Pub intempestive Résolu

Question

Bonjour, depuis quelques jours, j'ai des fenetres qui s'ouvrent dès que je charge une nouvelle page internet. Celles ci ne s'ouvrent pas lorsque je ne suis pas entrain de travailler sur le net. Ces fenetres ont apparut depuis que ma fille a ouvert un mail un peu suspect et a téléchargé un fichier lui aussi suspect... Mon antivirus est Kaspersky, j'ai fait une analyse complète du système, mais rien n'a changé malgré la "réparation des problemes". Si vous pouvez m'aider, je serais peut etre heureux :). 
Merci à tous

Utilisateur anonyme · Answer

Salut, Fait ceci : ✿ Installe Hijackthis sur ton bureaux >>> Pour installer Hijackthis clique ici <<< ☞ Installe le sur ton bureaux ☞ Aide toi de ceci pour me faire le rapport et l'envoyer ☞ Clique sur l'icone de Hijackthis sur ton bureaux ☞ Choisit l'option "Do a system scan and save a logfile" ☞ Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le meme dossier que hijackthis.exe. Faire édition / selectionner tout ☞ Copie le et envoie le dans ta prochaine reponse dans le Topic [!] Pour les utilisateurs de Vista faudra desactiver l'UAC [!] ► Voici la marche à suivre afin de désactiver l’UAC ● Double-clique sur l’icône “Comptes d’utilisateurs” ● Clique ensuite sur “Activer ou désactiver le contrôle des comptes d’utilisateurs” ● Windows (l’UAC) vous demande alors une confirmation, cliquez sur le bouton “Continuer“ ● Dans la fenêtre qui vient de s’ouvrir, décoche la case “Utiliser le contrôle des comptes d’utilisateurs pour vous aider à protéger votre ordinateur” puis clique sur “OK” ► Redémarre ensuite ton ordinateur pour que les changements prennent effet. Dorénavant Windows Vista ne te demandera plus l’autorisation afin de procéder à l’installation d’un logiciel ou lors de l’accès à certains fichiers.

Utilisateur anonyme · Answer

Voici le rapport HijackThis comme demandé, ca m'a l'air un peu long :s : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:06, on 08/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
E:\D-Link\acs.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
E:\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\Quicktime\QTTask.exe
C:\WINDOWS\system32\dla	fswctrl.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Nokia PC Suite\Nokia PC Suite 7\PCSuite.exe
E:\SetPoint\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\SetPoint\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Mozilla\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Dl\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1.5FO\STREAM~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {323935E8-F721-46D5-B350-883E7EE4A035} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {4535F4BB-5723-4430-9B72-73F413474A67} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll
O2 - BHO: (no name) - {60E2746A-9C2E-45A2-85CE-7E1A8A890961} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\VEOH\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [TrustInstaller] "F:\Setup.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla	fswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] E:\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [TomTomHOME.exe] "E:\Tomtom\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Nokia PC Suite\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKCU\..\Policies\Explorer\Run: [{7CFB11AE-0BB0-1036-0812-050509300021}] "C:\Program Files\Fichiers communs\{7CFB11AE-0BB0-1036-0812-050509300021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\SetPoint\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\SetPoint\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Office10\OSA.EXE
O4 - Global Startup: Nokia Ovi Suite.lnk = E:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B41B0E94-0518-4832-9E97-8263242FF050} (CLive66_Checker_Ctrl Class) - http://webserver.live66.com/msn/Live66_Checker3.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\SetPoint\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O20 - Winlogon Notify: iifedcc - iifedcc.dll (file missing)
O20 - Winlogon Notify: wintfj32 - wintfj32.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\D-Link\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TwonkyMedia - PacketVideo - E:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe

Utilisateur anonyme · Answer

Fait ceci :


&#9758; Installe sur ton bureaux Navilog * Installer Navilog

&#9758; Double-clique sur Navilog (ou Navilog.bat) qui se trouve ton Bureau
&#9758; Tape "F" ( Français )  avec le clavier, puis tape la touche "Entrée"
&#9758; Un avertissement se presente Appuye 3 fois sur la touche "Espace".
&#9758; Navilog te demande de faire un choix, sélectionne l'option 1-Recherche (avec la touche 1).

Le scan commence, patiente, il peux prendre de 2 à 10 min.

Quand le scan sera terminé, Tape sur la touche "Espace".
Un rapport apparaitras sous forme de bloc-notes.

Clique sur Édition >> Sélectionner Tout
Puis sur Édition >> Copier.

Et colle le dans ta prochaine réponse ...

Utilisateur anonyme · Answer

Merci pour tes réponses si rapides. Voici le rapport Navilog : 
Fix Navipromo version 4.0.2 commencé le 08/09/2009 18:29:17,64

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files
avilog1

Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : Nathan ( Administrator )
BOOT : Normal boot

Antivirus : Kaspersky Internet Security 8.0.0.357 (Activated)
Firewall  : Kaspersky Internet Security 8.0.0.357 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:195 Go (Free:54 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)


Recherche executée en mode normal 

Nettoyage exécuté au redémarrage de l'ordinateur


C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32
vs2.inf supprimé !


Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Nathan\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !

C:\WINDOWS\system32\aybeg.ini2 trouvé ! Infection Vundo possible non traitée par cet outil !
C:\WINDOWS\system32\cdeeg.ini2 trouvé ! Infection Vundo possible non traitée par cet outil !
C:\WINDOWS\system32\hjllm.ini2 trouvé ! Infection Vundo possible non traitée par cet outil !
C:\WINDOWS\system32\aybeg.bak1 trouvé ! Infection Vundo possible non traitée par cet outil !
C:\WINDOWS\system32\aybeg.bak2 trouvé ! Infection Vundo possible non traitée par cet outil !



*** Scan terminé 08/09/2009 18:56:02,59 ***

Utilisateur anonyme · Answer

Relance Navilog 

Mais cette fois quand l'avertissement apparait choisit l'option 2 ( Désinfection automatique )
clique sur OK à chaque fois.

Le rapport va s'ouvrir alors... Vérifie bien que dans la partie Mode suppression manuelle, les fichiers soient bien mentionnés comme supprimé.


# Le rapport de désinfection est créé sur le bureau et porte le nom de cleanavi.txt

--> Copie/colle le contenu de ce rapport dans ta prochaine reponse dans le Topic

Utilisateur anonyme · Answer

L'option 1 c'est : Recherche/Désinfection Automatique 
L'option 2 c'est : Désinfection Manuelle par saisie Non Adware

Etant donné que j'ai fait l'option 1 avant, je ne comprend pas trop ce que tu me demandes 
Merci :)

Utilisateur anonyme · Answer

Ok,

Procéde par étapes :

 (!) Faire une mise à jour du logiciel avant de le manipuler (!)

&#9830; Installe Malwarbytes sur ton bureaux 

&#10047;&#10047; Pour installer Malwarbytes clique ici &#10047;&#10047;

&#9758; Sélectionne "Exécuter un examen complet" puis clique sur le bouton Rechercher pour lancer le scan.
&#9758; Clique sur le bouton "Lancer l'examen" pour démarrer le scan.
&#9758; Clique sur le bouton "Supprimer la sélection" en bas à gauche.
&#9758; Un rapport de scan s'ouvre,  sélectionne tout copie le et colle le dans ta prochaine réponse.



~~~~~~> Tuto Malwarbytes

^^Marie^^ · Answer

Salut

Pour INFO :

MBAM ne résout pas les soucis en début d'infection, bien au contraire, il risque de cacher certaines véroles.
Donc, il serait judicieux de s'en servir en fin de désinfection
Dans le cas présent
Faire un nettoyage des infections BT et Smitfraud.
Vundo viendra par la suite
++

Utilisateur anonyme · Answer

Merci pour l'info. C'est quoi BT ?

Utilisateur anonyme · Answer

► Installe sur ton bureaux Smitfraudix ☞ Clique ici pour installer Smitfraudix ● Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip ● Ouvre le dossier SmitfraudFix double clic surSmitfraudFix.cmd ● Choisis l'option 1 (Recherche) et appuie sur Entrée ● Réponds (Oui) aux deux questions suivantes si elles sont posées ● Un rapport sera généré copie/colle le contenu du rapport ici # Tuto

Utilisateur anonyme · Answer

Alors j'arrete l'analyse de Malwarebytes ?

Utilisateur anonyme · Answer

C'est les Toolbar mais ont s'en débaraseras apres cette étape ;-)

Utilisateur anonyme · Answer

Oui arrete la on la feras aussi apres ...

Utilisateur anonyme · Answer

Voici le rapport Smitfraudix : 

SmitFraudFix v2.423

Rapport fait à 20:15:13,87, 08/09/2009
Executé à partir de E:\Mozilla\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
E:\D-Link\acs.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
E:\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla	fswctrl.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
E:\SetPoint\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\SetPoint\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Mozilla\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\config.ini PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nathan


»»»»»»»»»»»»»»»»»»»»»»»» E:\TEMP


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nathan\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Nathan\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
 

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"="C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{727EDAA0-1613-411D-9D0B-D01086B173F6}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C67C8CBB-2FA4-4C0F-BF59-0D06B8C26562}: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CS3\Services\Tcpip\..\{7019BA10-03A3-4966-9160-C566ED82D6CC}: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Utilisateur anonyme · Answer

Redémarre en mode sans echec

Pour redémarrer en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier. Tu dois tapoter sur la touche F8 seulement après le changement du premier écran, si tu le faites trop tôt, t'obtiendras , un "boot menu".

Relance Smitfraudix

--> Mais cette fois choisit l'option 2 ..

Attendre la fin du scan ...

* SmitFraudfix peut te demander si tu désire nettoyer le registre, réponde oui à la question, pour cela tape sur la touche o puis valide par la touche entrée.


Une fois le nettoyage terminé, SmitFraudfix ouvre le rapport de nettoyage sur le bloc-note.
(!) La connexion internet ne fonctionne pas en mode sans échec, enregistrez le rapport sur le bureau.(!) 


Copie le rapport et colle son intégralité dans ta prochaine reponse ...

Utilisateur anonyme · Answer

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS 

C:\WINDOWS\config.ini PRESENT ! 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

Utilisateur anonyme · Answer

Voici le rapport de SmitFraudfix en mode sans echec : 

SmitFraudFix v2.423

Rapport fait à 20:25:09,03, 08/09/2009
Executé à partir de E:\Mozilla\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
...

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\config.ini supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{727EDAA0-1613-411D-9D0B-D01086B173F6}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C67C8CBB-2FA4-4C0F-BF59-0D06B8C26562}: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CS3\Services\Tcpip\..\{7019BA10-03A3-4966-9160-C566ED82D6CC}: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=82.216.111.123 82.216.111.124 82.216.111.125


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK.2



»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Utilisateur anonyme · Answer

► Télécharge sur ton bureaux Toolbar S&D ( par Eric_71 ) <<< Pour installer Toolbar S&D clique ici >>> ✿ Clique sur l'icone ToolbarS&D.exe ✿ Installe le sur ton bureaux ✿ Une nouvelle icone (avec écrit Toolbar S&D noir) est alors crée sur le bureau qui permet de démarrer le programme clique deçus ✿ Le programme se lance... tu dois choisir la langue. ✿ Pour choisir en français, tape sur la touche F et valide . # T'arrive alors sur le menu principal de ToolBar S&D : ● L'option 1 : Recherche permet de rechercher l'infection ● L'option 2 : Supprimes les infections détectées Tu va d'abord choisirs l'option 1 ( Recherche ) (Le menu Démarrer et les icônes vont disparaitrent, c'est normal.) La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien. ► Une fois l'analyse terminé, le rapport de recherche s'ouvre sur le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt) Séléctionne tout, copie sont contenue et colle le dans ta prochaine réponse sur le Topic. (!) Avant de démarrer le programme, désactive les antispywares (!)

Utilisateur anonyme · Answer

Voici le rapport ToolBar S&D : -----------\ ToolBar S&D 1.1.5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz ) BIOS : Award Medallion BIOS v6.00PG USER : Nathan ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Internet Security 8.0.0.357 (Not Activated) Firewall : Kaspersky Internet Security 8.0.0.357 (Activated) "C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 ) Option : [1] ( 08/09/2009|21:05 ) -----------\ Recherche de Fichiers / Dossiers ... C:\Program Files\BitLord C:\Program Files\BitLord\BitLord.xml C:\Program Files\BitLord\Downloads C:\Program Files\BitLord\Downloads.xml C:\Program Files\BitLord\lang C:\Program Files\BitLord ules C:\Program Files\BitLord\Torrents C:\DOCUME~1\Nathan\Bureau\BitLord.lnk C:\DOCUME~1\Nathan\MENUDM~1\PROGRA~1\BitLord -----------\ Extensions (Am‚lie) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Florine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar (Nathan) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Nathan) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\windows\system32\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Prev Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Url"="http://www.microsoft.com/athome/community/rss.xml" "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true" "Url"="http://www.microsoft.com/atwork/community/rss.xml" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\windows\system32\blank.htm" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\ Recherche d'autres infections C:\WINDOWS\System32 vvmmd.dat C:\WINDOWS\System32 vvmmd_nav.dat C:\WINDOWS\System32 vvmmd_navps.dat [b]==> EGDACCESS <==/b C:\WINDOWS\system32\aybeg.bak1 C:\WINDOWS\system32\aybeg.bak2 C:\WINDOWS\system32\aybeg.ini C:\WINDOWS\system32\aybeg.ini2 C:\WINDOWS\system32\cdeeg.ini C:\WINDOWS\system32\cdeeg.ini2 C:\WINDOWS\system32\hjllm.ini C:\WINDOWS\system32\hjllm.ini2 [b]==> VUNDO <==/b -----------\ Fin du rapport a 21:09:43,76

Utilisateur anonyme · Answer

~~~~~~~~~~~~Nettoyage~~~~~~~~~~~~~


&#9658; Pour lancer le nettoyage via ToolBar S&D, relance le programme.
&#9658; Dans le menu principal, tape 2 et valide


Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
Le nettoyage va prendre quelques minutes...

    (!) Ne ferme pas la fenètre pendant la suppression (!)

Une fois le nettoyage terminée, le rapport de nettoyage s'ouvre, sélectionne tout copie son intégralité et colle le dans ta prochaine réponse...

Utilisateur anonyme · Answer

Voici le rapport de TB avec l'option suppression : -----------\ ToolBar S&D 1.1.5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz ) BIOS : Award Medallion BIOS v6.00PG USER : Nathan ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Internet Security 8.0.0.357 (Not Activated) Firewall : Kaspersky Internet Security 8.0.0.357 (Activated) "C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 ) Option : [2] ( 08/09/2009|23:01 ) -----------\ SUPPRESSION Supprime! - C:\Program Files\BitLord\BitLord.xml Supprime! - C:\Program Files\BitLord\Downloads Supprime! - C:\Program Files\BitLord\Downloads.xml Supprime! - C:\Program Files\BitLord\lang Supprime! - C:\Program Files\BitLord ules Supprime! - C:\Program Files\BitLord\Torrents Supprime! - C:\DOCUME~1\Nathan\Bureau\BitLord.lnk Supprime! - C:\DOCUME~1\Nathan\MENUDM~1\PROGRA~1\BitLord Supprime! - C:\Program Files\BitLord -----------\ Recherche de Fichiers / Dossiers ... -----------\ Extensions (Am‚lie) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Florine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar (Nathan) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Nathan) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\windows\system32\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Prev Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Url"="http://www.microsoft.com/athome/community/rss.xml" "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true" "Url"="http://www.microsoft.com/atwork/community/rss.xml" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\windows\system32\blank.htm" "Start Page"="https://www.msn.com/fr-fr/" --------------------\ Recherche d'autres infections C:\WINDOWS\System32 vvmmd.dat C:\WINDOWS\System32 vvmmd_nav.dat C:\WINDOWS\System32 vvmmd_navps.dat [b]==> EGDACCESS <==/b C:\WINDOWS\system32\aybeg.bak1 C:\WINDOWS\system32\aybeg.bak2 C:\WINDOWS\system32\aybeg.ini C:\WINDOWS\system32\aybeg.ini2 C:\WINDOWS\system32\cdeeg.ini C:\WINDOWS\system32\cdeeg.ini2 C:\WINDOWS\system32\hjllm.ini C:\WINDOWS\system32\hjllm.ini2 [b]==> VUNDO <==/b -----------\ Fin du rapport a 23:04:14,57

Utilisateur anonyme · Answer

Ok maintenant fait l'analyse avec Malwarbytes supprime les infections trouvé et envoie le rapport ...

Utilisateur anonyme · Answer

Ok, je vais faire l'analyse. Je vais laisser le pc tourner jusqu'à demain parce qu'apparament c'est tres long :s. Je vous envoie le rapport demain. Merci encore pour l'aide que vous m'apportez :)

Utilisateur anonyme · Answer

Exact' Nathandre ;-)

Utilisateur anonyme · Answer

@ demain ..

Utilisateur anonyme · Answer

Apres cette longue journée de travail, je retourne sur mon soucis de pub intempestives. Voici le rapport de Malwarebytes apres avoir supprimé les infections : 

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2758
Windows 5.1.2600 Service Pack 3

09/09/2009 07:26:22
mbam-log-2009-09-09 (07-26-21).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 394964
Temps écoulé: 2 hour(s), 2 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 49
Fichier(s) infecté(s): 514

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1daefcb9-06c8-47c6-8f20-3fb54b244daa} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{60e2746a-9c2e-45a2-85ce-7e1a8a890961} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b8c5186e-ec37-4889-9c2e-f73649ffb7bb} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60e2746a-9c2e-45a2-85ce-7e1a8a890961} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PSRV (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wintfj32 (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\{7cfb11ae-0bb0-1036-0812-050509300021} (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Florine\Application Data\searchtoolbarcorp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Florine\Application Data\searchtoolbarcorp\Toolbar Vision (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{39BC4840-C049-42A8-9C21-C23448710769}\RP859\A0585614.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Florine\Application Data\searchtoolbarcorp\Toolbar Vision\PageHistory.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Florine\Application Data\searchtoolbarcorp\Toolbar Vision\WebHistory.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_07.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_08.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_09.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_10.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_11.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_12.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_13.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_WebDropdown_14.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data	bcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_-4.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_-4.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_-5.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_-5.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_08.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_08.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_09.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_09.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_10.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_10.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_11.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_11.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_12.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_12.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_13.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_13.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_14.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_WebDropdown_14.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-181628.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090905-124654.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090905-124658.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090905-124703.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-114511.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-114518.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-123656.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-133605.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-134629.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-135542.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-140023.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-165042.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-173928.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-174122.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-174202.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-105437.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-112519.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-112534.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-113409.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-123118.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-140612.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-141610.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-144502.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-144650.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-152412.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-153430.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Amélie\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630status.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-235914.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-000613.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-000615.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-001249.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-002653.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-180003.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-180004.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-181348.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-181813.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-194420.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090906-195844.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-071832.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-191519.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-200313.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-200327.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-214521.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-214910.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-215050.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-215203.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-222341.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-173539.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-174351.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-185704.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-190016.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-191139.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-192020.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-200149.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-202424.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-205448.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-221022.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-225311.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-230009.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-230428.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathan\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630status.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-154204.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-154350.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-154643.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-155649.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-160153.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-160419.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-160922.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-161535.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-161737.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-162001.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-162431.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-171016.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-171941.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-173510.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-175102.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-190922.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-191411.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-193840.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-202127.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-204818.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-212005.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090902-224829.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-112302.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-112306.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-112428.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-113438.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-114331.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-115813.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-120111.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-120152.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-121255.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-124831.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-124853.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-124922.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-124950.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125034.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125103.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125127.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125308.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125357.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125421.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-125813.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-140756.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-141449.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-205711.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-205744.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-215233.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-092614.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-093306.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-093324.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-114413.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-114717.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-121020.524.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-122344.649.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-125744.805.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-130430.165.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-130453.102.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-140420.555.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-181619.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-181833.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182618.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184018.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184755.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Yves\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-185801.781.log (Adware.DoubleD) -> Quarantined and

Utilisateur anonyme · Answer

Ont peut dire qu'il a fait du bon boulot :D


Maintenant fait moi un rapport Hijackthis pour voir les changements ..

n'oublie pas de désactiver l'UAC

Utilisateur anonyme · Answer

Voici le rapport Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:28:44, on 09/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
E:\D-Link\acs.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\dla	fswctrl.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
E:\SetPoint\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\SetPoint\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
E:\Mozilla\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Dl\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1.5FO\STREAM~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {323935E8-F721-46D5-B350-883E7EE4A035} - (no file)
O2 - BHO: (no name) - {4535F4BB-5723-4430-9B72-73F413474A67} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\VEOH\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [TrustInstaller] "F:\Setup.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla	fswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] E:\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [TomTomHOME.exe] "E:\Tomtom\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Nokia PC Suite\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Policies\Explorer\Run: [{7CFB11AE-0BB0-1036-0812-050509300021}] "C:\Program Files\Fichiers communs\{7CFB11AE-0BB0-1036-0812-050509300021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-583907252-1767777339-725345543-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Yves')
O4 - HKUS\S-1-5-21-583907252-1767777339-725345543-1004\..\Run: [DAEMON Tools] "E:\DAEMON Tools\daemon.exe" -lang 1033 (User 'Yves')
O4 - HKUS\S-1-5-21-583907252-1767777339-725345543-1004\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User 'Yves')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\SetPoint\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\SetPoint\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Office10\OSA.EXE
O4 - Global Startup: Nokia Ovi Suite.lnk = E:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B41B0E94-0518-4832-9E97-8263242FF050} (CLive66_Checker_Ctrl Class) - http://webserver.live66.com/msn/Live66_Checker3.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\SetPoint\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O20 - Winlogon Notify: iifedcc - iifedcc.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\D-Link\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TwonkyMedia - PacketVideo - E:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe

Utilisateur anonyme · Answer

Supprime manuellement ceci :

C:\Poker\Titan Poker\casino.exe 


( Tu as encore des Toolbar inféctieuse )

Utilisateur anonyme · Answer

Avec Hijackthis ? Désolé je débute un peu dans ce milieu ...

Utilisateur anonyme · Answer

Non manuellement 

Ordinateurs, Disque local C, Poker, Titan Poker, casino.exe

Suit le chemin ..

Utilisateur anonyme · Answer

Ah ok, ca je sais faire :) lol

Utilisateur anonyme · Answer

Ce dossier n'a pas l'air d'exister, ou alors il n'est pas apparent, pourtant j'ai la visualisation des dossiers cachés ..

Utilisateur anonyme · Answer

Ok ton rapport Hijackthis ne montre rien de méchant =) tu peux désinstaller les outils de désinfections ..

~~~~~~~ToolsCleaner~~~~~~~~~~

&#9670; Installe sur ton bureaux Toolscleaner depuis le lien du haut
&#9670; Double-clique dessus, puis clique sur Recherche --> Le programme va chercher les utilitaires installés


((!)) Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal ! ((!))


Copie-colle le contenu du rapport qui apparait dans la fenêtre blanche.

* Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, clique sur "Suppression" afin de les supprimer.

==> Vide ta corbeille
==> Quitte le programme

Et enfin postes le rapport qui se trouve ici  >>>  C:\TCleaner.txt

Utilisateur anonyme · Answer

Rapport de Toolscleaner : 

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche: 

C:\cleannavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\Toolbar SD: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Navilog1\catchme.exe: trouvé !

---------------------------------
--> Suppression: 

C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Navilog1\catchme.exe: supprimé !
C:\cleannavi.txt: supprimé !
C:\TB.txt: supprimé !
C:\Toolbar SD: supprimé !
C:\Program Files\Navilog1: supprimé !

Corbeille vidée!

Utilisateur anonyme · Answer

Un petit nettoyage, ( Apres avoir fait sa tien moi au courant )

Néttoyage avec CCleaner
******************************

Introduction :

&#9658; Tout d'abord ccleaner sert à faire un peut de ménage sur ton ordinateur :


&#9679; Il permet de nettoyer votre systeme :

=> Suppression de fichier temporaires
=> Cookie, historique, etc

&#9679; Il permet de reparer des erreurs dans le registre :

=> DLL partagées inexistantes
=> Programme obsolètes, etc

                     -------------------------------------------------------------------------------------

Installe CCleaner 

/!\ Décocher les options suivantes pendant l'installation :

1/ Contrôler automatiquement les mises à jour de CCleaner
2/ Ajouter la barre d'outils Yahoo! CCleaner

* Clique pour installer CCleaner


Avant manipulation configure le :

Option --> Propriétés --> Coche la case " éffacement Sécurisé du fichier (lent) "
Juste en bas choisit le mode Gutmann ( 35 passages )

&#9758; Onglet Windows  détermine les éléments de Windows qui seront supprimés par le nettoyeur en les cochants
&#9758; Clique sur Analyse
&#9758; Une fois l'analyse aboutie clique sur lancer le nettoyage

&#9758; Onglet  Applications ( les éléments appartenant à des applications Firefox, Flash etc..).
&#9758; Clique sur Analyse
&#9758; Une fois l'analyse aboutie clique sur lancer le nettoyage



Recherche des erreurs
*****************


&#9758; Clique sur l'onglet Registre 
&#9758; Ensuite sur chercher des erreurs
&#9758; Réparrer les erreurs séléctionées
&#9758; CCleaner te proposera d'enregistrer un fichier .reg qui est une sauvegarde ( Pas la peine )




&#9670; Tuto : Tutoriel sur CCleaner par Malekal

^^Marie^^ · Answer

Salut

Il aurait judicieux de faire une synthèse avant de conclure ;;))

Utilisateur anonyme · Answer

Exact' mais apres le nettoyage ;-)

Utilisateur anonyme · Answer

Voilà, j'ai fait tout ce que tu m'as dit avec CCleaner. Et maintenant xD. Merci encore pour votre aide :)

Utilisateur anonyme · Answer

Constate tu un changement ?

Utilisateur anonyme · Answer

Oui, j'ai plus de pub depuis le nettoyage avec Malwarebytes

Utilisateur anonyme · Answer

Ok,

Maintenant tu peux faire une analyse avec Kaspersky et supprimer les inféctions trouvé 

:-) Tu n'est plus infécté ;)


Première régle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas ! ( Malekal )


@+ Et n'oublie pas de mettre en resolue si tu sent que ton pc est stable ...

^^Marie^^ · Answer

Re

Il y a du boulot encore !! ;))


R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) 
 O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)  
 O2 - BHO: (no name) - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file) 
 O2 - BHO: (no name) - {323935E8-F721-46D5-B350-883E7EE4A035} - (no file) 
 O2 - BHO: (no name) - {4535F4BB-5723-4430-9B72-73F413474A67} - (no file) 
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll 
 O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll 
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll     
 O4 - HKLM\..\Run: [TrustInstaller] "F:\Setup.exe" 
 O4 - HKLM\..\Run: [QuickTime Task] "E:\Quicktime\QTTask.exe" -atboottime 
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" –
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe       
 O4 - HKCU\..\Policies\Explorer\Run: [{7CFB11AE-0BB0-1036-0812-050509300021}] "C:\Program Files\Fichiers communs\{7CFB11AE-0BB0-1036-0812-050509300021}\Update.exe" mc-110-12-0000272       
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')       
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')       
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')       
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')       
O4 - Global Startup: Microsoft Office.lnk = E:\Office10\OSA.EXE     
 O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) 
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\SetPoint\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll    
 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll      
 O20 - Winlogon Notify: iifedcc - iifedcc.dll (file missing) 
 O23 - Service: TwonkyMedia - PacketVideo - E:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe   


@+++

Utilisateur anonyme · Answer

En ce qui concerne &Yahoo! Toolbar Helper tu peux la supprimer si tu veux par ajou/suppression de programme elle n'est pas dangereuse ...


En ce qui concerne les autres ce sont des inscriptions superflue non dangereuse ;)

Utilisateur anonyme · Answer

Oui presque sure ^^'

Mais il peut toujours les fixés avec Hijackthis voir les supprimés

Utilisateur anonyme · Answer

Je pose aussi la question, es tu sur de ton coup ? Désolé de douter de votre expérience ''MONSTRUEUSE'' comparé à la mienne

toptitbal · Answer

Celle-là ne me semble pas catholique :

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll


https://www.systemlookup.com/lists.php?list=1&type=clsid&search=32099AAC-C132-4136-9E9A-4E364A424E17&s=

Utilisateur anonyme · Answer

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

Tu peux supprimer cette Toolbar via ajout/suppression de programmes .

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

Cette Toolbar devait etre supprimer par Toolbar S&D 


Donc oui il reste quuelques petit truc, mais non DANGEREUX

Utilisateur anonyme · Answer

je crains qu'il reste des traces de vundo

Pub intempestive

49 réponses

Votre réponse

Discussions similaires

Newsletters