Dialer italien idd129.tmp.exe

Fermé
ChadSmith Messages postés 3 Date d'inscription lundi 11 décembre 2006 Statut Membre Dernière intervention 11 décembre 2006 - 11 déc. 2006 à 07:43
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 12 déc. 2006 à 07:08
bonjour a tous j'ai chopper un virus qui est idd129.tmp.exe
je ne sais comment l'enlever et il m'enerve je suis nul en informatique....
meci d'avance

5 réponses

^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
11 déc. 2006 à 08:37
Salut

Fais un nettoyage de ton PC

Suis bien les tutos

Il est important d’effectuer la manip dans sa totalité et dans l’ordre :

Télécharge (sauf si tu les as) et colle les 3 rapports dans l’ordre

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :

https://www.avg.com/en-ww/free-antivirus-download

Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Copie/colle le rapport


E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier

F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++


0
ChadSmith Messages postés 3 Date d'inscription lundi 11 décembre 2006 Statut Membre Dernière intervention 11 décembre 2006
11 déc. 2006 à 20:49
avec spybot il n'affiche pas le rapport comment faire?
0
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
11 déc. 2006 à 20:51
Slt

Je ne te demande pas le rapport spybot !!!!

Lis bien...... lol

AVG
Bitdefender
Hitjakrhis

A++

0
ChadSmith Messages postés 3 Date d'inscription lundi 11 décembre 2006 Statut Membre Dernière intervention 11 décembre 2006
11 déc. 2006 à 21:03
Ad-Aware SE Build 1.06r1
Logfile Created on:lundi 11 décembre 2006 20:00:48
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R138 11.12.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.BHO(generic)(TAC index:3):30 total references
Adware.MyToolbar(TAC index:3):2 total references
Adware.Searchcolours(TAC index:4):4 total references
Possible Browser Hijack attempt(TAC index:3):1 total references
Tracking Cookie(TAC index:3):20 total references
Win32.Hacktool.ToolEvId(TAC index:3):1 total references
Win32.Trojan.Downloader(TAC index:10):3 total references
Win32.TrojanDownloader.Delf(TAC index:10):2 total references
Win32.Trojandownloader.Zlob(TAC index:10):17 total references
Virtumonde(TAC index:10):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


11-12-2006 20:00:48 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 544
ThreadCreationTime : 11-12-2006 18:31:06
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 608
ThreadCreationTime : 11-12-2006 18:31:12
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 632
ThreadCreationTime : 11-12-2006 18:31:12
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 676
ThreadCreationTime : 11-12-2006 18:31:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 712
ThreadCreationTime : 11-12-2006 18:31:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 11-12-2006 18:31:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 952
ThreadCreationTime : 11-12-2006 18:31:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1044
ThreadCreationTime : 11-12-2006 18:31:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1096
ThreadCreationTime : 11-12-2006 18:31:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1212
ThreadCreationTime : 11-12-2006 18:31:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1452
ThreadCreationTime : 11-12-2006 18:31:16
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1732
ThreadCreationTime : 11-12-2006 18:31:22
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

Adware.BHO(generic) Object Recognized!
Type : Process
Data : VSAdd-in.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Program Files\VSAdd-in\



#:13 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1824
ThreadCreationTime : 11-12-2006 18:31:25
BasePriority : Normal
FileVersion : 6.14.10.7184
ProductVersion : 6.14.10.7184
ProductName : NVIDIA Driver Helper Service, Version 71.84
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 71.84
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:14 [pavfires.exe]
FilePath : C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\
ProcessID : 1840
ThreadCreationTime : 11-12-2006 18:31:25
BasePriority : Normal
FileVersion : 1, 3, 0, 0
ProductVersion : 7, 5, 0, 0
ProductName : Platinum 7 Pavfires
CompanyName : Panda Software
FileDescription : Personal Firewall Service
InternalName : Pavfires
LegalCopyright : Panda Software Copyright © 2003
OriginalFilename : Pavfires.exe

#:15 [pavsrv51.exe]
FilePath : C:\Program Files\Panda Software\Panda Antivirus Platinum\
ProcessID : 1884
ThreadCreationTime : 11-12-2006 18:31:26
BasePriority : High
FileVersion : 6, 3, 0, 530
ProductVersion : 6.3
ProductName : Panda Antivirus
CompanyName : Panda Software
FileDescription : Panda Antivirus Service for Windows NT/2000
InternalName : pavsrv
LegalCopyright : Copyright © Panda Software 2003
OriginalFilename : pavsrv.exe

#:16 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1988
ThreadCreationTime : 11-12-2006 18:31:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:17 [avengine.exe]
FilePath : C:\Program Files\Panda Software\Panda Antivirus Platinum\
ProcessID : 164
ThreadCreationTime : 11-12-2006 18:31:30
BasePriority : Normal
FileVersion : 6, 3, 0, 492
ProductVersion : 6.3
ProductName : Panda Antivirus Windows NT/2000
CompanyName : Panda Software
FileDescription : Proceso análisis independiente
InternalName : avengine
LegalCopyright : Copyright © Panda Software 1990-2002
OriginalFilename : avengine.exe

#:18 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 288
ThreadCreationTime : 11-12-2006 18:31:31
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:19 [mmtask.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ProcessID : 1508
ThreadCreationTime : 11-12-2006 18:31:38
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
LegalCopyright : TODO: (c) <Company name>. All rights reserved.
OriginalFilename : mmtask.exe

#:20 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 1516
ThreadCreationTime : 11-12-2006 18:31:38
BasePriority : Normal
FileVersion : 8.00.0148
ProductVersion : 8.00.0148
ProductName : MUSICMATCH JUKEBOX
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © MUSICMATCH 1998-2003
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:21 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 740
ThreadCreationTime : 11-12-2006 18:31:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:22 [lvcomsx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1584
ThreadCreationTime : 11-12-2006 18:31:38
BasePriority : Normal
FileVersion : 8.4.2.1019
ProductVersion : 8.4.2.1019
ProductName : Labtec WebCam
CompanyName : Labtec Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : (c) 1996-2005 Labtec. All rights reserved.
OriginalFilename : LVComS.exe

#:23 [logitray.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 1644
ThreadCreationTime : 11-12-2006 18:31:39
BasePriority : Normal
FileVersion : 8.4.2.1019
ProductVersion : 8.4.2.1019
ProductName : Labtec WebCam
CompanyName : Labtec Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : (c) 1996-2005 Labtec. All rights reserved.
OriginalFilename : LogiTray.exe

#:24 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_09\bin\
ProcessID : 1720
ThreadCreationTime : 11-12-2006 18:31:41
BasePriority : Normal


#:25 [realsched.exe]
FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
ProcessID : 1832
ThreadCreationTime : 11-12-2006 18:31:43
BasePriority : Normal
FileVersion : 0.1.0.3760
ProductVersion : 0.1.0.3760
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:26 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1968
ThreadCreationTime : 11-12-2006 18:31:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:27 [apvxdwin.exe]
FilePath : C:\Program Files\Panda Software\Panda Antivirus Platinum\
ProcessID : 212
ThreadCreationTime : 11-12-2006 18:31:47
BasePriority : Normal
FileVersion : 2, 12, 12, 0
ProductVersion : 7.00
ProductName : Panda Antivirus Platinum
CompanyName : Panda Software International
FileDescription : Platinum permanent protection
InternalName : Apvxdwin.exe

#:28 [lxcgmon.exe]
FilePath : C:\Program Files\Lexmark 2300 Series\
ProcessID : 408
ThreadCreationTime : 11-12-2006 18:31:48
BasePriority : Normal
FileVersion : 2.6.62.11
ProductVersion : 2.6.62.11
ProductName : Lexmark Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Device Monitor
InternalName : lxcgmon.exe
LegalCopyright : (C) 2002 Lexmark International, Inc.
OriginalFilename : lxcgmon.exe

#:29 [ezprint.exe]
FilePath : C:\Program Files\Lexmark 2300 Series\
ProcessID : 500
ThreadCreationTime : 11-12-2006 18:31:50
BasePriority : Normal
FileVersion : 1.0.5.0
ProductVersion : 1.0.5.0
ProductName : Lexmark Fast Pics Application
CompanyName : Lexmark International Inc.
FileDescription : Lexmark Fast Pics Application
InternalName : Lexmark Fast Pics
LegalCopyright : Copyright (C) 2004
OriginalFilename : ezprint.exe

#:30 [update.exe]
FilePath : C:\Program Files\Fichiers communs\{38BE808D-0876-1036-0902-040202050021}\
ProcessID : 1524
ThreadCreationTime : 11-12-2006 18:31:56
BasePriority : Normal


Win32.Trojan.Downloader Object Recognized!
Type : Process
Data : Update.exe
TAC Rating : 10
Category : Malware
Comment : Update.exe.dmp
Object : C:\Program Files\Fichiers communs\{38BE808D-0876-1036-0902-040202050021}\


Warning! Win32.Trojan.Downloader Object found in memory(C:\Program Files\Fichiers communs\{38BE808D-0876-1036-0902-040202050021}\Update.exe)

"C:\Program Files\Fichiers communs\{38BE808D-0876-1036-0902-040202050021}\Update.exe"Process terminated successfully
"C:\Program Files\Fichiers communs\{38BE808D-0876-1036-0902-040202050021}\Update.exe"Process terminated successfully

#:31 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2100
ThreadCreationTime : 11-12-2006 18:32:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:32 [quickaccess.exe]
FilePath : C:\Program Files\neuf telecom\neuf Box\Wizard\
ProcessID : 2304
ThreadCreationTime : 11-12-2006 18:32:05
BasePriority : Normal
FileVersion : 1.0.0.56
ProductVersion : 1.0.0.0
ProductName : Agent QuickAccess Cegetel Sagem
CompanyName : Terra Virtual
FileDescription : Agent QuickAccess Cegetel Sagem
InternalName : Agent QuickAccess Cegetel Sagem
LegalCopyright : © Terra Virtual
OriginalFilename : Agent QuickAccess Cegetel Sagem

#:33 [fxsvr2.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 2368
ThreadCreationTime : 11-12-2006 18:32:05
BasePriority : Normal
FileVersion : 8.4.2.1019
ProductVersion : 8.4.2.1019
ProductName : Labtec WebCam
CompanyName : Labtec Inc.
FileDescription : QuickCam Framework Server
InternalName : FxSvr.EXE
LegalCopyright : (c) 1996-2005 Labtec. All rights reserved.
OriginalFilename : FxSvr.EXE

#:34 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2384
ThreadCreationTime : 11-12-2006 18:32:06
BasePriority : Normal
FileVersion : 8.0.0812.00
ProductVersion : 8.0.0812
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:35 [steam.exe]
FilePath : C:\Program Files\Steam\
ProcessID : 2400
ThreadCreationTime : 11-12-2006 18:32:06
BasePriority : Normal
FileVersion : 1.0.0.0
ProductVersion : 1.0.0.0
ProductName : Steam
CompanyName : Valve Corporation
FileDescription : Steam
LegalCopyright : © Copyright 2000-2003 Valve Corporation All rights reserved.
OriginalFilename : Steam.exe

#:36 [winspool.exe]
FilePath : C:\WINDOWS\YMANTE~1\
ProcessID : 2488
ThreadCreationTime : 11-12-2006 18:32:08
BasePriority : Normal


#:37 [c?rss.exe]
FilePath : C:\WINDOWS\system32\?ppPatch\
ProcessID : 2512
ThreadCreationTime : 11-12-2006 18:32:09
BasePriority : Normal


#:38 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 2544
ThreadCreationTime : 11-12-2006 18:32:10
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:39 [pavproxy.exe]
FilePath : C:\Program Files\Panda Software\Panda Antivirus Platinum\
ProcessID : 2652
ThreadCreationTime : 11-12-2006 18:32:12
BasePriority : Normal
FileVersion : 3, 6, 10, 24
ProductVersion : 3, 6, 10, 24
ProductName : Mail Resident
CompanyName : Panda Software
FileDescription : PavProxy
InternalName : PavProxy
LegalCopyright : Copyright © 2002
OriginalFilename : PavProxy.exe

#:40 [kem.exe]
FilePath : C:\Program Files\Logitech\SetPoint\
ProcessID : 2744
ThreadCreationTime : 11-12-2006 18:32:16
BasePriority : Normal
FileVersion : 2.14.107
ProductVersion : 2.14.107
ProductName : SetPoint Files
CompanyName : Logitech Inc.
FileDescription : Logitech SetPoint
InternalName : SetPoint
LegalCopyright : (C) 2003 Logitech. All rights reserved.
LegalTrademarks : Logitech®, is a registered trademark of Logitech Inc.
OriginalFilename : KEM.exe
Comments : Created by the Productivity Software team

#:41 [khalmnpr.exe]
FilePath : C:\Program Files\Logitech\SetPoint\
ProcessID : 2844
ThreadCreationTime : 11-12-2006 18:32:17
BasePriority : Normal
FileVersion : 2.14.103
ProductVersion : 2.14.103
ProductName : Productivity Software Common Files
CompanyName : Logitech Inc.
FileDescription : Logitech Hardware Abstraction Layer
InternalName : SetPoint
LegalCopyright : (C) 2003 Logitech. All rights reserved.
LegalTrademarks : Logitech®, MouseWare® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : KHALMNPR.Exe
Comments : Created by the Productivity Software team

#:42 [lxcgcoms.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3092
ThreadCreationTime : 11-12-2006 18:32:26
BasePriority : High
FileVersion : 1.154.7.0
ProductVersion : 1.154.7.0
ProductName : Printer Communication System
FileDescription : Printer Communication System
InternalName : GN__coms.exe
OriginalFilename : GN__coms.exe

#:43 [win44.tmp.exe]
FilePath : C:\WINDOWS\TEMP\
ProcessID : 2416
ThreadCreationTime : 11-12-2006 18:55:16
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Universa Application
FileDescription : Universa Application
InternalName : Universa
LegalCopyright : Copyright (C) 2006
OriginalFilename : Universa.exe

#:44 [firefox.exe]
FilePath : C:\PROGRA~1\MOZILL~1\
ProcessID : 1260
ThreadCreationTime : 11-12-2006 18:56:22
BasePriority : Normal


#:45 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 2720
ThreadCreationTime : 11-12-2006 19:00:35
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 2


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{07d6c807-5aa2-420d-beaf-8fac74790512}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{5e47627b-d89e-442b-82a6-f2fab368621b}

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{5e47627b-d89e-442b-82a6-f2fab368621b}
Value : AppID

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{baa62b4f-5e59-40cc-b2ec-0e19b8776fa2}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e1412445-4ff8-410e-8d24-f2cf86b171a4}

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e1412445-4ff8-410e-8d24-f2cf86b171a4}
Value : AppID

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{42665363-98ba-40aa-9b0b-67ee68888942}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{baa62b4f-5e59-40cc-b2ec-0e19b8776fa2}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{43a1c50a-0683-4caf-8066-3184184dfdb9}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{46a4e9d9-b30e-452a-8157-dbbec8573b03}

Adware.MyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{569304ba-83ed-4cff-ac26-be3e482f7208}

Adware.MyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c6f2214e-0b54-45a9-b90d-7dd4ba45ed0b}

Adware.Searchcolours Object Recognized!
Type : Regkey
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{74dd705d-6834-439c-a735-a6dbe2677452}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0c25003b-f5c9-4c24-a5f8-5bee543a562c}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3b021ad8-9999-4efe-8203-36a5b09117d7}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3c975d06-9239-4a00-9f1a-c3c337912f22}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{413d2fa5-98cd-4078-98c1-c3ae775ef050}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{46722628-c282-4fdf-814d-5b819c78e067}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{49a6d89f-4422-4474-a287-5fe1d6811a87}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66b01f8a-1d57-40e7-8c8d-d67d06662577}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7588c5e3-9c6e-4cfe-884f-71bf8383621a}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8122d5a8-dc59-4ab8-9c02-cf66e10641c2}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8fb11528-3a97-45fe-beaa-1a1fc4ee45f5}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8fe88dc0-e1ec-43e3-b70e-d3246f4d1899}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a25f0022-c2fc-4ea0-abba-2bfe4635bd68}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bdc75ad7-a8a5-4f25-be36-a4db971c7541}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c49930c7-abf8-43b4-a7b7-98013dd6abe6}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{eca9fbff-5415-4440-a92b-03e8ca7b9828}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f7996a4a-b172-4c1a-85d0-19ab61c9c512}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{e1412445-4ff8-410e-8d24-f2cf86b171a4}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{46a4e9d9-b30e-452a-8157-dbbec8573b03}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{74dd705d-6834-439c-a735-a6dbe2677452}

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{74dd705d-6834-439c-a735-a6dbe2677452}
Value : UninstallString

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 33
Objects found so far: 35


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : S-1-5-21-1644491937-413027322-725345543-1004\Software\Microsoft\Internet Explorer\MainStart Pagerunonce.msn.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://runonce.msn.com/?v=msgrv75"
TAC Rating : 4
Category : Adware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1644491937-413027322-725345543-1004\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://runonce.msn.com/?v=msgrv75"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 36

Adware.Searchcolours Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\toolbar
Value : {74dd705d-6834-439c-a735-a6dbe2677452}

Adware.Searchcolours Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1644491937-413027322-725345543-1004\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {74dd705d-6834-439c-a735-a6dbe2677452}


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:chadsmith@bluestreak.com/
Expires : 08-12-2016 13:11:54
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:chadsmith@atdmt.com/
Expires : 07-12-2011 01:00:00
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@weborama[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:36
Value : Cookie:chadsmith@weborama.fr/
Expires : 07-06-2007 01:02:58
LastSync : Hits:36
UseCount : 0
Hits : 36

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chadsmith@tradedoubler.com/
Expires : 05-12-2026 11:09:16
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@www.smartadserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:chadsmith@www.smartadserver.com/
Expires : 06-12-2026 18:12:28
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:chadsmith@doubleclick.net/
Expires : 08-12-2009 12:49:18
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:chadsmith@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@rotator.adjuggler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:chadsmith@rotator.adjuggler.com/
Expires : 06-12-2016 19:58:46
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:chadsmith@2o7.net/
Expires : 08-12-2011 12:04:54
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@real[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:chadsmith@real.com/
Expires : 09-12-2007 13:09:40
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@adserver.aol[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chadsmith@adserver.aol.fr/
Expires : 06-12-2016 10:27:42
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chadsmith@estat.com/
Expires : 05-12-2016 22:52:08
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:chadsmith@247realmedia.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chadsmith@mediaplex.com/
Expires : 22-06-2009 01:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@~~local~~[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:34
Value : Cookie:chadsmith@~~local~~/
Expires : 23-12-2006 19:19:46
LastSync : Hits:34
UseCount : 0
Hits : 34

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chadsmith@fl01.ct2.comclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:97
Value : Cookie:chadsmith@fl01.ct2.comclick.com/
Expires : 10-01-2029 01:00:00
LastSync : Hits:97
UseCount : 0
Hits : 97

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 16
Objects found so far: 54



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fhares@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Fhares\Cookies\fhares@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fhares@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Fhares\Cookies\fhares@atdmt[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fhares@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Fhares\Cookies\fhares@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fhares@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Fhares\Cookies\fhares@weborama[2].txt

Win32.TrojanDownloader.Delf Object Recognized!
Type : File
Data : Downloader.exe
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Program Files\PeDevice\



Win32.TrojanDownloader.Delf Object Recognized!
Type : File
Data : Preparation.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Program Files\PeDevice\



Win32.Hacktool.ToolEvId Object Recognized!
Type : File
Data : A0003922.exe
TAC Rating : 3
Category : Misc
Comment :
Object : C:\System Volume Information\_restore{93E3250E-2585-4707-B629-2555141D528E}\RP19\



Virtumonde Object Recognized!
Type : File
Data : nnnljhi.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\WINDOWS\system32\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 62


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 62




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\pedev.dll

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : pae_bho.pedev_ielistener

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : pae_bho.pedev_ielistener.1

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : pedev_bho.pedev

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : pedev_bho.pedev.1

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : Account Name

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Server

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP URL

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Search Return

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Timeout

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Authentication

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Simple Search

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet account manager\accounts\bigfoot
Value : LDAP Logo

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\search toolbar corp

Win32.Trojan.Downloader Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\adwaredisablekey3

Win32.Trojan.Downloader Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\adwaredisablekey3

Adware.Searchcolours Object Recognized!
Type : Folder
TAC Rating : 4
Category : Adware
Comment : Adware.Searchcolours
Object : C:\Program Files\VSAdd-in

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tcpip\parameters
Value : NameServer

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 19
Objects found so far: 81

20:09:26 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:38.0
Objects scanned:115956
Objects identified:80
Objects ignored:0
New critical objects:80





ensuite cleanup

C:\WINDOWS\temp\win41D.tmp - deleted
C:\WINDOWS\temp\win41E.tmp - deleted
C:\WINDOWS\temp\win41F.tmp - deleted
C:\WINDOWS\temp\win42.tmp - deleted
C:\WINDOWS\temp\win420.tmp - deleted
C:\WINDOWS\temp\win421.tmp - deleted
C:\WINDOWS\temp\win422.tmp - deleted
C:\WINDOWS\temp\win423.tmp - deleted
C:\WINDOWS\temp\win424.tmp - deleted
C:\WINDOWS\temp\win425.tmp - deleted
C:\WINDOWS\temp\win426.tmp - deleted
C:\WINDOWS\temp\win427.tmp - deleted
C:\WINDOWS\temp\win428.tmp - deleted
C:\WINDOWS\temp\win429.tmp - deleted
C:\WINDOWS\temp\win42A.tmp - deleted
C:\WINDOWS\temp\win42C.tmp - deleted
C:\WINDOWS\temp\win42D.tmp - deleted
C:\WINDOWS\temp\win42E.tmp - deleted
C:\WINDOWS\temp\win42F.tmp - deleted
C:\WINDOWS\temp\win43.tmp - deleted
C:\WINDOWS\temp\win430.tmp - deleted
C:\WINDOWS\temp\win431.tmp - deleted
C:\WINDOWS\temp\win432.tmp - deleted
C:\WINDOWS\temp\win433.tmp - deleted
C:\WINDOWS\temp\win434.tmp - deleted
C:\WINDOWS\temp\win435.tmp - deleted
C:\WINDOWS\temp\win436.tmp - deleted
C:\WINDOWS\temp\win437.tmp - deleted
C:\WINDOWS\temp\win438.tmp - deleted
C:\WINDOWS\temp\win439.tmp - deleted
C:\WINDOWS\temp\win43A.tmp - deleted
C:\WINDOWS\temp\win43B.tmp - deleted
C:\WINDOWS\temp\win43C.tmp - deleted
C:\WINDOWS\temp\win43D.tmp - deleted
C:\WINDOWS\temp\win43E.tmp - deleted
C:\WINDOWS\temp\win43F.tmp - deleted
C:\WINDOWS\temp\win44.tmp - deleted
C:\WINDOWS\temp\win44.tmp.exe - deleted
C:\WINDOWS\temp\win440.tmp - deleted
C:\WINDOWS\temp\win441.tmp - deleted
C:\WINDOWS\temp\win443.tmp - deleted
C:\WINDOWS\temp\win444.tmp - deleted
C:\WINDOWS\temp\win445.tmp - deleted
C:\WINDOWS\temp\win446.tmp - deleted
C:\WINDOWS\temp\win447.tmp - deleted
C:\WINDOWS\temp\win448.tmp - deleted
C:\WINDOWS\temp\win449.tmp - deleted
C:\WINDOWS\temp\win44A.tmp - deleted
C:\WINDOWS\temp\win44B.tmp - deleted
C:\WINDOWS\temp\win44C.tmp - deleted
C:\WINDOWS\temp\win44D.tmp - deleted
C:\WINDOWS\temp\win44E.tmp - deleted
C:\WINDOWS\temp\win44F.tmp - deleted
C:\WINDOWS\temp\win45.tmp - deleted
C:\WINDOWS\temp\win450.tmp - deleted
C:\WINDOWS\temp\win451.tmp - deleted
C:\WINDOWS\temp\win452.tmp - deleted
C:\WINDOWS\temp\win453.tmp - deleted
C:\WINDOWS\temp\win454.tmp - deleted
C:\WINDOWS\temp\win455.tmp - deleted
C:\WINDOWS\temp\win456.tmp - deleted
C:\WINDOWS\temp\win457.tmp - deleted
C:\WINDOWS\temp\win458.tmp - deleted
C:\WINDOWS\temp\win45A.tmp - deleted
C:\WINDOWS\temp\win45B.tmp - deleted
C:\WINDOWS\temp\win45C.tmp - deleted
C:\WINDOWS\temp\win45D.tmp - deleted
C:\WINDOWS\temp\win45E.tmp - deleted
C:\WINDOWS\temp\win45F.tmp - deleted
C:\WINDOWS\temp\win46.tmp - deleted
C:\WINDOWS\temp\win460.tmp - deleted
C:\WINDOWS\temp\win461.tmp - deleted
C:\WINDOWS\temp\win462.tmp - deleted
C:\WINDOWS\temp\win463.tmp - deleted
C:\WINDOWS\temp\win464.tmp - deleted
C:\WINDOWS\temp\win465.tmp - deleted
C:\WINDOWS\temp\win466.tmp - deleted
C:\WINDOWS\temp\win467.tmp - deleted
C:\WINDOWS\temp\win468.tmp - deleted
C:\WINDOWS\temp\win469.tmp - deleted
C:\WINDOWS\temp\win46A.tmp - deleted
C:\WINDOWS\temp\win46B.tmp - deleted
C:\WINDOWS\temp\win46C.tmp - deleted
C:\WINDOWS\temp\win46D.tmp - deleted
C:\WINDOWS\temp\win46E.tmp - deleted
C:\WINDOWS\temp\win46F.tmp - deleted
C:\WINDOWS\temp\win47.tmp - deleted
C:\WINDOWS\temp\win470.tmp - deleted
C:\WINDOWS\temp\win471.tmp - deleted
C:\WINDOWS\temp\win472.tmp - deleted
C:\WINDOWS\temp\win473.tmp - deleted
C:\WINDOWS\temp\win474.tmp - deleted
C:\WINDOWS\temp\win475.tmp - deleted
C:\WINDOWS\temp\win476.tmp - deleted
C:\WINDOWS\temp\win477.tmp - deleted
C:\WINDOWS\temp\win478.tmp - deleted
C:\WINDOWS\temp\win479.tmp - deleted
C:\WINDOWS\temp\win47A.tmp - deleted
C:\WINDOWS\temp\win47B.tmp - deleted
C:\WINDOWS\temp\win47C.tmp - deleted
C:\WINDOWS\temp\win47D.tmp - deleted
C:\WINDOWS\temp\win47E.tmp - deleted
C:\WINDOWS\temp\win47F.tmp - deleted
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
12 déc. 2006 à 07:08
Salut

On continue
D/
E/
F/
Merci

0