A voir également:
- Mon Pc est lent , mon Exploreur ferme seul
- Mon pc est lent - Guide
- Mon mac est lent comment le nettoyer - Guide
- Comment reinitialiser mon pc - Guide
- Plus de son sur mon pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
11 réponses
Bonsoir
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
Re
Commençons par l'outil le plus costaud.
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ou ici : https://forospyware.com
>Renomme le pour l'enregistrer sur ton bureau en asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista « exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
- Installe le console de récupération comme demandé ;utile en cas de plantage
- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordinateur (plantage complet)
::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes
@+
Commençons par l'outil le plus costaud.
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ou ici : https://forospyware.com
>Renomme le pour l'enregistrer sur ton bureau en asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista « exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
- Installe le console de récupération comme demandé ;utile en cas de plantage
- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordinateur (plantage complet)
::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes
@+
j'ai une fenêtre qui me dit:
instalation de console de récupération
Veuillez accepter en cliquant sur oui/Yes le contrat de license utilisateur final CLUF qui suit...
Avant ca il y avait une fenêtre qui me disait que je devait douwnloader un programme pour crée la console de récupération et que je devais laisser mon internet actif
instalation de console de récupération
Veuillez accepter en cliquant sur oui/Yes le contrat de license utilisateur final CLUF qui suit...
Avant ca il y avait une fenêtre qui me disait que je devait douwnloader un programme pour crée la console de récupération et que je devais laisser mon internet actif
ComboFix 10-11-19.01 - Jacques Couillard 2010-11-19 19:48:20.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.511.220 [GMT -5:00]
Lancé depuis: c:\documents and settings\Jacques Couillard\Mes documents\douloudada.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\documents and settings\All Users\Application Data\QueryExplorer
c:\documents and settings\All Users\Application Data\QueryExplorer\queryexplorer116.exe
c:\documents and settings\All Users\Application Data\QueryExplorer\queryexplorer119.exe
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\About Us.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\ClickPotato Customer Support.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\About Us.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\Customer Support.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\ShopperReports Uninstall Instructions.lnk
c:\documents and settings\Jacques Couillard\Application Data\ClickPotatoLite
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\res2\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\res1\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\res1\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Recent\ANIMATION PAST..txt
c:\documents and settings\Jacques Couillard\Recent\Thumbs.db
c:\documents and settings\Jacques Couillard\Recent\Videora iPod touch Converter.url
c:\documents and settings\LocalService\Application Data\NetMon
c:\documents and settings\LocalService\Application Data\NetMon\domains.txt
c:\documents and settings\LocalService\Application Data\NetMon\log.txt
c:\program files\ClickPotatoLite
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAAX.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSABHO.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAHook.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteUninstaller.exe
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\chrome.manifest
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\install.rdf
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll
c:\program files\MicroAntivirus
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf
c:\program files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\settings.dat
c:\program files\myglobalsearch\bar\Settings\settings.dat.bak
c:\program files\myglobalsearch\bar\Settings\settings.htm
c:\program files\myglobalsearch\bar\Settings\settings.htm.bak
c:\program files\QueryExplorer
c:\program files\QueryExplorer\queryexplorer.dll
c:\program files\QueryExplorer\queryexplorer.exe
c:\program files\ShopperReports3
c:\program files\ShopperReports3\bin\3.0.491.0\BRNStie.dll
c:\program files\ShopperReports3\bin\3.0.491.0\CmndFF.dll
c:\program files\ShopperReports3\bin\3.0.491.0\CntntCntr.dll
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\program files\ShopperReports3\bin\3.0.491.0\link.ico
c:\program files\ShopperReports3\bin\3.0.491.0\moZIllaps.dll
c:\program files\ShopperReports3\bin\3.0.491.0\Pltfrm.dll
c:\program files\ShopperReports3\bin\3.0.491.0\ShopperReports.dll
c:\program files\ShopperReports3\bin\3.0.491.0\ShopperReportsUninstaller.exe
c:\program files\ShoppingReport2
c:\program files\ShoppingReport2\Bin\2.7.27\ShoppingReport.dll
c:\program files\ShoppingReport2\Uninst.exe
c:\program files\webhancer
c:\program files\webhancer\Programs\license.txt
c:\program files\webhancer\Programs\readme.txt
c:\program files\webhancer\Programs\sporder.dll
c:\program files\webhancer\Programs\webhdll.dll
c:\program files\webhancer\Programs\whagent.ini
c:\program files\webhancer\Programs\whinstaller.exe
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
c:\windows\jestertb.dll
c:\windows\pskt.ini
c:\windows\system32\aknvcrua.ini
c:\windows\system32\atmtd.dll
c:\windows\system32\atmtd.dll._
c:\windows\system32\cggramua.ini
c:\windows\system32\d2
c:\windows\system32\dnthssmq.ini
c:\windows\system32\donuvynu.ini
c:\windows\system32\dxinxmgs.ini
c:\windows\system32\EV02
c:\windows\system32\EV02\EV022328.exe
c:\windows\system32\ghrwarse.ini
c:\windows\system32\hmqxvvmr.ini
c:\windows\system32\iymylpeb.ini
c:\windows\system32\kbaijcuv.ini
c:\windows\system32\lewtccbn.ini
c:\windows\system32\luygvcwk.ini
c:\windows\system32\mcrh.tmp
c:\windows\system32\pac.txt
c:\windows\system32\pedxoqjs.ini
c:\windows\system32\qhdnfwxf.ini
c:\windows\system32\rAbHhRqr.ini
c:\windows\system32\rAbHhRqr.ini2
c:\windows\system32\Thumbs.db
c:\windows\system32\UpMedia
c:\windows\system32\winsrc.dll.tmp
c:\windows\system32\wmkbqbxc.ini
c:\windows\system32\wqqplrjk.ini
c:\windows\system32\xvsejfqh.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Legacy_QUERYEXPLORER_SERVICE
-------\Service_cmdService
-------\Service_Network Monitor
-------\Service_QueryExplorer Service
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-20 au 2010-11-20 ))))))))))))))))))))))))))))))))))))
.
2010-11-19 19:15 . 2010-11-19 19:22 -------- d-----w- c:\program files\ZHPDiag
2010-11-19 18:00 . 2010-11-19 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-11-19 18:00 . 2010-11-19 18:00 -------- d-----w- c:\windows\system32\drivers\NSS
2010-11-19 18:00 . 2010-11-19 18:00 -------- d-----w- c:\program files\NortonInstaller
2010-10-24 21:41 . 2010-10-24 21:41 -------- d-----w- C:\ProgramData
2010-10-24 18:20 . 2010-10-26 00:46 -------- d-----w- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Autodesk
2010-10-24 17:50 . 2010-10-24 17:50 304608 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\1036\ResourceCache.dll
2010-10-24 17:50 . 2010-10-24 17:50 302848 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\1033\ResourceCache.dll
2010-10-24 17:45 . 2010-10-24 17:45 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-10-24 17:44 . 2010-10-24 17:44 -------- d-----w- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Microsoft Help
2010-10-24 17:43 . 2010-10-24 17:43 -------- d-----w- c:\program files\Microsoft SDKs
2010-10-24 17:43 . 2010-10-24 17:43 -------- d-----w- c:\program files\Microsoft.NET
2010-10-24 17:43 . 2010-10-24 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-10-24 17:43 . 2010-10-24 17:45 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-10-24 17:41 . 2010-10-24 17:41 -------- d-----w- c:\windows\Logs
2010-10-24 17:40 . 2010-10-26 01:00 -------- d-----w- c:\program files\Fichiers communs\Autodesk Shared
2010-10-24 17:40 . 2010-10-26 00:46 -------- d-----w- c:\program files\Autodesk
2010-10-24 17:21 . 2010-10-31 03:18 -------- d-----w- c:\documents and settings\Jacques Couillard\Application Data\Autodesk
2010-10-24 17:21 . 2010-10-26 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-10-24 17:10 . 2010-10-25 22:59 -------- d-----w- C:\Autodesk
2010-10-24 14:19 . 2010-11-20 01:05 -------- d-----w- c:\program files\Fichiers communs\Akamai
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 16:23 . 2003-04-24 13:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2003-04-24 13:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2003-04-24 13:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2003-04-24 13:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:50 . 2006-06-23 18:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:50 . 2003-04-24 13:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:50 . 2003-04-24 13:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51 . 2003-04-24 13:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:55 . 2003-06-04 18:17 1852928 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2003-04-24 13:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:58 . 2003-04-24 13:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 11:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2003-03-28 17:54 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2003-04-24 13:00 617472 ----a-w- c:\windows\system32\comctl32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-09-28 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2009-07-26 3883856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-08 94208]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-02-29 16384]
"Gestionnaire Antidote.exe"="c:\progra~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe" [2005-06-22 386752]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-30 68856]
"Google Update"="c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-26 133104]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]
"WeatherEye"="c:\documents and settings\Jacques Couillard\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe" [2009-10-27 718232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-25 3022848]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"LVCOMS"="c:\windows\system32\LVComS.exe" [2002-06-10 102400]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2004-02-26 176128]
"Family Tree Builder Installer"="c:\program files\MyHeritage\Install MyHeritage Family Tree Builder.lnk" [2010-02-23 1042]
"ReminderApp"="c:\program files\Nova Development\Greeting Card Factory Photo Card Maker 2.0\ReminderApp.exe" [2008-10-07 180224]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Jacques Couillard\Menu D'marrer\Programmes\D'marrage\
Notification de cadeaux MSN.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-2-18 135680]
Outil de d'tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-3-15 299008]
Outil de notification Live Search.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2010-8-2 142336]
Xacti Screen Capture 1.1.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Installer\{37327654-EBF7-410C-9161-C24D68E02753}\_E47B9B72500055712D025F.exe [2009-6-10 128198]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Hyperappel du Petit Larousse 2008.lnk - c:\program files\Larousse\Petit Larousse 2008\bin\Hyperappel.exe [2008-2-15 237568]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-2-29 169472]
Reality Fusion GameCam SE.lnk - c:\program files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe [2000-7-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 00:35 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Univision Canada Limited\\Remote Module\\Alarm Receiver.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Documents and Settings\\Jacques Couillard\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Jacques Couillard\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\iTunes\\iTunesHelper.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1035:TCP"= 1035:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R0 Achernar;Achernar - SCSI Command Filters;c:\windows\system32\drivers\Achernar.sys [2007-10-30 16855]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2003-04-24 14336]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R3 Aldebaran;Aldebaran - SCSI Command Filters;c:\windows\system32\drivers\Aldebaran.sys [2007-10-30 21808]
R3 SlingAudioBusenum;Sling Audio Bus Enumerator;c:\windows\system32\drivers\SlingAudioBus.sys [2008-07-15 23168]
S1 MusCVideo32;MusCVideo32;c:\windows\system32\drivers\MusCVideo32.sys [2007-12-02 3768]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 MusCDriverV32;MusCDriverV32;c:\windows\system32\drivers\MusCDriverV32.sys [2007-12-02 515200]
S3 PID_0890_I;Logitech QuickCam Traveler (Still Camera)(PID_0890_I);c:\windows\system32\drivers\ca500ab.sys [2007-12-09 10632]
S3 PID_0890_V;Logitech QuickCam Traveler(PID_0890_V);c:\windows\system32\drivers\CA500AV.SYS [2007-12-09 191612]
S3 Sling_Audio;SlingProjector Audio Device;c:\windows\system32\drivers\SlingAudio.sys [2008-10-01 19072]
S3 USBW9967;W9967, WDM Video Capture;c:\windows\system32\drivers\2kw9967.sys [2007-11-07 105648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
2010-10-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-08-13 16:34]
2010-11-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-30 00:07]
2010-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 02:08]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 02:08]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-630328440-682003330-1004Core.job
- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-26 18:12]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-630328440-682003330-1004UA.job
- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-26 18:12]
2010-11-19 c:\windows\Tasks\Norton Security Scan for Jacques Couillard.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-11-19 14:48]
2010-11-19 c:\windows\Tasks\User_Feed_Synchronization-{451DAB6E-FF9E-44A5-8F8D-3C281AC5E48B}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://cyberpresse.ca/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Visit in &3D using ExitReality - http://3d.exitreality.com/TransmogrifyPage.htm
FF - ProfilePath - c:\documents and settings\Jacques Couillard\Application Data\Mozilla\Firefox\Profiles\uacafs5t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cyberpresse.ca/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
FF - component: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\Firefox\Profiles\uacafs5t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Associations de fichier -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
BHO-{E4A9A0B0-7A71-4E6B-B1E1-47A8E06B34CD} - c:\windows\system32\mlJYPjgh.dll
BHO-{EC6DCC5F-0F4F-464C-AF0D-C0C1CFCA6A3E} - c:\windows\system32\rqRhHbAr.dll
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKCU-Run-Livestation - c:\program files\Livestation\Livestation.exe
HKLM-Run-zreexhpmshftbwbln - c:\windows\system32\jhsjzmuamrtzs.dll
HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe
HKLM-Run-DVDtoiPodConverter_upgrade - c:\program files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe
HKLM-Run-ClickPotatoLiteSA - c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe
ShellExecuteHooks-{E4A9A0B0-7A71-4E6B-B1E1-47A8E06B34CD} - c:\windows\system32\mlJYPjgh.dll
Notify-mlJYPjgh - mlJYPjgh.dll
AddRemove-QueryExplorer - c:\program files\QueryExplorer\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-19 20:06
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
- - - - - - - > 'explorer.exe'(9772)
c:\program files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\docume~1\JACQUE~1\LOCALS~1\Temp\bwgo00012fd5.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\SANYO\XactiScreenCapture\SetClip.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Fichiers communs\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2010-11-19 20:14:49 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-20 01:14
Avant-CF: 84 467 204 096 octets libres
Après-CF: 92 052 369 408 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn
- - End Of File - - E07F48231A0404C0DA8DD7083068791E
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.511.220 [GMT -5:00]
Lancé depuis: c:\documents and settings\Jacques Couillard\Mes documents\douloudada.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\documents and settings\All Users\Application Data\QueryExplorer
c:\documents and settings\All Users\Application Data\QueryExplorer\queryexplorer116.exe
c:\documents and settings\All Users\Application Data\QueryExplorer\queryexplorer119.exe
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\About Us.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\ClickPotato Customer Support.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\About Us.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\Customer Support.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\ShopperReports\ShopperReports Uninstall Instructions.lnk
c:\documents and settings\Jacques Couillard\Application Data\ClickPotatoLite
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\Firefox\cs\res2\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShopperReports3\IE\cs\res1\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\Config.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\db\Aliases.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\db\Sites.dbs
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\dwld\WhiteList.xip
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\report\aggr_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\report\send_storage.xml
c:\documents and settings\Jacques Couillard\Application Data\ShoppingReport2\cs\res1\WhiteList.dbs
c:\documents and settings\Jacques Couillard\Recent\ANIMATION PAST..txt
c:\documents and settings\Jacques Couillard\Recent\Thumbs.db
c:\documents and settings\Jacques Couillard\Recent\Videora iPod touch Converter.url
c:\documents and settings\LocalService\Application Data\NetMon
c:\documents and settings\LocalService\Application Data\NetMon\domains.txt
c:\documents and settings\LocalService\Application Data\NetMon\log.txt
c:\program files\ClickPotatoLite
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAAX.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSABHO.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAHook.dll
c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteUninstaller.exe
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\chrome.manifest
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\install.rdf
c:\program files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll
c:\program files\MicroAntivirus
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf
c:\program files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\settings.dat
c:\program files\myglobalsearch\bar\Settings\settings.dat.bak
c:\program files\myglobalsearch\bar\Settings\settings.htm
c:\program files\myglobalsearch\bar\Settings\settings.htm.bak
c:\program files\QueryExplorer
c:\program files\QueryExplorer\queryexplorer.dll
c:\program files\QueryExplorer\queryexplorer.exe
c:\program files\ShopperReports3
c:\program files\ShopperReports3\bin\3.0.491.0\BRNStie.dll
c:\program files\ShopperReports3\bin\3.0.491.0\CmndFF.dll
c:\program files\ShopperReports3\bin\3.0.491.0\CntntCntr.dll
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt
c:\program files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\program files\ShopperReports3\bin\3.0.491.0\link.ico
c:\program files\ShopperReports3\bin\3.0.491.0\moZIllaps.dll
c:\program files\ShopperReports3\bin\3.0.491.0\Pltfrm.dll
c:\program files\ShopperReports3\bin\3.0.491.0\ShopperReports.dll
c:\program files\ShopperReports3\bin\3.0.491.0\ShopperReportsUninstaller.exe
c:\program files\ShoppingReport2
c:\program files\ShoppingReport2\Bin\2.7.27\ShoppingReport.dll
c:\program files\ShoppingReport2\Uninst.exe
c:\program files\webhancer
c:\program files\webhancer\Programs\license.txt
c:\program files\webhancer\Programs\readme.txt
c:\program files\webhancer\Programs\sporder.dll
c:\program files\webhancer\Programs\webhdll.dll
c:\program files\webhancer\Programs\whagent.ini
c:\program files\webhancer\Programs\whinstaller.exe
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
c:\windows\jestertb.dll
c:\windows\pskt.ini
c:\windows\system32\aknvcrua.ini
c:\windows\system32\atmtd.dll
c:\windows\system32\atmtd.dll._
c:\windows\system32\cggramua.ini
c:\windows\system32\d2
c:\windows\system32\dnthssmq.ini
c:\windows\system32\donuvynu.ini
c:\windows\system32\dxinxmgs.ini
c:\windows\system32\EV02
c:\windows\system32\EV02\EV022328.exe
c:\windows\system32\ghrwarse.ini
c:\windows\system32\hmqxvvmr.ini
c:\windows\system32\iymylpeb.ini
c:\windows\system32\kbaijcuv.ini
c:\windows\system32\lewtccbn.ini
c:\windows\system32\luygvcwk.ini
c:\windows\system32\mcrh.tmp
c:\windows\system32\pac.txt
c:\windows\system32\pedxoqjs.ini
c:\windows\system32\qhdnfwxf.ini
c:\windows\system32\rAbHhRqr.ini
c:\windows\system32\rAbHhRqr.ini2
c:\windows\system32\Thumbs.db
c:\windows\system32\UpMedia
c:\windows\system32\winsrc.dll.tmp
c:\windows\system32\wmkbqbxc.ini
c:\windows\system32\wqqplrjk.ini
c:\windows\system32\xvsejfqh.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Legacy_QUERYEXPLORER_SERVICE
-------\Service_cmdService
-------\Service_Network Monitor
-------\Service_QueryExplorer Service
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-20 au 2010-11-20 ))))))))))))))))))))))))))))))))))))
.
2010-11-19 19:15 . 2010-11-19 19:22 -------- d-----w- c:\program files\ZHPDiag
2010-11-19 18:00 . 2010-11-19 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-11-19 18:00 . 2010-11-19 18:00 -------- d-----w- c:\windows\system32\drivers\NSS
2010-11-19 18:00 . 2010-11-19 18:00 -------- d-----w- c:\program files\NortonInstaller
2010-10-24 21:41 . 2010-10-24 21:41 -------- d-----w- C:\ProgramData
2010-10-24 18:20 . 2010-10-26 00:46 -------- d-----w- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Autodesk
2010-10-24 17:50 . 2010-10-24 17:50 304608 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\1036\ResourceCache.dll
2010-10-24 17:50 . 2010-10-24 17:50 302848 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\1033\ResourceCache.dll
2010-10-24 17:45 . 2010-10-24 17:45 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-10-24 17:44 . 2010-10-24 17:44 -------- d-----w- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Microsoft Help
2010-10-24 17:43 . 2010-10-24 17:43 -------- d-----w- c:\program files\Microsoft SDKs
2010-10-24 17:43 . 2010-10-24 17:43 -------- d-----w- c:\program files\Microsoft.NET
2010-10-24 17:43 . 2010-10-24 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-10-24 17:43 . 2010-10-24 17:45 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-10-24 17:41 . 2010-10-24 17:41 -------- d-----w- c:\windows\Logs
2010-10-24 17:40 . 2010-10-26 01:00 -------- d-----w- c:\program files\Fichiers communs\Autodesk Shared
2010-10-24 17:40 . 2010-10-26 00:46 -------- d-----w- c:\program files\Autodesk
2010-10-24 17:21 . 2010-10-31 03:18 -------- d-----w- c:\documents and settings\Jacques Couillard\Application Data\Autodesk
2010-10-24 17:21 . 2010-10-26 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-10-24 17:10 . 2010-10-25 22:59 -------- d-----w- C:\Autodesk
2010-10-24 14:19 . 2010-11-20 01:05 -------- d-----w- c:\program files\Fichiers communs\Akamai
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 16:23 . 2003-04-24 13:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2003-04-24 13:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2003-04-24 13:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2003-04-24 13:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:50 . 2006-06-23 18:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:50 . 2003-04-24 13:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:50 . 2003-04-24 13:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51 . 2003-04-24 13:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:55 . 2003-06-04 18:17 1852928 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2003-04-24 13:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:58 . 2003-04-24 13:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 11:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2003-03-28 17:54 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2003-04-24 13:00 617472 ----a-w- c:\windows\system32\comctl32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-09-28 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2009-07-26 3883856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-08 94208]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-02-29 16384]
"Gestionnaire Antidote.exe"="c:\progra~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe" [2005-06-22 386752]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-30 68856]
"Google Update"="c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-26 133104]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]
"WeatherEye"="c:\documents and settings\Jacques Couillard\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe" [2009-10-27 718232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-25 3022848]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"LVCOMS"="c:\windows\system32\LVComS.exe" [2002-06-10 102400]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2004-02-26 176128]
"Family Tree Builder Installer"="c:\program files\MyHeritage\Install MyHeritage Family Tree Builder.lnk" [2010-02-23 1042]
"ReminderApp"="c:\program files\Nova Development\Greeting Card Factory Photo Card Maker 2.0\ReminderApp.exe" [2008-10-07 180224]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Jacques Couillard\Menu D'marrer\Programmes\D'marrage\
Notification de cadeaux MSN.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-2-18 135680]
Outil de d'tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-3-15 299008]
Outil de notification Live Search.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2010-8-2 142336]
Xacti Screen Capture 1.1.lnk - c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Installer\{37327654-EBF7-410C-9161-C24D68E02753}\_E47B9B72500055712D025F.exe [2009-6-10 128198]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Hyperappel du Petit Larousse 2008.lnk - c:\program files\Larousse\Petit Larousse 2008\bin\Hyperappel.exe [2008-2-15 237568]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-2-29 169472]
Reality Fusion GameCam SE.lnk - c:\program files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe [2000-7-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 00:35 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Univision Canada Limited\\Remote Module\\Alarm Receiver.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Documents and Settings\\Jacques Couillard\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Jacques Couillard\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\iTunes\\iTunesHelper.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1035:TCP"= 1035:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R0 Achernar;Achernar - SCSI Command Filters;c:\windows\system32\drivers\Achernar.sys [2007-10-30 16855]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2003-04-24 14336]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R3 Aldebaran;Aldebaran - SCSI Command Filters;c:\windows\system32\drivers\Aldebaran.sys [2007-10-30 21808]
R3 SlingAudioBusenum;Sling Audio Bus Enumerator;c:\windows\system32\drivers\SlingAudioBus.sys [2008-07-15 23168]
S1 MusCVideo32;MusCVideo32;c:\windows\system32\drivers\MusCVideo32.sys [2007-12-02 3768]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 MusCDriverV32;MusCDriverV32;c:\windows\system32\drivers\MusCDriverV32.sys [2007-12-02 515200]
S3 PID_0890_I;Logitech QuickCam Traveler (Still Camera)(PID_0890_I);c:\windows\system32\drivers\ca500ab.sys [2007-12-09 10632]
S3 PID_0890_V;Logitech QuickCam Traveler(PID_0890_V);c:\windows\system32\drivers\CA500AV.SYS [2007-12-09 191612]
S3 Sling_Audio;SlingProjector Audio Device;c:\windows\system32\drivers\SlingAudio.sys [2008-10-01 19072]
S3 USBW9967;W9967, WDM Video Capture;c:\windows\system32\drivers\2kw9967.sys [2007-11-07 105648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
2010-10-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-08-13 16:34]
2010-11-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-30 00:07]
2010-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 02:08]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 02:08]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-630328440-682003330-1004Core.job
- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-26 18:12]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-630328440-682003330-1004UA.job
- c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-26 18:12]
2010-11-19 c:\windows\Tasks\Norton Security Scan for Jacques Couillard.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-11-19 14:48]
2010-11-19 c:\windows\Tasks\User_Feed_Synchronization-{451DAB6E-FF9E-44A5-8F8D-3C281AC5E48B}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://cyberpresse.ca/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Visit in &3D using ExitReality - http://3d.exitreality.com/TransmogrifyPage.htm
FF - ProfilePath - c:\documents and settings\Jacques Couillard\Application Data\Mozilla\Firefox\Profiles\uacafs5t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cyberpresse.ca/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
FF - component: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\Firefox\Profiles\uacafs5t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\Jacques Couillard\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Associations de fichier -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
BHO-{E4A9A0B0-7A71-4E6B-B1E1-47A8E06B34CD} - c:\windows\system32\mlJYPjgh.dll
BHO-{EC6DCC5F-0F4F-464C-AF0D-C0C1CFCA6A3E} - c:\windows\system32\rqRhHbAr.dll
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKCU-Run-Livestation - c:\program files\Livestation\Livestation.exe
HKLM-Run-zreexhpmshftbwbln - c:\windows\system32\jhsjzmuamrtzs.dll
HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe
HKLM-Run-DVDtoiPodConverter_upgrade - c:\program files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe
HKLM-Run-ClickPotatoLiteSA - c:\program files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe
ShellExecuteHooks-{E4A9A0B0-7A71-4E6B-B1E1-47A8E06B34CD} - c:\windows\system32\mlJYPjgh.dll
Notify-mlJYPjgh - mlJYPjgh.dll
AddRemove-QueryExplorer - c:\program files\QueryExplorer\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-19 20:06
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
- - - - - - - > 'explorer.exe'(9772)
c:\program files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\docume~1\JACQUE~1\LOCALS~1\Temp\bwgo00012fd5.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\documents and settings\Jacques Couillard\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\SANYO\XactiScreenCapture\SetClip.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Fichiers communs\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2010-11-19 20:14:49 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-20 01:14
Avant-CF: 84 467 204 096 octets libres
Après-CF: 92 052 369 408 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn
- - End Of File - - E07F48231A0404C0DA8DD7083068791E
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re
Impeccable ;))
Avançons:
1) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharge et install UsbFix de El Desaparecido , C_XX & Chimay8
Ici : http://www.teamxscript.org/usbfixTelechargement.html
Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau.
# Choisi Suppression
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
2)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://www.teamxscript.org/adremoverTelechargement.html
! Déconnecte toi et ferme toutes applications en cours !
* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.
* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .
* Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparaît à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Aides en images (Installation) : http://pagesperso-orange.fr/NosTools/ad_remover.html images (Recherche): http://pagesperso-orange.fr/NosTools/tuto_adr_2.html
3)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
Poste moi ces rapports au fur et à mesure;merci.
@+
Impeccable ;))
Avançons:
1) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharge et install UsbFix de El Desaparecido , C_XX & Chimay8
Ici : http://www.teamxscript.org/usbfixTelechargement.html
Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau.
# Choisi Suppression
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
2)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://www.teamxscript.org/adremoverTelechargement.html
! Déconnecte toi et ferme toutes applications en cours !
* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.
* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .
* Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparaît à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Aides en images (Installation) : http://pagesperso-orange.fr/NosTools/ad_remover.html images (Recherche): http://pagesperso-orange.fr/NosTools/tuto_adr_2.html
3)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
Poste moi ces rapports au fur et à mesure;merci.
@+
après avoir fait le nettoyage l'ordi a fermer et le seul rapport que j'ai vue était lui
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d
Kernel Drivers (total 143):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF8AB7000 \WINDOWS\system32\KDCOM.DLL
0xF89C7000 \WINDOWS\system32\BOOTVID.dll
0xF8567000 ACPI.sys
0xF8AB9000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF8556000 pci.sys
0xF85B7000 isapnp.sys
0xF85C7000 ohci1394.sys
0xF85D7000 \WINDOWS\System32\DRIVERS\1394BUS.SYS
0xF8B7F000 pciide.sys
0xF8837000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF85E7000 MountMgr.sys
0xF8537000 ftdisk.sys
0xF883F000 PartMgr.sys
0xF8847000 Achernar.sys
0xF85F7000 VolSnap.sys
0xF851F000 atapi.sys
0xF8607000 disk.sys
0xF8617000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF84FF000 fltmgr.sys
0xF84ED000 sr.sys
0xF84D7000 DRVMCDB.SYS
0xF84C0000 KSecDD.sys
0xF84AD000 WudfPf.sys
0xF8420000 Ntfs.sys
0xF83F3000 NDIS.sys
0xF83D9000 Mup.sys
0xF8627000 agp440.sys
0xF86C7000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF77A5000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xF7791000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF7773000 \SystemRoot\System32\DRIVERS\e1000325.sys
0xF8987000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF774F000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF898F000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF76F4000 \SystemRoot\system32\drivers\cmaudio.sys
0xF76D0000 \SystemRoot\system32\drivers\portcls.sys
0xF86D7000 \SystemRoot\system32\drivers\drmk.sys
0xF76AD000 \SystemRoot\system32\drivers\ks.sys
0xF86E7000 \SystemRoot\System32\DRIVERS\nic1394.sys
0xF86F7000 \SystemRoot\System32\DRIVERS\IntelC53.sys
0xF75AC000 \SystemRoot\System32\DRIVERS\IntelC51.sys
0xF753E000 \SystemRoot\System32\DRIVERS\IntelC52.sys
0xF8997000 \SystemRoot\System32\DRIVERS\mohfilt.sys
0xF899F000 \SystemRoot\System32\Drivers\Modem.SYS
0xF8707000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF89A7000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF89AF000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF752D000 \SystemRoot\System32\DRIVERS\serial.sys
0xF7938000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF7519000 \SystemRoot\System32\DRIVERS\parport.sys
0xF8717000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7934000 \SystemRoot\System32\Drivers\Aldebaran.sys
0xF8AE9000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF8727000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF8737000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF89B7000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7494000 \SystemRoot\system32\drivers\smwdm.sys
0xF8AEB000 \SystemRoot\system32\drivers\aeaudio.sys
0xF8C46000 \SystemRoot\system32\DRIVERS\lmimirr.sys
0xF8AED000 \SystemRoot\System32\DRIVERS\serscan.sys
0xF8C48000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF7482000 \SystemRoot\System32\DRIVERS\bridge.sys
0xF89BF000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF8747000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF791C000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF746B000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF8757000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF8767000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF745A000 \SystemRoot\System32\DRIVERS\psched.sys
0xF8777000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF8857000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF8887000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF8787000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF888F000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF8AEF000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF73FC000 \SystemRoot\System32\DRIVERS\update.sys
0xF8A43000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF8897000 \SystemRoot\system32\DRIVERS\SlingAudioBus.sys
0xF8797000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF87A7000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF8AF5000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF8A67000 \SystemRoot\System32\DRIVERS\gameenum.sys
0xF889F000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF8AF7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8CAA000 \SystemRoot\System32\Drivers\Null.SYS
0xF8AF9000 \SystemRoot\System32\Drivers\Beep.SYS
0xF88AF000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
0xF88B7000 \SystemRoot\System32\drivers\vga.sys
0xF8AFB000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8AFD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF88BF000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF88C7000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8A93000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF60FA000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF60A1000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF6079000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF6053000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF87D7000 \SystemRoot\System32\DRIVERS\arp1394.sys
0xF8AA7000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF6031000 \SystemRoot\System32\drivers\afd.sys
0xF87E7000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xF87F7000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF5F66000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF5EF6000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF7CC2000 \SystemRoot\System32\Drivers\Fips.SYS
0xF83AD000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xF7CB2000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xF88CF000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xF83A9000 \SystemRoot\System32\DRIVERS\mouhid.sys
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d
Kernel Drivers (total 143):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF8AB7000 \WINDOWS\system32\KDCOM.DLL
0xF89C7000 \WINDOWS\system32\BOOTVID.dll
0xF8567000 ACPI.sys
0xF8AB9000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF8556000 pci.sys
0xF85B7000 isapnp.sys
0xF85C7000 ohci1394.sys
0xF85D7000 \WINDOWS\System32\DRIVERS\1394BUS.SYS
0xF8B7F000 pciide.sys
0xF8837000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF85E7000 MountMgr.sys
0xF8537000 ftdisk.sys
0xF883F000 PartMgr.sys
0xF8847000 Achernar.sys
0xF85F7000 VolSnap.sys
0xF851F000 atapi.sys
0xF8607000 disk.sys
0xF8617000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF84FF000 fltmgr.sys
0xF84ED000 sr.sys
0xF84D7000 DRVMCDB.SYS
0xF84C0000 KSecDD.sys
0xF84AD000 WudfPf.sys
0xF8420000 Ntfs.sys
0xF83F3000 NDIS.sys
0xF83D9000 Mup.sys
0xF8627000 agp440.sys
0xF86C7000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF77A5000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xF7791000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF7773000 \SystemRoot\System32\DRIVERS\e1000325.sys
0xF8987000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF774F000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF898F000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF76F4000 \SystemRoot\system32\drivers\cmaudio.sys
0xF76D0000 \SystemRoot\system32\drivers\portcls.sys
0xF86D7000 \SystemRoot\system32\drivers\drmk.sys
0xF76AD000 \SystemRoot\system32\drivers\ks.sys
0xF86E7000 \SystemRoot\System32\DRIVERS\nic1394.sys
0xF86F7000 \SystemRoot\System32\DRIVERS\IntelC53.sys
0xF75AC000 \SystemRoot\System32\DRIVERS\IntelC51.sys
0xF753E000 \SystemRoot\System32\DRIVERS\IntelC52.sys
0xF8997000 \SystemRoot\System32\DRIVERS\mohfilt.sys
0xF899F000 \SystemRoot\System32\Drivers\Modem.SYS
0xF8707000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF89A7000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF89AF000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF752D000 \SystemRoot\System32\DRIVERS\serial.sys
0xF7938000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF7519000 \SystemRoot\System32\DRIVERS\parport.sys
0xF8717000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7934000 \SystemRoot\System32\Drivers\Aldebaran.sys
0xF8AE9000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF8727000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF8737000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF89B7000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7494000 \SystemRoot\system32\drivers\smwdm.sys
0xF8AEB000 \SystemRoot\system32\drivers\aeaudio.sys
0xF8C46000 \SystemRoot\system32\DRIVERS\lmimirr.sys
0xF8AED000 \SystemRoot\System32\DRIVERS\serscan.sys
0xF8C48000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF7482000 \SystemRoot\System32\DRIVERS\bridge.sys
0xF89BF000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF8747000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF791C000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF746B000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF8757000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF8767000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF745A000 \SystemRoot\System32\DRIVERS\psched.sys
0xF8777000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF8857000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF8887000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF8787000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF888F000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF8AEF000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF73FC000 \SystemRoot\System32\DRIVERS\update.sys
0xF8A43000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF8897000 \SystemRoot\system32\DRIVERS\SlingAudioBus.sys
0xF8797000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF87A7000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF8AF5000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF8A67000 \SystemRoot\System32\DRIVERS\gameenum.sys
0xF889F000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF8AF7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8CAA000 \SystemRoot\System32\Drivers\Null.SYS
0xF8AF9000 \SystemRoot\System32\Drivers\Beep.SYS
0xF88AF000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
0xF88B7000 \SystemRoot\System32\drivers\vga.sys
0xF8AFB000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8AFD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF88BF000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF88C7000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8A93000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF60FA000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF60A1000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF6079000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF6053000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF87D7000 \SystemRoot\System32\DRIVERS\arp1394.sys
0xF8AA7000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF6031000 \SystemRoot\System32\drivers\afd.sys
0xF87E7000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xF87F7000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF5F66000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF5EF6000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF7CC2000 \SystemRoot\System32\Drivers\Fips.SYS
0xF83AD000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xF7CB2000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xF88CF000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xF83A9000 \SystemRoot\System32\DRIVERS\mouhid.sys
Re
Oui tu peux ,mais il faudra absolument vérifier cette clé avec Usbfix.
Avance;
merci.
Oui tu peux ,mais il faudra absolument vérifier cette clé avec Usbfix.
Avance;
merci.
############################## | UsbFix 7.035 | [Suppression]
Utilisateur: Jacques Couillard (Administrateur) # JACQUES-002A52C [ ]
Mis à jour le 11/11/10 par El Desaparecido / C_XX
Lancé à 09:40:50 | 20/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Désactivé /!\
RAM -> 511 Mo
C:\ (%systemdrive%) -> Disque fixe # 153 Go (86 Go libre(s) - 56%) [] # NTFS
D:\ -> CD-ROM
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-507921405-630328440-682003330-1004
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[01/06/2009 - 21:59:16 | N | 1024] C:\.rnd
[28/03/2010 - 06:47:02 | D ] C:\050170e5004095dde40f58e493f3
[29/10/2007 - 23:26:46 | D ] C:\142ee
[29/10/2007 - 23:27:58 | D ] C:\1850a90
[04/03/2008 - 17:57:58 | D ] C:\24f875b87453a909bb1f61296f
[07/11/2007 - 08:50:59 | D ] C:\2b131ed5930018f065c54e66
[25/04/2010 - 11:46:27 | D ] C:\38885d18859a973b23
[29/10/2007 - 23:40:22 | D ] C:\3e50634f7abd08c90ee1dffd6158dc
[29/10/2007 - 23:36:59 | D ] C:\611036d61ec0e7e7d3ab
[29/10/2007 - 23:28:09 | D ] C:\71885337763b537
[29/10/2007 - 23:17:23 | D ] C:\787bd9140cc5b52c69
[29/10/2007 - 23:25:31 | D ] C:\89eeb9ef69b2b83d0958
[25/04/2010 - 11:46:26 | D ] C:\8d15696ed6c6bc8d849d9953cf48
[16/06/2009 - 14:07:49 | D ] C:\8fc166feaf6cae9d2d332368b433a2ef
[29/09/2008 - 12:37:27 | N | 608] C:\aaw7boot.log
[19/11/2010 - 22:28:13 | N | 7907] C:\Ad-Report-CLEAN[1].txt
[20/11/2010 - 07:17:26 | N | 2621] C:\Ad-Report-CLEAN[2].txt
[20/02/2008 - 14:01:10 | N | 0] C:\AdobeDebug.txt
[17/01/2009 - 12:17:27 | N | 667] C:\autoAlbum.log
[25/10/2010 - 17:59:32 | D ] C:\Autodesk
[29/10/2007 - 23:14:03 | N | 0] C:\AUTOEXEC.BAT
[19/11/2010 - 21:08:08 | RASHD ] C:\Autorun.inf
[16/07/2008 - 16:18:43 | D ] C:\avi
[31/10/2007 - 09:50:20 | D ] C:\b288402460e15f2918c610
[19/02/2009 - 09:07:45 | D ] C:\b52e15a999aee19be6bb7d0f6086
[04/03/2008 - 18:04:14 | N | 216] C:\Boot.bak
[19/11/2010 - 19:41:31 | N | 332] C:\boot.ini
[24/04/2003 - 08:00:00 | N | 4952] C:\Bootfont.bin
[29/10/2007 - 23:32:33 | D ] C:\c848eb141e00b35575
[30/10/2007 - 00:35:35 | D ] C:\CABS
[19/11/2010 - 19:41:31 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[19/11/2010 - 20:14:50 | N | 32230] C:\ComboFix.txt
[19/11/2010 - 22:34:35 | D ] C:\Config.Msi
[29/10/2007 - 23:14:03 | N | 0] C:\CONFIG.SYS
[25/04/2010 - 11:46:27 | D ] C:\Converted
[29/10/2007 - 23:42:09 | D ] C:\d589dcb0f9fa099470eacfc27fe4
[30/10/2007 - 00:01:21 | D ] C:\Documents and Settings
[15/03/2008 - 15:51:04 | D ] C:\Drivers
[23/07/2009 - 19:26:51 | D ] C:\Fichiers Movavi
[29/10/2007 - 23:14:03 | N | 0] C:\IO.SYS
[28/05/2008 - 11:13:45 | N | 183] C:\LogiSetup.log
[18/02/2010 - 18:52:17 | D ] C:\LOGITEMP
[06/10/2010 - 13:54:22 | D ] C:\MovieCloneTemp
[29/10/2007 - 23:14:03 | N | 0] C:\MSDOS.SYS
[30/01/2008 - 13:17:50 | RD ] C:\MSOCache
[09/12/2007 - 19:36:58 | D ] C:\My Music
[04/10/2010 - 23:01:15 | D ] C:\New DVD
[30/10/2007 - 08:52:41 | N | 47564] C:\NTDETECT.COM
[18/08/2008 - 19:08:13 | N | 252240] C:\ntldr
[21/02/2010 - 09:35:34 | D ] C:\OutputFolder
[20/11/2010 - 07:20:31 | ASH | 805306368] C:\pagefile.sys
[19/11/2010 - 22:27:53 | D ] C:\Program Files
[24/10/2010 - 16:41:37 | D ] C:\ProgramData
[01/11/2007 - 12:41:50 | D ] C:\QCSDK1
[19/11/2010 - 20:14:55 | D ] C:\Qoobox
[20/11/2010 - 09:45:48 | SHD ] C:\RECYCLER
[19/07/2009 - 15:06:32 | N | 268] C:\sqmdata00.sqm
[19/07/2009 - 15:25:29 | N | 268] C:\sqmdata01.sqm
[19/07/2009 - 15:39:29 | N | 268] C:\sqmdata02.sqm
[19/07/2009 - 15:53:54 | N | 268] C:\sqmdata03.sqm
[19/07/2009 - 19:14:18 | N | 268] C:\sqmdata04.sqm
[19/07/2009 - 22:01:47 | N | 268] C:\sqmdata05.sqm
[19/07/2009 - 22:08:13 | N | 268] C:\sqmdata06.sqm
[02/09/2009 - 00:05:10 | N | 268] C:\sqmdata07.sqm
[02/09/2009 - 00:26:12 | N | 268] C:\sqmdata08.sqm
[03/09/2009 - 06:41:05 | N | 268] C:\sqmdata09.sqm
[03/09/2009 - 14:42:31 | N | 268] C:\sqmdata10.sqm
[03/09/2009 - 15:08:51 | N | 268] C:\sqmdata11.sqm
[03/10/2009 - 00:23:36 | N | 268] C:\sqmdata12.sqm
[03/10/2009 - 12:14:12 | N | 268] C:\sqmdata13.sqm
[06/10/2009 - 11:19:57 | N | 268] C:\sqmdata14.sqm
[14/07/2009 - 23:44:50 | N | 268] C:\sqmdata15.sqm
[15/07/2009 - 15:42:23 | N | 268] C:\sqmdata16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmdata17.sqm
[17/07/2009 - 14:22:48 | N | 268] C:\sqmdata18.sqm
[19/07/2009 - 13:57:40 | N | 268] C:\sqmdata19.sqm
[19/07/2009 - 15:06:32 | N | 244] C:\sqmnoopt00.sqm
[19/07/2009 - 15:25:28 | N | 244] C:\sqmnoopt01.sqm
[19/07/2009 - 15:39:29 | N | 244] C:\sqmnoopt02.sqm
[19/07/2009 - 15:53:54 | N | 244] C:\sqmnoopt03.sqm
[19/07/2009 - 19:14:18 | N | 244] C:\sqmnoopt04.sqm
[19/07/2009 - 22:01:47 | N | 244] C:\sqmnoopt05.sqm
[19/07/2009 - 22:08:13 | N | 244] C:\sqmnoopt06.sqm
[02/09/2009 - 00:05:10 | N | 244] C:\sqmnoopt07.sqm
[02/09/2009 - 00:26:12 | N | 244] C:\sqmnoopt08.sqm
[03/09/2009 - 06:41:05 | N | 244] C:\sqmnoopt09.sqm
[03/09/2009 - 14:42:31 | N | 244] C:\sqmnoopt10.sqm
[03/09/2009 - 15:08:51 | N | 244] C:\sqmnoopt11.sqm
[03/10/2009 - 00:23:35 | N | 244] C:\sqmnoopt12.sqm
[03/10/2009 - 12:14:12 | N | 244] C:\sqmnoopt13.sqm
[06/10/2009 - 11:19:57 | N | 244] C:\sqmnoopt14.sqm
[14/07/2009 - 23:44:50 | N | 244] C:\sqmnoopt15.sqm
[15/07/2009 - 15:42:22 | N | 244] C:\sqmnoopt16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmnoopt17.sqm
[17/07/2009 - 14:22:47 | N | 244] C:\sqmnoopt18.sqm
[19/07/2009 - 13:57:40 | N | 244] C:\sqmnoopt19.sqm
[30/10/2007 - 10:02:46 | SHD ] C:\System Volume Information
[19/11/2010 - 20:01:30 | D ] C:\Temp
[13/05/2010 - 19:53:36 | D ] C:\temp_dvd
[24/02/2009 - 19:22:15 | N | 3661] C:\updatedatfix.log
[20/11/2010 - 09:45:48 | D ] C:\UsbFix
[20/11/2010 - 09:45:49 | A | 790] C:\UsbFix.txt
[19/11/2010 - 21:08:09 | N | 3537] C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
[18/06/2009 - 06:51:10 | D ] C:\USB_DRV
[20/11/2010 - 07:20:48 | D ] C:\WINDOWS
[12/03/2003 - 13:50:11 | N | 84] C:\WRX2546.bin
[21/10/2010 - 13:53:53 | N | 161] C:\_DICOM.LOG
[21/10/2010 - 13:53:55 | N | 194] C:\_OVERLAY.LOG
[16/01/2009 - 09:58:19 | N | 1524] C:\_Sid.txt
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Je continue
Utilisateur: Jacques Couillard (Administrateur) # JACQUES-002A52C [ ]
Mis à jour le 11/11/10 par El Desaparecido / C_XX
Lancé à 09:40:50 | 20/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Désactivé /!\
RAM -> 511 Mo
C:\ (%systemdrive%) -> Disque fixe # 153 Go (86 Go libre(s) - 56%) [] # NTFS
D:\ -> CD-ROM
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-507921405-630328440-682003330-1004
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[01/06/2009 - 21:59:16 | N | 1024] C:\.rnd
[28/03/2010 - 06:47:02 | D ] C:\050170e5004095dde40f58e493f3
[29/10/2007 - 23:26:46 | D ] C:\142ee
[29/10/2007 - 23:27:58 | D ] C:\1850a90
[04/03/2008 - 17:57:58 | D ] C:\24f875b87453a909bb1f61296f
[07/11/2007 - 08:50:59 | D ] C:\2b131ed5930018f065c54e66
[25/04/2010 - 11:46:27 | D ] C:\38885d18859a973b23
[29/10/2007 - 23:40:22 | D ] C:\3e50634f7abd08c90ee1dffd6158dc
[29/10/2007 - 23:36:59 | D ] C:\611036d61ec0e7e7d3ab
[29/10/2007 - 23:28:09 | D ] C:\71885337763b537
[29/10/2007 - 23:17:23 | D ] C:\787bd9140cc5b52c69
[29/10/2007 - 23:25:31 | D ] C:\89eeb9ef69b2b83d0958
[25/04/2010 - 11:46:26 | D ] C:\8d15696ed6c6bc8d849d9953cf48
[16/06/2009 - 14:07:49 | D ] C:\8fc166feaf6cae9d2d332368b433a2ef
[29/09/2008 - 12:37:27 | N | 608] C:\aaw7boot.log
[19/11/2010 - 22:28:13 | N | 7907] C:\Ad-Report-CLEAN[1].txt
[20/11/2010 - 07:17:26 | N | 2621] C:\Ad-Report-CLEAN[2].txt
[20/02/2008 - 14:01:10 | N | 0] C:\AdobeDebug.txt
[17/01/2009 - 12:17:27 | N | 667] C:\autoAlbum.log
[25/10/2010 - 17:59:32 | D ] C:\Autodesk
[29/10/2007 - 23:14:03 | N | 0] C:\AUTOEXEC.BAT
[19/11/2010 - 21:08:08 | RASHD ] C:\Autorun.inf
[16/07/2008 - 16:18:43 | D ] C:\avi
[31/10/2007 - 09:50:20 | D ] C:\b288402460e15f2918c610
[19/02/2009 - 09:07:45 | D ] C:\b52e15a999aee19be6bb7d0f6086
[04/03/2008 - 18:04:14 | N | 216] C:\Boot.bak
[19/11/2010 - 19:41:31 | N | 332] C:\boot.ini
[24/04/2003 - 08:00:00 | N | 4952] C:\Bootfont.bin
[29/10/2007 - 23:32:33 | D ] C:\c848eb141e00b35575
[30/10/2007 - 00:35:35 | D ] C:\CABS
[19/11/2010 - 19:41:31 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[19/11/2010 - 20:14:50 | N | 32230] C:\ComboFix.txt
[19/11/2010 - 22:34:35 | D ] C:\Config.Msi
[29/10/2007 - 23:14:03 | N | 0] C:\CONFIG.SYS
[25/04/2010 - 11:46:27 | D ] C:\Converted
[29/10/2007 - 23:42:09 | D ] C:\d589dcb0f9fa099470eacfc27fe4
[30/10/2007 - 00:01:21 | D ] C:\Documents and Settings
[15/03/2008 - 15:51:04 | D ] C:\Drivers
[23/07/2009 - 19:26:51 | D ] C:\Fichiers Movavi
[29/10/2007 - 23:14:03 | N | 0] C:\IO.SYS
[28/05/2008 - 11:13:45 | N | 183] C:\LogiSetup.log
[18/02/2010 - 18:52:17 | D ] C:\LOGITEMP
[06/10/2010 - 13:54:22 | D ] C:\MovieCloneTemp
[29/10/2007 - 23:14:03 | N | 0] C:\MSDOS.SYS
[30/01/2008 - 13:17:50 | RD ] C:\MSOCache
[09/12/2007 - 19:36:58 | D ] C:\My Music
[04/10/2010 - 23:01:15 | D ] C:\New DVD
[30/10/2007 - 08:52:41 | N | 47564] C:\NTDETECT.COM
[18/08/2008 - 19:08:13 | N | 252240] C:\ntldr
[21/02/2010 - 09:35:34 | D ] C:\OutputFolder
[20/11/2010 - 07:20:31 | ASH | 805306368] C:\pagefile.sys
[19/11/2010 - 22:27:53 | D ] C:\Program Files
[24/10/2010 - 16:41:37 | D ] C:\ProgramData
[01/11/2007 - 12:41:50 | D ] C:\QCSDK1
[19/11/2010 - 20:14:55 | D ] C:\Qoobox
[20/11/2010 - 09:45:48 | SHD ] C:\RECYCLER
[19/07/2009 - 15:06:32 | N | 268] C:\sqmdata00.sqm
[19/07/2009 - 15:25:29 | N | 268] C:\sqmdata01.sqm
[19/07/2009 - 15:39:29 | N | 268] C:\sqmdata02.sqm
[19/07/2009 - 15:53:54 | N | 268] C:\sqmdata03.sqm
[19/07/2009 - 19:14:18 | N | 268] C:\sqmdata04.sqm
[19/07/2009 - 22:01:47 | N | 268] C:\sqmdata05.sqm
[19/07/2009 - 22:08:13 | N | 268] C:\sqmdata06.sqm
[02/09/2009 - 00:05:10 | N | 268] C:\sqmdata07.sqm
[02/09/2009 - 00:26:12 | N | 268] C:\sqmdata08.sqm
[03/09/2009 - 06:41:05 | N | 268] C:\sqmdata09.sqm
[03/09/2009 - 14:42:31 | N | 268] C:\sqmdata10.sqm
[03/09/2009 - 15:08:51 | N | 268] C:\sqmdata11.sqm
[03/10/2009 - 00:23:36 | N | 268] C:\sqmdata12.sqm
[03/10/2009 - 12:14:12 | N | 268] C:\sqmdata13.sqm
[06/10/2009 - 11:19:57 | N | 268] C:\sqmdata14.sqm
[14/07/2009 - 23:44:50 | N | 268] C:\sqmdata15.sqm
[15/07/2009 - 15:42:23 | N | 268] C:\sqmdata16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmdata17.sqm
[17/07/2009 - 14:22:48 | N | 268] C:\sqmdata18.sqm
[19/07/2009 - 13:57:40 | N | 268] C:\sqmdata19.sqm
[19/07/2009 - 15:06:32 | N | 244] C:\sqmnoopt00.sqm
[19/07/2009 - 15:25:28 | N | 244] C:\sqmnoopt01.sqm
[19/07/2009 - 15:39:29 | N | 244] C:\sqmnoopt02.sqm
[19/07/2009 - 15:53:54 | N | 244] C:\sqmnoopt03.sqm
[19/07/2009 - 19:14:18 | N | 244] C:\sqmnoopt04.sqm
[19/07/2009 - 22:01:47 | N | 244] C:\sqmnoopt05.sqm
[19/07/2009 - 22:08:13 | N | 244] C:\sqmnoopt06.sqm
[02/09/2009 - 00:05:10 | N | 244] C:\sqmnoopt07.sqm
[02/09/2009 - 00:26:12 | N | 244] C:\sqmnoopt08.sqm
[03/09/2009 - 06:41:05 | N | 244] C:\sqmnoopt09.sqm
[03/09/2009 - 14:42:31 | N | 244] C:\sqmnoopt10.sqm
[03/09/2009 - 15:08:51 | N | 244] C:\sqmnoopt11.sqm
[03/10/2009 - 00:23:35 | N | 244] C:\sqmnoopt12.sqm
[03/10/2009 - 12:14:12 | N | 244] C:\sqmnoopt13.sqm
[06/10/2009 - 11:19:57 | N | 244] C:\sqmnoopt14.sqm
[14/07/2009 - 23:44:50 | N | 244] C:\sqmnoopt15.sqm
[15/07/2009 - 15:42:22 | N | 244] C:\sqmnoopt16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmnoopt17.sqm
[17/07/2009 - 14:22:47 | N | 244] C:\sqmnoopt18.sqm
[19/07/2009 - 13:57:40 | N | 244] C:\sqmnoopt19.sqm
[30/10/2007 - 10:02:46 | SHD ] C:\System Volume Information
[19/11/2010 - 20:01:30 | D ] C:\Temp
[13/05/2010 - 19:53:36 | D ] C:\temp_dvd
[24/02/2009 - 19:22:15 | N | 3661] C:\updatedatfix.log
[20/11/2010 - 09:45:48 | D ] C:\UsbFix
[20/11/2010 - 09:45:49 | A | 790] C:\UsbFix.txt
[19/11/2010 - 21:08:09 | N | 3537] C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
[18/06/2009 - 06:51:10 | D ] C:\USB_DRV
[20/11/2010 - 07:20:48 | D ] C:\WINDOWS
[12/03/2003 - 13:50:11 | N | 84] C:\WRX2546.bin
[21/10/2010 - 13:53:53 | N | 161] C:\_DICOM.LOG
[21/10/2010 - 13:53:55 | N | 194] C:\_OVERLAY.LOG
[16/01/2009 - 09:58:19 | N | 1524] C:\_Sid.txt
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Je continue
======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 11/11/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:25:39 le 19/11/2010, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Jacques Couillard@JACQUES-002A52C ( )
============== ACTION(S) ==============
Fichier supprimé: C:\WINDOWS\system32\nrereesvckrwozmu.exe
Dossier supprimé: C:\Program Files\AskSBar
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé supprimée: HKLM\Software\Classes\CLSID\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKLM\Software\Classes\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510}
Clé supprimée: HKLM\Software\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Classes\CLSID\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}
Clé supprimée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Clé supprimée: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
Clé supprimée: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Clé supprimée: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Clé supprimée: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Clé supprimée: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Clé supprimée: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
Clé supprimée: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Clé supprimée: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé supprimée: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Clé supprimée: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Clé supprimée: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Clé supprimée: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Clé supprimée: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Clé supprimée: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Clé supprimée: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Clé supprimée: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nrereesvckrwozmu
Clé supprimée: HKCU\Software\Fun Web Products
Clé supprimée: HKCU\Software\uptowninstaller
Clé supprimée: HKU\.DEFAULT\Software\MyWebSearch
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ClickPotato
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ShopperReports
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A3F8B7-228E-4ED8-895B-DE832B2C3959}
Clé supprimée: HKLM\Software\Classes\MIME\Database\Content Type\Application/x-f3embed
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|clickpotatolite@clickpotatolite.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|Shopperreports@shopperreports.com
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.12 (fr)] **
-- C:\Documents and Settings\Jacques Couillard\Application Data\Mozilla\FireFox\Profiles\uacafs5t.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\Jacques Couillard\\Mes documents\\Mes images
browser.search.defaultenginename, Bing
browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
browser.search.selectedEngine, Live Search
browser.startup.homepage, hxxp://www.cyberpresse.ca/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 10 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 19/11/2010 (608 Octet(s))
Fin à: 22:28:13, 19/11/2010
============== E.O.F ==============
Mis à jour par TeamXscript le 11/11/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:25:39 le 19/11/2010, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Jacques Couillard@JACQUES-002A52C ( )
============== ACTION(S) ==============
Fichier supprimé: C:\WINDOWS\system32\nrereesvckrwozmu.exe
Dossier supprimé: C:\Program Files\AskSBar
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé supprimée: HKLM\Software\Classes\CLSID\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4533087E-E484-4474-E217-24982E3287D2}
Clé supprimée: HKLM\Software\Classes\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510}
Clé supprimée: HKLM\Software\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Classes\CLSID\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
Clé supprimée: HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}
Clé supprimée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Clé supprimée: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
Clé supprimée: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Clé supprimée: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Clé supprimée: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Clé supprimée: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Clé supprimée: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
Clé supprimée: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Clé supprimée: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé supprimée: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Clé supprimée: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Clé supprimée: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Clé supprimée: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Clé supprimée: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Clé supprimée: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Clé supprimée: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Clé supprimée: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nrereesvckrwozmu
Clé supprimée: HKCU\Software\Fun Web Products
Clé supprimée: HKCU\Software\uptowninstaller
Clé supprimée: HKU\.DEFAULT\Software\MyWebSearch
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ClickPotato
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ShopperReports
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A3F8B7-228E-4ED8-895B-DE832B2C3959}
Clé supprimée: HKLM\Software\Classes\MIME\Database\Content Type\Application/x-f3embed
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|clickpotatolite@clickpotatolite.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|Shopperreports@shopperreports.com
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.12 (fr)] **
-- C:\Documents and Settings\Jacques Couillard\Application Data\Mozilla\FireFox\Profiles\uacafs5t.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\Jacques Couillard\\Mes documents\\Mes images
browser.search.defaultenginename, Bing
browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
browser.search.selectedEngine, Live Search
browser.startup.homepage, hxxp://www.cyberpresse.ca/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIZWG0&q=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 10 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 19/11/2010 (608 Octet(s))
Fin à: 22:28:13, 19/11/2010
============== E.O.F ==============
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5157
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-20 14:07:25
mbam-log-2010-11-20 (14-07-25).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 302563
Temps écoulé: 1 heure(s), 31 minute(s), 3 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 327
Processus mémoire infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (Malware.Packer.Gen) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{11c27351-716b-4052-9361-e3b0a3f8221c} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530 (Rogue.RegTool) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer116.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer119.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAAX.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSABHO.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAHook.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteUninstaller.exe.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QueryExplorer\queryexplorer.dll.vir (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QueryExplorer\queryexplorer.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\BRNstIE.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\CmndFF.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\CntntCntr.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\mozillaps.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\Pltfrm.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\ShopperReports.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\ShopperReportsUninstaller.exe.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShoppingReport2\Bin\2.7.27\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\webHancer\Programs\webhdll.dll.vir (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\webHancer\Programs\whinstaller.exe.vir (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\EV02\EV022328.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1406\A0661382.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1406\A0661383.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673850.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673867.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673868.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675328.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675346.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675320.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675321.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675329.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675330.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675331.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675332.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675334.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675336.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675337.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675338.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675339.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675340.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675341.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675343.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675345.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675347.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675348.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675349.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675352.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675354.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675363.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oocngc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owgotgvu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcgykqwe.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swqfdoxb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etzugs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfEWOHb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjrlpqqw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jcjialwu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uwhmcuwg.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcvpruyw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hffxrb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lmpjvpco.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ataqijnl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xqbbflfn.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyxYsPi.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ymybrxpl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qeauneeb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtdphc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dydysxta.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ebaamwfw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enrtts.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohhjjq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmnpfmjt.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\afpirjtv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bfyeutwu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blljrixj.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fcccaXRK.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssmkog.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\stxbeedk.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tkdypb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trnhga.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhcfnikd.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlxexfjv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfjmem.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfxkre.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lgustgcf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fxwfndhq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gerpkeip.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glrtfrrb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\obouwnii.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xiajxrds.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjpgel.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkangs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ic2\TK7622i.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vzb\WFOL778X6.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 01_55_41 PM_484.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 06_46_14 PM_656.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 11_17_18 PM_109.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs\2009-01-20 20-56-500.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs\2009-01-20 23-22-060.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-134.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-135.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-136.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-137.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-138.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-139.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-140.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-141.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-142.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-143.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-144.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-145.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-146.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-147.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-148.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-149.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-150.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-151.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-152.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-153.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-154.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-155.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-156.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-157.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-158.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-159.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-160.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-161.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-162.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-163.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-164.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-165.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-166.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-167.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-168.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-169.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-170.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-171.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-172.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-173.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-174.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-175.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-176.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-177.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-178.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-179.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-180.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-181.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-182.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-183.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-184.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-185.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-186.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-187.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-188.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-189.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-190.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-191.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-192.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-193.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-194.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-195.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-196.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-197.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-198.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-199.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-200.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-201.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-202.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-203.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-204.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-205.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-206.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-207.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-208.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-209.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-210.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-211.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-212.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-213.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-214.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-215.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-216.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-217.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-218.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-54.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\BM03b2883f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM03b2883f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 5157
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-20 14:07:25
mbam-log-2010-11-20 (14-07-25).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 302563
Temps écoulé: 1 heure(s), 31 minute(s), 3 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 327
Processus mémoire infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (Malware.Packer.Gen) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{11c27351-716b-4052-9361-e3b0a3f8221c} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530 (Rogue.RegTool) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer116.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer119.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSA.exe.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAAX.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSABHO.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteSAHook.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\ClickPotatoLiteUninstaller.exe.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QueryExplorer\queryexplorer.dll.vir (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QueryExplorer\queryexplorer.exe.vir (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\BRNstIE.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\CmndFF.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\CntntCntr.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\mozillaps.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\Pltfrm.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\ShopperReports.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\ShopperReportsUninstaller.exe.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShopperReports3\bin\3.0.491.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\ShoppingReport2\Bin\2.7.27\ShoppingReport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\webHancer\Programs\webhdll.dll.vir (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\webHancer\Programs\whinstaller.exe.vir (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\EV02\EV022328.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1406\A0661382.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1406\A0661383.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673850.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673867.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1447\A0673868.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675328.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675346.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675320.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675321.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675329.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675330.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675331.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675332.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675334.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675336.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675337.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675338.exe (Adware.QueryExplorer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675339.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675340.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675341.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675343.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675345.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675347.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675348.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675349.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675352.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675354.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1452\A0675363.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oocngc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owgotgvu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcgykqwe.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swqfdoxb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etzugs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfEWOHb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjrlpqqw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jcjialwu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uwhmcuwg.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcvpruyw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hffxrb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lmpjvpco.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ataqijnl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xqbbflfn.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyxYsPi.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ymybrxpl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qeauneeb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtdphc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dydysxta.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ebaamwfw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enrtts.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohhjjq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmnpfmjt.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\afpirjtv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bfyeutwu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blljrixj.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fcccaXRK.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssmkog.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\stxbeedk.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tkdypb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trnhga.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhcfnikd.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlxexfjv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfjmem.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfxkre.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lgustgcf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fxwfndhq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gerpkeip.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glrtfrrb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\obouwnii.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xiajxrds.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjpgel.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkangs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ic2\TK7622i.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vzb\WFOL778X6.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 01_55_41 PM_484.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 06_46_14 PM_656.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegistrySmart\Log\2009 Jan 19 - 11_17_18 PM_109.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs\2009-01-20 20-56-500.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\Logs\2009-01-20 23-22-060.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-134.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-135.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-136.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-137.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-138.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-139.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-140.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-141.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-142.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-143.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-144.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-145.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-146.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-147.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-148.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-149.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-150.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-151.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-152.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-153.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-154.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-155.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-156.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-157.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-158.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-159.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-160.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-161.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-162.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-163.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-164.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-165.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-166.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-167.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-168.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-169.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-170.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-171.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-172.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-173.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-174.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-175.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-176.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-177.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-178.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-179.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-180.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-181.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-182.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-183.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-184.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-185.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-186.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-187.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-188.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-189.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-190.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-191.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-192.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-193.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-194.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-195.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-196.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-197.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-198.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-199.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-200.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-201.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-202.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-203.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-204.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-205.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-206.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-207.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-208.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-209.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-210.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-211.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-212.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-213.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-214.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-215.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-216.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-217.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-218.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-54.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\RegTool\QuarantineW\2009-01-20 23-18-530\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jacques Couillard\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\BM03b2883f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM03b2883f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
Bonsoir
Vide la quarantaine de Malwaresbytes.
Ou en sont tes problèmes de lenteur?
Ce n'est pas fini...
@+
Vide la quarantaine de Malwaresbytes.
Ou en sont tes problèmes de lenteur?
Ce n'est pas fini...
@+
Allô j'ai branché ma clé Usb et refait le Usbfix
############################## | UsbFix 7.035 | [Suppression]
Utilisateur: Jacques Couillard (Administrateur) # JACQUES-002A52C [ ]
Mis à jour le 22/11/10 par El Desaparecido / C_XX
Lancé à 19:29:39 | 22/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
RAM -> 511 Mo
C:\ (%systemdrive%) -> Disque fixe # 153 Go (85 Go libre(s) - 56%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 2 Go (2 Go libre(s) - 99%) [KINGSTON] # FAT
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-507921405-630328440-682003330-1004
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[01/06/2009 - 21:59:16 | N | 1024] C:\.rnd
[28/03/2010 - 06:47:02 | D ] C:\050170e5004095dde40f58e493f3
[29/10/2007 - 23:26:46 | D ] C:\142ee
[29/10/2007 - 23:27:58 | D ] C:\1850a90
[04/03/2008 - 17:57:58 | D ] C:\24f875b87453a909bb1f61296f
[07/11/2007 - 08:50:59 | D ] C:\2b131ed5930018f065c54e66
[25/04/2010 - 11:46:27 | D ] C:\38885d18859a973b23
[29/10/2007 - 23:40:22 | D ] C:\3e50634f7abd08c90ee1dffd6158dc
[29/10/2007 - 23:36:59 | D ] C:\611036d61ec0e7e7d3ab
[29/10/2007 - 23:28:09 | D ] C:\71885337763b537
[29/10/2007 - 23:17:23 | D ] C:\787bd9140cc5b52c69
[29/10/2007 - 23:25:31 | D ] C:\89eeb9ef69b2b83d0958
[25/04/2010 - 11:46:26 | D ] C:\8d15696ed6c6bc8d849d9953cf48
[16/06/2009 - 14:07:49 | D ] C:\8fc166feaf6cae9d2d332368b433a2ef
[29/09/2008 - 12:37:27 | N | 608] C:\aaw7boot.log
[19/11/2010 - 22:28:13 | N | 7907] C:\Ad-Report-CLEAN[1].txt
[20/11/2010 - 07:17:26 | N | 2621] C:\Ad-Report-CLEAN[2].txt
[20/11/2010 - 10:39:06 | N | 2678] C:\Ad-Report-CLEAN[3].txt
[20/02/2008 - 14:01:10 | N | 0] C:\AdobeDebug.txt
[17/01/2009 - 12:17:27 | N | 667] C:\autoAlbum.log
[25/10/2010 - 17:59:32 | D ] C:\Autodesk
[29/10/2007 - 23:14:03 | N | 0] C:\AUTOEXEC.BAT
[20/11/2010 - 09:45:56 | RASHD ] C:\Autorun.inf
[16/07/2008 - 16:18:43 | D ] C:\avi
[31/10/2007 - 09:50:20 | D ] C:\b288402460e15f2918c610
[19/02/2009 - 09:07:45 | D ] C:\b52e15a999aee19be6bb7d0f6086
[04/03/2008 - 18:04:14 | N | 216] C:\Boot.bak
[19/11/2010 - 19:41:31 | N | 332] C:\boot.ini
[24/04/2003 - 08:00:00 | N | 4952] C:\Bootfont.bin
[29/10/2007 - 23:32:33 | D ] C:\c848eb141e00b35575
[30/10/2007 - 00:35:35 | D ] C:\CABS
[19/11/2010 - 19:41:31 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[19/11/2010 - 20:14:50 | N | 32230] C:\ComboFix.txt
[19/11/2010 - 22:34:35 | D ] C:\Config.Msi
[29/10/2007 - 23:14:03 | N | 0] C:\CONFIG.SYS
[25/04/2010 - 11:46:27 | D ] C:\Converted
[29/10/2007 - 23:42:09 | D ] C:\d589dcb0f9fa099470eacfc27fe4
[30/10/2007 - 00:01:21 | D ] C:\Documents and Settings
[15/03/2008 - 15:51:04 | D ] C:\Drivers
[23/07/2009 - 19:26:51 | D ] C:\Fichiers Movavi
[29/10/2007 - 23:14:03 | N | 0] C:\IO.SYS
[28/05/2008 - 11:13:45 | N | 183] C:\LogiSetup.log
[18/02/2010 - 18:52:17 | D ] C:\LOGITEMP
[06/10/2010 - 13:54:22 | D ] C:\MovieCloneTemp
[29/10/2007 - 23:14:03 | N | 0] C:\MSDOS.SYS
[30/01/2008 - 13:17:50 | RD ] C:\MSOCache
[09/12/2007 - 19:36:58 | D ] C:\My Music
[04/10/2010 - 23:01:15 | D ] C:\New DVD
[30/10/2007 - 08:52:41 | N | 47564] C:\NTDETECT.COM
[18/08/2008 - 19:08:13 | N | 252240] C:\ntldr
[21/02/2010 - 09:35:34 | D ] C:\OutputFolder
[22/11/2010 - 19:20:41 | ASH | 805306368] C:\pagefile.sys
[20/11/2010 - 11:20:54 | D ] C:\Program Files
[24/10/2010 - 16:41:37 | D ] C:\ProgramData
[01/11/2007 - 12:41:50 | D ] C:\QCSDK1
[19/11/2010 - 20:14:55 | D ] C:\Qoobox
[22/11/2010 - 19:34:12 | SHD ] C:\RECYCLER
[19/07/2009 - 15:06:32 | N | 268] C:\sqmdata00.sqm
[19/07/2009 - 15:25:29 | N | 268] C:\sqmdata01.sqm
[19/07/2009 - 15:39:29 | N | 268] C:\sqmdata02.sqm
[19/07/2009 - 15:53:54 | N | 268] C:\sqmdata03.sqm
[19/07/2009 - 19:14:18 | N | 268] C:\sqmdata04.sqm
[19/07/2009 - 22:01:47 | N | 268] C:\sqmdata05.sqm
[19/07/2009 - 22:08:13 | N | 268] C:\sqmdata06.sqm
[02/09/2009 - 00:05:10 | N | 268] C:\sqmdata07.sqm
[02/09/2009 - 00:26:12 | N | 268] C:\sqmdata08.sqm
[03/09/2009 - 06:41:05 | N | 268] C:\sqmdata09.sqm
[03/09/2009 - 14:42:31 | N | 268] C:\sqmdata10.sqm
[03/09/2009 - 15:08:51 | N | 268] C:\sqmdata11.sqm
[03/10/2009 - 00:23:36 | N | 268] C:\sqmdata12.sqm
[03/10/2009 - 12:14:12 | N | 268] C:\sqmdata13.sqm
[06/10/2009 - 11:19:57 | N | 268] C:\sqmdata14.sqm
[14/07/2009 - 23:44:50 | N | 268] C:\sqmdata15.sqm
[15/07/2009 - 15:42:23 | N | 268] C:\sqmdata16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmdata17.sqm
[17/07/2009 - 14:22:48 | N | 268] C:\sqmdata18.sqm
[19/07/2009 - 13:57:40 | N | 268] C:\sqmdata19.sqm
[19/07/2009 - 15:06:32 | N | 244] C:\sqmnoopt00.sqm
[19/07/2009 - 15:25:28 | N | 244] C:\sqmnoopt01.sqm
[19/07/2009 - 15:39:29 | N | 244] C:\sqmnoopt02.sqm
[19/07/2009 - 15:53:54 | N | 244] C:\sqmnoopt03.sqm
[19/07/2009 - 19:14:18 | N | 244] C:\sqmnoopt04.sqm
[19/07/2009 - 22:01:47 | N | 244] C:\sqmnoopt05.sqm
[19/07/2009 - 22:08:13 | N | 244] C:\sqmnoopt06.sqm
[02/09/2009 - 00:05:10 | N | 244] C:\sqmnoopt07.sqm
[02/09/2009 - 00:26:12 | N | 244] C:\sqmnoopt08.sqm
[03/09/2009 - 06:41:05 | N | 244] C:\sqmnoopt09.sqm
[03/09/2009 - 14:42:31 | N | 244] C:\sqmnoopt10.sqm
[03/09/2009 - 15:08:51 | N | 244] C:\sqmnoopt11.sqm
[03/10/2009 - 00:23:35 | N | 244] C:\sqmnoopt12.sqm
[03/10/2009 - 12:14:12 | N | 244] C:\sqmnoopt13.sqm
[06/10/2009 - 11:19:57 | N | 244] C:\sqmnoopt14.sqm
[14/07/2009 - 23:44:50 | N | 244] C:\sqmnoopt15.sqm
[15/07/2009 - 15:42:22 | N | 244] C:\sqmnoopt16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmnoopt17.sqm
[17/07/2009 - 14:22:47 | N | 244] C:\sqmnoopt18.sqm
[19/07/2009 - 13:57:40 | N | 244] C:\sqmnoopt19.sqm
[30/10/2007 - 10:02:46 | SHD ] C:\System Volume Information
[19/11/2010 - 20:01:30 | D ] C:\Temp
[13/05/2010 - 19:53:36 | D ] C:\temp_dvd
[24/02/2009 - 19:22:15 | N | 3661] C:\updatedatfix.log
[22/11/2010 - 19:34:12 | D ] C:\UsbFix
[22/11/2010 - 19:34:13 | A | 853] C:\UsbFix.txt
[20/11/2010 - 09:45:58 | N | 5100] C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
[18/06/2009 - 06:51:10 | D ] C:\USB_DRV
[22/11/2010 - 19:21:01 | D ] C:\WINDOWS
[12/03/2003 - 13:50:11 | N | 84] C:\WRX2546.bin
[21/10/2010 - 13:53:53 | N | 161] C:\_DICOM.LOG
[21/10/2010 - 13:53:55 | N | 194] C:\_OVERLAY.LOG
[16/01/2009 - 09:58:19 | N | 1524] C:\_Sid.txt
[04/10/2010 - 15:22:50 | D ] E:\EXPLOITATIOND'INFORMATION
[04/10/2010 - 15:22:44 | D ] E:\compétences 6
[12/11/2010 - 15:14:12 | N | 352256] E:\Présentation1.ppt
[17/11/2010 - 15:35:32 | N | 818] E:\plot.log
[29/01/2010 - 11:10:44 | N | 70336] E:\Échantillons des lignes 23.dwg
[18/11/2010 - 13:42:26 | N | 399934] E:\librairie 111.bak
[18/11/2010 - 15:39:56 | N | 495426] E:\librairie 111.dwg
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
############################## | UsbFix 7.035 | [Suppression]
Utilisateur: Jacques Couillard (Administrateur) # JACQUES-002A52C [ ]
Mis à jour le 22/11/10 par El Desaparecido / C_XX
Lancé à 19:29:39 | 22/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
RAM -> 511 Mo
C:\ (%systemdrive%) -> Disque fixe # 153 Go (85 Go libre(s) - 56%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 2 Go (2 Go libre(s) - 99%) [KINGSTON] # FAT
################## | Éléments infectieux |
Supprimé! C:\Recycler\S-1-5-21-507921405-630328440-682003330-1004
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[01/06/2009 - 21:59:16 | N | 1024] C:\.rnd
[28/03/2010 - 06:47:02 | D ] C:\050170e5004095dde40f58e493f3
[29/10/2007 - 23:26:46 | D ] C:\142ee
[29/10/2007 - 23:27:58 | D ] C:\1850a90
[04/03/2008 - 17:57:58 | D ] C:\24f875b87453a909bb1f61296f
[07/11/2007 - 08:50:59 | D ] C:\2b131ed5930018f065c54e66
[25/04/2010 - 11:46:27 | D ] C:\38885d18859a973b23
[29/10/2007 - 23:40:22 | D ] C:\3e50634f7abd08c90ee1dffd6158dc
[29/10/2007 - 23:36:59 | D ] C:\611036d61ec0e7e7d3ab
[29/10/2007 - 23:28:09 | D ] C:\71885337763b537
[29/10/2007 - 23:17:23 | D ] C:\787bd9140cc5b52c69
[29/10/2007 - 23:25:31 | D ] C:\89eeb9ef69b2b83d0958
[25/04/2010 - 11:46:26 | D ] C:\8d15696ed6c6bc8d849d9953cf48
[16/06/2009 - 14:07:49 | D ] C:\8fc166feaf6cae9d2d332368b433a2ef
[29/09/2008 - 12:37:27 | N | 608] C:\aaw7boot.log
[19/11/2010 - 22:28:13 | N | 7907] C:\Ad-Report-CLEAN[1].txt
[20/11/2010 - 07:17:26 | N | 2621] C:\Ad-Report-CLEAN[2].txt
[20/11/2010 - 10:39:06 | N | 2678] C:\Ad-Report-CLEAN[3].txt
[20/02/2008 - 14:01:10 | N | 0] C:\AdobeDebug.txt
[17/01/2009 - 12:17:27 | N | 667] C:\autoAlbum.log
[25/10/2010 - 17:59:32 | D ] C:\Autodesk
[29/10/2007 - 23:14:03 | N | 0] C:\AUTOEXEC.BAT
[20/11/2010 - 09:45:56 | RASHD ] C:\Autorun.inf
[16/07/2008 - 16:18:43 | D ] C:\avi
[31/10/2007 - 09:50:20 | D ] C:\b288402460e15f2918c610
[19/02/2009 - 09:07:45 | D ] C:\b52e15a999aee19be6bb7d0f6086
[04/03/2008 - 18:04:14 | N | 216] C:\Boot.bak
[19/11/2010 - 19:41:31 | N | 332] C:\boot.ini
[24/04/2003 - 08:00:00 | N | 4952] C:\Bootfont.bin
[29/10/2007 - 23:32:33 | D ] C:\c848eb141e00b35575
[30/10/2007 - 00:35:35 | D ] C:\CABS
[19/11/2010 - 19:41:31 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[19/11/2010 - 20:14:50 | N | 32230] C:\ComboFix.txt
[19/11/2010 - 22:34:35 | D ] C:\Config.Msi
[29/10/2007 - 23:14:03 | N | 0] C:\CONFIG.SYS
[25/04/2010 - 11:46:27 | D ] C:\Converted
[29/10/2007 - 23:42:09 | D ] C:\d589dcb0f9fa099470eacfc27fe4
[30/10/2007 - 00:01:21 | D ] C:\Documents and Settings
[15/03/2008 - 15:51:04 | D ] C:\Drivers
[23/07/2009 - 19:26:51 | D ] C:\Fichiers Movavi
[29/10/2007 - 23:14:03 | N | 0] C:\IO.SYS
[28/05/2008 - 11:13:45 | N | 183] C:\LogiSetup.log
[18/02/2010 - 18:52:17 | D ] C:\LOGITEMP
[06/10/2010 - 13:54:22 | D ] C:\MovieCloneTemp
[29/10/2007 - 23:14:03 | N | 0] C:\MSDOS.SYS
[30/01/2008 - 13:17:50 | RD ] C:\MSOCache
[09/12/2007 - 19:36:58 | D ] C:\My Music
[04/10/2010 - 23:01:15 | D ] C:\New DVD
[30/10/2007 - 08:52:41 | N | 47564] C:\NTDETECT.COM
[18/08/2008 - 19:08:13 | N | 252240] C:\ntldr
[21/02/2010 - 09:35:34 | D ] C:\OutputFolder
[22/11/2010 - 19:20:41 | ASH | 805306368] C:\pagefile.sys
[20/11/2010 - 11:20:54 | D ] C:\Program Files
[24/10/2010 - 16:41:37 | D ] C:\ProgramData
[01/11/2007 - 12:41:50 | D ] C:\QCSDK1
[19/11/2010 - 20:14:55 | D ] C:\Qoobox
[22/11/2010 - 19:34:12 | SHD ] C:\RECYCLER
[19/07/2009 - 15:06:32 | N | 268] C:\sqmdata00.sqm
[19/07/2009 - 15:25:29 | N | 268] C:\sqmdata01.sqm
[19/07/2009 - 15:39:29 | N | 268] C:\sqmdata02.sqm
[19/07/2009 - 15:53:54 | N | 268] C:\sqmdata03.sqm
[19/07/2009 - 19:14:18 | N | 268] C:\sqmdata04.sqm
[19/07/2009 - 22:01:47 | N | 268] C:\sqmdata05.sqm
[19/07/2009 - 22:08:13 | N | 268] C:\sqmdata06.sqm
[02/09/2009 - 00:05:10 | N | 268] C:\sqmdata07.sqm
[02/09/2009 - 00:26:12 | N | 268] C:\sqmdata08.sqm
[03/09/2009 - 06:41:05 | N | 268] C:\sqmdata09.sqm
[03/09/2009 - 14:42:31 | N | 268] C:\sqmdata10.sqm
[03/09/2009 - 15:08:51 | N | 268] C:\sqmdata11.sqm
[03/10/2009 - 00:23:36 | N | 268] C:\sqmdata12.sqm
[03/10/2009 - 12:14:12 | N | 268] C:\sqmdata13.sqm
[06/10/2009 - 11:19:57 | N | 268] C:\sqmdata14.sqm
[14/07/2009 - 23:44:50 | N | 268] C:\sqmdata15.sqm
[15/07/2009 - 15:42:23 | N | 268] C:\sqmdata16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmdata17.sqm
[17/07/2009 - 14:22:48 | N | 268] C:\sqmdata18.sqm
[19/07/2009 - 13:57:40 | N | 268] C:\sqmdata19.sqm
[19/07/2009 - 15:06:32 | N | 244] C:\sqmnoopt00.sqm
[19/07/2009 - 15:25:28 | N | 244] C:\sqmnoopt01.sqm
[19/07/2009 - 15:39:29 | N | 244] C:\sqmnoopt02.sqm
[19/07/2009 - 15:53:54 | N | 244] C:\sqmnoopt03.sqm
[19/07/2009 - 19:14:18 | N | 244] C:\sqmnoopt04.sqm
[19/07/2009 - 22:01:47 | N | 244] C:\sqmnoopt05.sqm
[19/07/2009 - 22:08:13 | N | 244] C:\sqmnoopt06.sqm
[02/09/2009 - 00:05:10 | N | 244] C:\sqmnoopt07.sqm
[02/09/2009 - 00:26:12 | N | 244] C:\sqmnoopt08.sqm
[03/09/2009 - 06:41:05 | N | 244] C:\sqmnoopt09.sqm
[03/09/2009 - 14:42:31 | N | 244] C:\sqmnoopt10.sqm
[03/09/2009 - 15:08:51 | N | 244] C:\sqmnoopt11.sqm
[03/10/2009 - 00:23:35 | N | 244] C:\sqmnoopt12.sqm
[03/10/2009 - 12:14:12 | N | 244] C:\sqmnoopt13.sqm
[06/10/2009 - 11:19:57 | N | 244] C:\sqmnoopt14.sqm
[14/07/2009 - 23:44:50 | N | 244] C:\sqmnoopt15.sqm
[15/07/2009 - 15:42:22 | N | 244] C:\sqmnoopt16.sqm
[15/07/2009 - 22:08:31 | N | 172] C:\sqmnoopt17.sqm
[17/07/2009 - 14:22:47 | N | 244] C:\sqmnoopt18.sqm
[19/07/2009 - 13:57:40 | N | 244] C:\sqmnoopt19.sqm
[30/10/2007 - 10:02:46 | SHD ] C:\System Volume Information
[19/11/2010 - 20:01:30 | D ] C:\Temp
[13/05/2010 - 19:53:36 | D ] C:\temp_dvd
[24/02/2009 - 19:22:15 | N | 3661] C:\updatedatfix.log
[22/11/2010 - 19:34:12 | D ] C:\UsbFix
[22/11/2010 - 19:34:13 | A | 853] C:\UsbFix.txt
[20/11/2010 - 09:45:58 | N | 5100] C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
[18/06/2009 - 06:51:10 | D ] C:\USB_DRV
[22/11/2010 - 19:21:01 | D ] C:\WINDOWS
[12/03/2003 - 13:50:11 | N | 84] C:\WRX2546.bin
[21/10/2010 - 13:53:53 | N | 161] C:\_DICOM.LOG
[21/10/2010 - 13:53:55 | N | 194] C:\_OVERLAY.LOG
[16/01/2009 - 09:58:19 | N | 1524] C:\_Sid.txt
[04/10/2010 - 15:22:50 | D ] E:\EXPLOITATIOND'INFORMATION
[04/10/2010 - 15:22:44 | D ] E:\compétences 6
[12/11/2010 - 15:14:12 | N | 352256] E:\Présentation1.ppt
[17/11/2010 - 15:35:32 | N | 818] E:\plot.log
[29/01/2010 - 11:10:44 | N | 70336] E:\Échantillons des lignes 23.dwg
[18/11/2010 - 13:42:26 | N | 399934] E:\librairie 111.bak
[18/11/2010 - 15:39:56 | N | 495426] E:\librairie 111.dwg
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JACQUES-002A52C.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5157
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-22 21:54:10
mbam-log-2010-11-22 (21-54-10).txt
Type d'examen: Examen complet (C:\|E:\|)
Elément(s) analysé(s): 302441
Temps écoulé: 1 heure(s), 40 minute(s), 26 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675580.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675600.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675613.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675624.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 5157
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-22 21:54:10
mbam-log-2010-11-22 (21-54-10).txt
Type d'examen: Examen complet (C:\|E:\|)
Elément(s) analysé(s): 302441
Temps écoulé: 1 heure(s), 40 minute(s), 26 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675580.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675600.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675613.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AB256344-1C1E-45A2-AB8C-733B0C782EFE}\RP1453\A0675624.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
Mon pc est beaucoup moins lent.
Je ne sait pas comment enlevé la protection en lecture des fichier usb comme le demande les programme pour scanner ma clé usb.
Crois-tu qu'elle est sans virus maintenant? J'aimerais savoir s'il y a un bon anti-virus que je pourrais essayer pour le mois et si je l'apprécie je pourrais l'acheter? A L'école les pc son infectés et je ramène le tout chez moi... Merci
Je ne sait pas comment enlevé la protection en lecture des fichier usb comme le demande les programme pour scanner ma clé usb.
Crois-tu qu'elle est sans virus maintenant? J'aimerais savoir s'il y a un bon anti-virus que je pourrais essayer pour le mois et si je l'apprécie je pourrais l'acheter? A L'école les pc son infectés et je ramène le tout chez moi... Merci
Bonsoir
Désinstalle Norton Security Scan ;si bien sur tu ne paies pas de licence pour ce produit.
Je te propose d'utiliser Antivir.
Ensuite lance une analyse complète de ton PC après mise à jour bien sur et poste moi ce rapport;merci.
@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
Désinstalle Norton Security Scan ;si bien sur tu ne paies pas de licence pour ce produit.
Je te propose d'utiliser Antivir.
Ensuite lance une analyse complète de ton PC après mise à jour bien sur et poste moi ce rapport;merci.
@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
Avira AntiVir Personal
Date de création du fichier de rapport : 24 novembre 2010 18:44
La recherche porte sur 3089492 souches de virus.
Le programme fonctionne en version intégrale illimitée.
Les services en ligne sont disponibles.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : Jacques Couillard
Nom de l'ordinateur : JACQUES-002A52C
Informations de version :
BUILD.DAT : 10.0.0.99 31821 Bytes 2010-08-27 08:04:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 2010-08-17 18:38:56
AVSCAN.DLL : 10.0.3.0 56168 Bytes 2010-08-17 18:39:10
LUKE.DLL : 10.0.2.3 104296 Bytes 2010-08-17 18:39:03
LUKERES.DLL : 10.0.0.0 13672 Bytes 2010-08-17 18:39:11
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 15:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 01:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 23:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 2010-01-26 22:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 2010-03-05 17:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 2010-04-15 18:39:06
VBASE006.VDF : 7.10.7.218 2294784 Bytes 2010-06-02 18:39:07
VBASE007.VDF : 7.10.9.165 4840960 Bytes 2010-07-23 18:39:09
VBASE008.VDF : 7.10.11.133 3454464 Bytes 2010-09-13 23:41:54
VBASE009.VDF : 7.10.13.80 2265600 Bytes 2010-11-02 23:42:03
VBASE010.VDF : 7.10.13.81 2048 Bytes 2010-11-02 23:42:04
VBASE011.VDF : 7.10.13.82 2048 Bytes 2010-11-02 23:42:04
VBASE012.VDF : 7.10.13.83 2048 Bytes 2010-11-02 23:42:04
VBASE013.VDF : 7.10.13.116 147968 Bytes 2010-11-04 23:42:05
VBASE014.VDF : 7.10.13.147 146944 Bytes 2010-11-07 23:42:06
VBASE015.VDF : 7.10.13.180 123904 Bytes 2010-11-09 23:42:06
VBASE016.VDF : 7.10.13.211 122368 Bytes 2010-11-11 23:42:07
VBASE017.VDF : 7.10.13.243 147456 Bytes 2010-11-15 23:42:08
VBASE018.VDF : 7.10.14.15 142848 Bytes 2010-11-17 23:42:09
VBASE019.VDF : 7.10.14.41 134144 Bytes 2010-11-19 23:42:10
VBASE020.VDF : 7.10.14.63 128000 Bytes 2010-11-22 23:42:10
VBASE021.VDF : 7.10.14.87 143872 Bytes 2010-11-24 23:42:11
VBASE022.VDF : 7.10.14.88 2048 Bytes 2010-11-24 23:42:11
VBASE023.VDF : 7.10.14.89 2048 Bytes 2010-11-24 23:42:12
VBASE024.VDF : 7.10.14.90 2048 Bytes 2010-11-24 23:42:12
VBASE025.VDF : 7.10.14.91 2048 Bytes 2010-11-24 23:42:12
VBASE026.VDF : 7.10.14.92 2048 Bytes 2010-11-24 23:42:12
VBASE027.VDF : 7.10.14.93 2048 Bytes 2010-11-24 23:42:12
VBASE028.VDF : 7.10.14.94 2048 Bytes 2010-11-24 23:42:13
VBASE029.VDF : 7.10.14.95 2048 Bytes 2010-11-24 23:42:13
VBASE030.VDF : 7.10.14.96 2048 Bytes 2010-11-24 23:42:13
VBASE031.VDF : 7.10.14.99 27136 Bytes 2010-11-24 23:42:13
Version du moteur : 8.2.4.112
AEVDF.DLL : 8.1.2.1 106868 Bytes 2010-08-17 18:38:53
AESCRIPT.DLL : 8.1.3.47 1294716 Bytes 2010-11-24 23:42:28
AESCN.DLL : 8.1.7.2 127349 Bytes 2010-11-24 23:42:27
AESBX.DLL : 8.1.3.2 254324 Bytes 2010-11-24 23:42:29
AERDL.DLL : 8.1.9.2 635252 Bytes 2010-11-24 23:42:26
AEPACK.DLL : 8.2.3.11 471416 Bytes 2010-11-24 23:42:25
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 2010-11-24 23:42:23
AEHEUR.DLL : 8.1.2.44 3076471 Bytes 2010-11-24 23:42:23
AEHELP.DLL : 8.1.14.0 246134 Bytes 2010-11-24 23:42:18
AEGEN.DLL : 8.1.4.2 401781 Bytes 2010-11-24 23:42:17
AEEMU.DLL : 8.1.3.0 393589 Bytes 2010-11-24 23:42:16
AECORE.DLL : 8.1.18.1 196984 Bytes 2010-11-24 23:42:16
AEBB.DLL : 8.1.1.0 53618 Bytes 2010-08-17 18:38:45
AVWINLL.DLL : 10.0.0.0 19304 Bytes 2010-08-17 18:38:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 2010-08-17 18:38:55
AVREP.DLL : 10.0.0.8 62209 Bytes 2010-06-17 20:27:52
AVREG.DLL : 10.0.3.2 53096 Bytes 2010-08-17 18:38:56
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 2010-08-17 18:38:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 2010-08-17 18:38:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 2010-08-17 18:38:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 2010-06-17 20:28:02
AVSMTP.DLL : 10.0.0.17 63848 Bytes 2010-08-17 18:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2010-06-17 20:28:01
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 2010-02-11 06:23:03
RCTEXT.DLL : 10.0.58.0 99688 Bytes 2010-08-17 18:39:11
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Bref contrôle système après installation
Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : 24 novembre 2010 18:44
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avshadow.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jucheck.exe' - '1' module(s) sont contrôlés
Processus de recherche 'plugin-container.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqgpc01.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqbam08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqSTE08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SetClip.exe' - '1' module(s) sont contrôlés
Processus de recherche 'COCIManager.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SPUVolumeWatcher.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsnfier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RFTRay.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Hyperappel.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'bwgo000098e4.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WeatherEye.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Gestionnaire Antidote.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HPWuSchd2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ReminderApp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DLACTRLW.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'LogiTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComS.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Quickcam.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Communications_Helper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PRISMXL.SYS' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Explorer.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '1848' fichiers).
Fin de la recherche : 24 novembre 2010 18:45
Temps nécessaire: 01:40 Minute(s)
La recherche a été effectuée intégralement
0 Les répertoires ont été contrôlés
2350 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de scanner des fichiers
2350 Fichiers non infectés
5 Les archives ont été contrôlées
0 Avertissements
0 Consignes
Date de création du fichier de rapport : 24 novembre 2010 18:44
La recherche porte sur 3089492 souches de virus.
Le programme fonctionne en version intégrale illimitée.
Les services en ligne sont disponibles.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : Jacques Couillard
Nom de l'ordinateur : JACQUES-002A52C
Informations de version :
BUILD.DAT : 10.0.0.99 31821 Bytes 2010-08-27 08:04:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 2010-08-17 18:38:56
AVSCAN.DLL : 10.0.3.0 56168 Bytes 2010-08-17 18:39:10
LUKE.DLL : 10.0.2.3 104296 Bytes 2010-08-17 18:39:03
LUKERES.DLL : 10.0.0.0 13672 Bytes 2010-08-17 18:39:11
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 15:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 01:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 23:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 2010-01-26 22:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 2010-03-05 17:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 2010-04-15 18:39:06
VBASE006.VDF : 7.10.7.218 2294784 Bytes 2010-06-02 18:39:07
VBASE007.VDF : 7.10.9.165 4840960 Bytes 2010-07-23 18:39:09
VBASE008.VDF : 7.10.11.133 3454464 Bytes 2010-09-13 23:41:54
VBASE009.VDF : 7.10.13.80 2265600 Bytes 2010-11-02 23:42:03
VBASE010.VDF : 7.10.13.81 2048 Bytes 2010-11-02 23:42:04
VBASE011.VDF : 7.10.13.82 2048 Bytes 2010-11-02 23:42:04
VBASE012.VDF : 7.10.13.83 2048 Bytes 2010-11-02 23:42:04
VBASE013.VDF : 7.10.13.116 147968 Bytes 2010-11-04 23:42:05
VBASE014.VDF : 7.10.13.147 146944 Bytes 2010-11-07 23:42:06
VBASE015.VDF : 7.10.13.180 123904 Bytes 2010-11-09 23:42:06
VBASE016.VDF : 7.10.13.211 122368 Bytes 2010-11-11 23:42:07
VBASE017.VDF : 7.10.13.243 147456 Bytes 2010-11-15 23:42:08
VBASE018.VDF : 7.10.14.15 142848 Bytes 2010-11-17 23:42:09
VBASE019.VDF : 7.10.14.41 134144 Bytes 2010-11-19 23:42:10
VBASE020.VDF : 7.10.14.63 128000 Bytes 2010-11-22 23:42:10
VBASE021.VDF : 7.10.14.87 143872 Bytes 2010-11-24 23:42:11
VBASE022.VDF : 7.10.14.88 2048 Bytes 2010-11-24 23:42:11
VBASE023.VDF : 7.10.14.89 2048 Bytes 2010-11-24 23:42:12
VBASE024.VDF : 7.10.14.90 2048 Bytes 2010-11-24 23:42:12
VBASE025.VDF : 7.10.14.91 2048 Bytes 2010-11-24 23:42:12
VBASE026.VDF : 7.10.14.92 2048 Bytes 2010-11-24 23:42:12
VBASE027.VDF : 7.10.14.93 2048 Bytes 2010-11-24 23:42:12
VBASE028.VDF : 7.10.14.94 2048 Bytes 2010-11-24 23:42:13
VBASE029.VDF : 7.10.14.95 2048 Bytes 2010-11-24 23:42:13
VBASE030.VDF : 7.10.14.96 2048 Bytes 2010-11-24 23:42:13
VBASE031.VDF : 7.10.14.99 27136 Bytes 2010-11-24 23:42:13
Version du moteur : 8.2.4.112
AEVDF.DLL : 8.1.2.1 106868 Bytes 2010-08-17 18:38:53
AESCRIPT.DLL : 8.1.3.47 1294716 Bytes 2010-11-24 23:42:28
AESCN.DLL : 8.1.7.2 127349 Bytes 2010-11-24 23:42:27
AESBX.DLL : 8.1.3.2 254324 Bytes 2010-11-24 23:42:29
AERDL.DLL : 8.1.9.2 635252 Bytes 2010-11-24 23:42:26
AEPACK.DLL : 8.2.3.11 471416 Bytes 2010-11-24 23:42:25
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 2010-11-24 23:42:23
AEHEUR.DLL : 8.1.2.44 3076471 Bytes 2010-11-24 23:42:23
AEHELP.DLL : 8.1.14.0 246134 Bytes 2010-11-24 23:42:18
AEGEN.DLL : 8.1.4.2 401781 Bytes 2010-11-24 23:42:17
AEEMU.DLL : 8.1.3.0 393589 Bytes 2010-11-24 23:42:16
AECORE.DLL : 8.1.18.1 196984 Bytes 2010-11-24 23:42:16
AEBB.DLL : 8.1.1.0 53618 Bytes 2010-08-17 18:38:45
AVWINLL.DLL : 10.0.0.0 19304 Bytes 2010-08-17 18:38:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 2010-08-17 18:38:55
AVREP.DLL : 10.0.0.8 62209 Bytes 2010-06-17 20:27:52
AVREG.DLL : 10.0.3.2 53096 Bytes 2010-08-17 18:38:56
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 2010-08-17 18:38:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 2010-08-17 18:38:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 2010-08-17 18:38:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 2010-06-17 20:28:02
AVSMTP.DLL : 10.0.0.17 63848 Bytes 2010-08-17 18:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2010-06-17 20:28:01
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 2010-02-11 06:23:03
RCTEXT.DLL : 10.0.58.0 99688 Bytes 2010-08-17 18:39:11
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Bref contrôle système après installation
Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : 24 novembre 2010 18:44
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avshadow.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jucheck.exe' - '1' module(s) sont contrôlés
Processus de recherche 'plugin-container.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqgpc01.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqbam08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqSTE08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SetClip.exe' - '1' module(s) sont contrôlés
Processus de recherche 'COCIManager.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SPUVolumeWatcher.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsnfier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RFTRay.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Hyperappel.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'bwgo000098e4.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WeatherEye.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Gestionnaire Antidote.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HPWuSchd2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ReminderApp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DLACTRLW.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'LogiTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComS.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Quickcam.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Communications_Helper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PRISMXL.SYS' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Explorer.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '1848' fichiers).
Fin de la recherche : 24 novembre 2010 18:45
Temps nécessaire: 01:40 Minute(s)
La recherche a été effectuée intégralement
0 Les répertoires ont été contrôlés
2350 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de scanner des fichiers
2350 Fichiers non infectés
5 Les archives ont été contrôlées
0 Avertissements
0 Consignes
Bonsoir
Relis bien le tutoriel proposé sur le site de téléchargement ;pour activer la recherche des rootkits.
1)Vide la quarantaine de Malwaresbytes.
2) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression] ()
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]
Il faut supprimer le fichier .exe manuellement.
3)C - Ccleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm
4)Purge la restauration comme ceci :
http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924
Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections
@+
Relis bien le tutoriel proposé sur le site de téléchargement ;pour activer la recherche des rootkits.
1)Vide la quarantaine de Malwaresbytes.
2) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression] ()
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]
Il faut supprimer le fichier .exe manuellement.
3)C - Ccleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm
4)Purge la restauration comme ceci :
http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924
Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections
@+
########## DelFix - Nettoyeur d'outils de désinfection ##########
#
# DelFix v6.5 - Rapport créé le 27/11/2010 à 21:02
# Mis à jour le 20/11/10 à 16h30 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : Jacques Couillard - JACQUES-002A52C (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Jacques Couillard\Mes documents\Téléchargements\DelFix(4).exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autre ~~~~~~
########## EOF - "C:\DelFixSuppr.txt" - [696 octets] ##########
#
# DelFix v6.5 - Rapport créé le 27/11/2010 à 21:02
# Mis à jour le 20/11/10 à 16h30 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : Jacques Couillard - JACQUES-002A52C (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Jacques Couillard\Mes documents\Téléchargements\DelFix(4).exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autre ~~~~~~
########## EOF - "C:\DelFixSuppr.txt" - [696 octets] ##########
Bonjour
As tu fais le reste ;Ccleaner et la purge de la restauration?
Un lien pour configurer correctement Antivir:https://www.malekal.com/avira-free-security-antivirus-gratuit/
@+
As tu fais le reste ;Ccleaner et la purge de la restauration?
Un lien pour configurer correctement Antivir:https://www.malekal.com/avira-free-security-antivirus-gratuit/
@+