Antivirus Live :@
Résolu
Oli147963
Messages postés
31
Date d'inscription
Statut
Membre
Dernière intervention
-
CHRIIS 78 -
CHRIIS 78 -
Bonjour a tous,
J'ai un gros problème avec un de mes ordinateurs. C'est à dire que j'ai un genre de virus.. Je ne peux acceder a aucun site internet sauf celui où il me dise d'acheter leur antivirus(antivirus live) , il envoie des popup de site XXX,
Je ne peux pas acceder au panneau de configuration non plus.
Quand j'essaye d'aller sur google par exemple, il me ramene sur le site:
http://os-guard2010.microsoft.com/block.php?r=59.11
Aider moi je ne sais plus quoi faire.. Le pc est inutilisable..
Merci d'avance.
Olivier
J'ai un gros problème avec un de mes ordinateurs. C'est à dire que j'ai un genre de virus.. Je ne peux acceder a aucun site internet sauf celui où il me dise d'acheter leur antivirus(antivirus live) , il envoie des popup de site XXX,
Je ne peux pas acceder au panneau de configuration non plus.
Quand j'essaye d'aller sur google par exemple, il me ramene sur le site:
http://os-guard2010.microsoft.com/block.php?r=59.11
Aider moi je ne sais plus quoi faire.. Le pc est inutilisable..
Merci d'avance.
Olivier
A voir également:
- Antivirus Live :@
- Windows live mail - Télécharger - Mail
- L'équipe live tv comment ça marche - Accueil - TV & Vidéo
- Comodo antivirus - Télécharger - Sécurité
- Norton antivirus gratuit - Télécharger - Antivirus & Antimalwares
- Panda antivirus - Télécharger - Antivirus & Antimalwares
29 réponses
bonjour
désolée, j'étais absente depuis 3 jours
il faudrai relancer Malwarebytes, met le à jour d'abord
désolée, j'étais absente depuis 3 jours
il faudrai relancer Malwarebytes, met le à jour d'abord
bonsoir
tu as un rogue qui est un faux anti-spyware s'installant par le biais d'un trojan qu'il l'installe automatiquement sans notre autorisation, il se configure pour démarrer automatiquement, effectue de faux balayages et affiche de fausses alertes pour te pousser à acheter la version commerciale
Télécharge rkill depuis l'un des liens ci-dessous:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre le fichier sur le Bureau.
Désactive le module résident de l'antivirus et celui de l'antispyware.
Faire un double clic sur le fichier rkill téléchargé pour lancer l'outil.
Pour Vista, faire un clic droit sur le fichier [b]rkill/b téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Une fenêtre à fond noir va apparaître brièvement, puis disparaître.
Si rien ne se passe, ou si l'outil ne se lance pas, télécharger l'outil depuis un autre des quatre liens ci-dessus et faire une nouvelle tentative d'exécution
Surtout ne redémarre pas le PC
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
tu as un rogue qui est un faux anti-spyware s'installant par le biais d'un trojan qu'il l'installe automatiquement sans notre autorisation, il se configure pour démarrer automatiquement, effectue de faux balayages et affiche de fausses alertes pour te pousser à acheter la version commerciale
Télécharge rkill depuis l'un des liens ci-dessous:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre le fichier sur le Bureau.
Désactive le module résident de l'antivirus et celui de l'antispyware.
Faire un double clic sur le fichier rkill téléchargé pour lancer l'outil.
Pour Vista, faire un clic droit sur le fichier [b]rkill/b téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Une fenêtre à fond noir va apparaître brièvement, puis disparaître.
Si rien ne se passe, ou si l'outil ne se lance pas, télécharger l'outil depuis un autre des quatre liens ci-dessus et faire une nouvelle tentative d'exécution
Surtout ne redémarre pas le PC
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
Merci pour ta reponse aussi rapide :)
Mais j'ai toujours le meme problème car je ne peux pas ouvrir l'outil rkill un message me dis:
Security warning
Applicationcannot be executed. The file rkill.com in infected.
Do tou want to activate your antivirus software now?
Si je dis oui il me mene au site pour acheter l'antivirus et si je dis non rien ne se passe..
Sa me dis la meme chose pour tout se que j'essaye d'ouvrir.
Merci encore
Mais j'ai toujours le meme problème car je ne peux pas ouvrir l'outil rkill un message me dis:
Security warning
Applicationcannot be executed. The file rkill.com in infected.
Do tou want to activate your antivirus software now?
Si je dis oui il me mene au site pour acheter l'antivirus et si je dis non rien ne se passe..
Sa me dis la meme chose pour tout se que j'essaye d'ouvrir.
Merci encore
bonjour
tu as un rogue coriace, pour se faire, il faudrai neutraliser son processus
Télécharge Hijackthis, outil de diagnostic et de réparation
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
* Clique sur exécutable, et clique sur enregistrer
* Place Hijackthis.exe sur ton bureau, puis lance le
* Clique sur exécuter
* Clique sur Do a system scan and save a log file
* Clique sur Save log pour enregistrer le rapport qui s'ouvrira
avec le bloc-note
* Poste le rapport
tu as un rogue coriace, pour se faire, il faudrai neutraliser son processus
Télécharge Hijackthis, outil de diagnostic et de réparation
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
* Clique sur exécutable, et clique sur enregistrer
* Place Hijackthis.exe sur ton bureau, puis lance le
* Clique sur exécuter
* Clique sur Do a system scan and save a log file
* Clique sur Save log pour enregistrer le rapport qui s'ouvrira
avec le bloc-note
* Poste le rapport
Toujours un petit messages quand j'essaye d'ouvrir Hijackthis.
Security warning
Applicationcannot be executed. The file Hijackthis.exe in infected.
Do tou want to activate your antivirus software now?
Je sais pas si sa peux aider mais sur la session inviter, il n'y a aucunne présence de ce rogue.
Merci encore et encore!
Security warning
Applicationcannot be executed. The file Hijackthis.exe in infected.
Do tou want to activate your antivirus software now?
Je sais pas si sa peux aider mais sur la session inviter, il n'y a aucunne présence de ce rogue.
Merci encore et encore!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je peux t'envoyer le rapport que j'ai fais sur la session inviter je sais pas si sa peux servir..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:55, on 2009-12-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\vVX1000.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Invité\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:55, on 2009-12-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\vVX1000.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Invité\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
contre le rogue, ça va pas servir je pense
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-583907252-1123561945-725345543-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC
slt j'ai le mem problem es ke tu pourrai m'aider stp
j'ai télécharger HijackThis et sa me donne le rapport suivant
je voudrais savoir ce ke je dois sélectionner merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:31, on 26/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\Documents and Settings\Admin.XPSP2-8A5D89979\Mes documents\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [pnsnufqi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\gbwtbs\mbqwsysguard.exe
O4 - HKLM\..\Run: [moirmdvi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\iwxwes\mocksysguard.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AV] C:\Program Files\AV\Antivir.exe
O4 - HKCU\..\Run: [pnsnufqi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\gbwtbs\mbqwsysguard.exe
O4 - HKCU\..\Run: [moirmdvi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\iwxwes\mocksysguard.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: WiFi Station.lnk = ?
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
j'ai télécharger HijackThis et sa me donne le rapport suivant
je voudrais savoir ce ke je dois sélectionner merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:31, on 26/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\Documents and Settings\Admin.XPSP2-8A5D89979\Mes documents\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [pnsnufqi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\gbwtbs\mbqwsysguard.exe
O4 - HKLM\..\Run: [moirmdvi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\iwxwes\mocksysguard.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AV] C:\Program Files\AV\Antivir.exe
O4 - HKCU\..\Run: [pnsnufqi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\gbwtbs\mbqwsysguard.exe
O4 - HKCU\..\Run: [moirmdvi] C:\Documents and Settings\Admin.XPSP2-8A5D89979\Local Settings\Application Data\iwxwes\mocksysguard.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: WiFi Station.lnk = ?
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
Tu ma dis :
Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC
Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC
Voila le scan sur ma session à fonctionné :)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:21, on 2009-12-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Documents and Settings\Inconnu\Bureau\HijackThis.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\mshta.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\mshta.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\imapi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [EPSON Stylus NX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGA.EXE /FU "C:\WINDOWS\TEMP\E_S653.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [fepvghx] "c:\documents and settings\inconnu\local settings\application data\fepvghx.exe" fepvghx
O4 - HKCU\..\Run: [obeulivx] C:\Documents and Settings\Inconnu\Local Settings\Application Data\rmkaku\uevisysguard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:21, on 2009-12-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Documents and Settings\Inconnu\Bureau\HijackThis.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\mshta.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\mshta.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\imapi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [EPSON Stylus NX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGA.EXE /FU "C:\WINDOWS\TEMP\E_S653.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [fepvghx] "c:\documents and settings\inconnu\local settings\application data\fepvghx.exe" fepvghx
O4 - HKCU\..\Run: [obeulivx] C:\Documents and Settings\Inconnu\Local Settings\Application Data\rmkaku\uevisysguard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Si je comprend bien ca fonctionné :)
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
2009-12-16 20:03:17
mbam-log-2009-12-16 (20-03-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 192540
Temps écoulé: 1 hour(s), 30 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fepvghx (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\obeulivx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\rmkaku\uevisysguard.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Temp\e.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
2009-12-16 20:03:17
mbam-log-2009-12-16 (20-03-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 192540
Temps écoulé: 1 hour(s), 30 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fepvghx (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\obeulivx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\pxrajdlu.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Application Data\rmkaku\uevisysguard.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Inconnu\Local Settings\Temp\e.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Bonjour,
Antivirus vivre ou vivre antivirus 2010 est un spyware de voyous. Ce n'est pas un antivirus mais un faux virus.to supprimer antivirus en direct de votre ordinateur, suivez les instructions dans le lien ci-dessous
http://www.darfuns.com/spyware-removal/antivirus-live-2010/
Antivirus vivre ou vivre antivirus 2010 est un spyware de voyous. Ce n'est pas un antivirus mais un faux virus.to supprimer antivirus en direct de votre ordinateur, suivez les instructions dans le lien ci-dessous
http://www.darfuns.com/spyware-removal/antivirus-live-2010/
Non il n'est plus présent, il n'y a plus de popup et j'ai de nouveau accesa tout mes documents!
Vraiment merci pour tout :) C'est vraiment gentil!
Maintenant, quel anti virus me conseil-tu ? (anti virus, fire wall, ...)
Vraiment merci pour tout :) C'est vraiment gentil!
Maintenant, quel anti virus me conseil-tu ? (anti virus, fire wall, ...)
Je te propose un anti-virus assez efficace, Avira Antivir
http://www.commentcamarche.net/telecharger/telecharger-55-antivir
Avira Antivir télécharge une pop-up qui propose la version payante lorsque qu'il se met à jour
quotidiennement. Ne pas s'inquiéter, ferme cette pop-up tout simplement
Configure le
https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal
http://www.commentcamarche.net/telecharger/telecharger-55-antivir
Avira Antivir télécharge une pop-up qui propose la version payante lorsque qu'il se met à jour
quotidiennement. Ne pas s'inquiéter, ferme cette pop-up tout simplement
Configure le
https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal
Non je ne crois pas que AVG soit corrompu, mais j'ai l'impression qu'il sert a rien!
Je vais pouvoir refaire un scan hijackthis seulement la semainnes prochaine, j'ai pas acces a mon PC cette semainnes.
Je vais pouvoir refaire un scan hijackthis seulement la semainnes prochaine, j'ai pas acces a mon PC cette semainnes.
Moi ce que j'ai fais pour règler le problème, c'est que j'ai éffectivement exécuté malware bytes et spybot s&d mais en mode sans-échec. Ca a fonctionné toute suite parce que je pouvais exécuter tous mes programmes y compris mon antivirus avira antivir. J'ai enrayé le problème mais je n'arrive pas a comprendre comment j'ai pu faire pour attraper ce virus. J'ai visiter ma boite de réception dans hotmail c'est tout et voilà j'ai été redirigé et j'avais le virus.
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
25/12/2009 09:42:07
mbam-log-2009-12-25 (09-42-02).txt
Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 269237
Temps écoulé: 44 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 28
Valeur(s) du Registre infectée(s): 13
Elément(s) de données du Registre infecté(s): 13
Dossier(s) infecté(s): 40
Fichier(s) infecté(s): 147
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{b6ae55bf-4617-93ef-6ea4-4e52199ca591} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{030a0f33-5b99-482e-83f5-2eeb8457878b} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VirRL2009 (Rogue.AntiVirusLab) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\zangosa (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reoebist (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wblogon (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.75.0 (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\zango@zango.com (Adware.Zango) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/ Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\IESkins (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> No action taken.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango (Adware.180Solutions) -> No action taken.
C:\resycled (Trojan.DNSChanger) -> No action taken.
C:\WINDOWS\system32\675873 (Trojan.BHO) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-1 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-13 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-14 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-15 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-16 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-18 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-20 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-8 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-9 (Worm.Brontok) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\Catherine\Local Settings\Application Data\ffhtke\pwhwsysguard.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\Program Files\Image-Line\Shared\DSP_IPP\Uninstall.exe (Rootkit.Agent) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\2780046.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023894 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052291 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000066868 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19052 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\193836 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\212398 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\533670 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6292 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\733622 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753311 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753331 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90358 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\ustat\3775.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Reset Cursor.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Customer Support Center.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Games!.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Library.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Screensavers!.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Videos!.lnk (Adware.180Solutions) -> No action taken.
C:\resycled\boot.com (Trojan.DNSChanger) -> No action taken.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\algg.exe (Trojan.Zlob) -> No action taken.
Version de la base de données: 3289
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
25/12/2009 09:42:07
mbam-log-2009-12-25 (09-42-02).txt
Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 269237
Temps écoulé: 44 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 28
Valeur(s) du Registre infectée(s): 13
Elément(s) de données du Registre infecté(s): 13
Dossier(s) infecté(s): 40
Fichier(s) infecté(s): 147
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{b6ae55bf-4617-93ef-6ea4-4e52199ca591} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{030a0f33-5b99-482e-83f5-2eeb8457878b} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VirRL2009 (Rogue.AntiVirusLab) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\zangosa (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reoebist (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wblogon (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.75.0 (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\zango@zango.com (Adware.Zango) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/ Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (https://laptopadviser.com/malware-removal/{searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\IESkins (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> No action taken.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango (Adware.180Solutions) -> No action taken.
C:\resycled (Trojan.DNSChanger) -> No action taken.
C:\WINDOWS\system32\675873 (Trojan.BHO) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-1 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-13 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-14 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-15 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-16 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-18 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-20 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-8 (Worm.Brontok) -> No action taken.
C:\Documents and Settings\Catherine\Local Settings\Application Data\Bron.tok-12-9 (Worm.Brontok) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\Catherine\Local Settings\Application Data\ffhtke\pwhwsysguard.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\Program Files\Image-Line\Shared\DSP_IPP\Uninstall.exe (Rootkit.Agent) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\2780046.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023894 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052291 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000066868 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19052 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\193836 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\212398 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\533670 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6292 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\733622 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753311 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753331 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90358 (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\dynamic\ustat\3775.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\Catherine\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Reset Cursor.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Customer Support Center.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Games!.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Library.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Screensavers!.lnk (Adware.180Solutions) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango\Zango Videos!.lnk (Adware.180Solutions) -> No action taken.
C:\resycled\boot.com (Trojan.DNSChanger) -> No action taken.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\algg.exe (Trojan.Zlob) -> No action taken.