\Ant.com Toolbar\tbcore3.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: Ant.com Toolbar - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} - C:\Documents and Settings\FATHI\Desktop\Musique Rémi\Antbar\Ant.com Toolbar\tbcore3.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\FATHI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
    O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - C:\Program Files\CoolIris\CoolIrisPreferences.exe
    O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - C:\Program Files\CoolIris\CoolIrisPreferences.exe
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} (QuickUpload) - http://a01-b01.mypicturetown.com/P2PwebCmdController/x/Upld_47.CAB
    O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    0
  14. Utilisateur anonyme
     
    relance Usbfix et choisis l option vaccination

    #########

    je te conseil de faire du ménage dans tes toolbars

    info : https://forum.malekal.com/viewtopic.php?f=45&t=6173

    #########

    ▶ Télécharge OTM de OldTimer sur ton Bureau.

    • Double-clique sur OTM.exe afin de le lancer.

    • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    C:\UsbFix.txt
    C:\UsbFix
    C:\Program Files\trend micro
    C:\Program Files\AVG
    C:\Rsit

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    :commands
    [emptytemp]
    [reboot]


    • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

    • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    ▶ Accepte en cliquant sur YES.

    Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log


    ###########

    → Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.

    → Double clique sur ToolsCleaner2.exe
    → Clique sur .Recherche
    → puis sur Suppression quand la liste est trouvée.
    Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

    CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
    Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

    Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

    ############

    *Désactive ta restauration :
    Clique droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
    ---> Redémarre ton PC ...

    *Réactive ta restauration :
    Clique droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
    --->Redémarre ton PC ...

    ( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

    Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924
    0
  15. aikakouki Messages postés 75 Statut Membre 8
     
    J'ai un problème, lorsque je copie-colle le rapport de OTM et que je clique sur MOveit, il y a marqué " all processus killed" et l'ordinateur se stoppe immédiatement et l'écran devient bleu donc je suis obliger de l'éteindre et de le rallumer ensuite donc je ne peux obtenir le rapport.

    Par contre j'ai remarqué que sur IE, il n'y a plus marqué "Hacked by x4x".
    0
  16. Utilisateur anonyme
     
    a la place de OTM fais ceci

    va a ce fichier : C:\Program Files\trend micro\FATHI.exe

    c est hijackthis , double clic dessus et choisi do a system scan only

    dans la liste coche ces lignes :

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} (QuickUpload) - http://a01-b01.mypicturetown.com/P2PwebCmdController/x/Upld_47.CAB
    O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab

    tu les coches et tu clic sur fix checked

    apres passe a toolcleaner et la restauration

    0
  17. aikakouki Messages postés 75 Statut Membre 8
     
    Voila j'ai tout fait, juste que je n'ai pas trouvé le rapport de toolscleaner.
    0
  18. aikakouki Messages postés 75 Statut Membre 8
     
    Et bien juste que j'ai le même virus sur mon PC portable ^^.
    Pour le réparer, je peux refaire la même démarche tout seul ou il faut que je le fasse avec l'aide d'un connaisseur comme toi ?

    Au fait, merci beaucoup pour ton aide.
    0
  19. Utilisateur anonyme
     
    et bien on peut continuer ici

    post un scan RSIT de ton portable
    0
  20. aikakouki Messages postés 75 Statut Membre 8
     
    Ok, sa va prendre quelqu minutes le temps que je mette internet sur le portable mais merci encore ;)
    0
  • 1
  • 2
  • 3
  • 4