Aidez moi, mon ordi boggue!!

kendoka15 Messages postés 371 Statut Membre -  
kendoka15 Messages postés 371 Statut Membre -
Bonjour, j'ai un ordi(heheh) et il est rendu fou, plein de pop-ups de trojan downloader, et autre, je veu juste que ça arrête!! Aidez moi svp?

Nimportequi?
Configuration: Windows XP
Internet Explorer 7.0
Plein de spyware-virus-autres

40 réponses

  • 1
  • 2
Résumé de la discussion

Un ordinateur sous Windows XP et Internet Explorer 7 est infesté par des pop-ups de trojan downloader et d'autres malwares, nécessitant une action de nettoyage urgente et méthodique. Des solutions essentielles impliquent des analyses avec Spybot et Spyware Blaster, l'usage de BitDefender Online Scanner et Malwarebytes, puis HijackThis et OTMoveIt2 pour supprimer les éléments indésirables. En cas de résultats partiels, certains recommandent revenir à une version précédente d'imprimante, désinstaller puis réinstaller les barres d'outils indésirables, et nettoyer les entrées d'exécution. Des conseils complémentaires insistent sur la sauvegarde des rapports d'analyse et la relance des scans après redémarrage, tout en renforçant les paramètres de sécurité et les extensions du navigateur.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    salut kendoka15,

    Bienvenue dans la communauté CCM,

    Quels noms ou quels type ces popup?
    De faux programme de protection doivent vous envoyer des messages comme quoi vous êtes infecté.

    Exécuter et Télécharger Spybot - Spywareblaster
    ------------------------
    1a- Cliquer sur Spybot pour télécharger la dernière version 1.5 (septembre 2007)
    Après installation cliquer sur Rechercher les Mises à Jour, cocher les MàJ , télécharger les MàJ.

    La première fois redémarrer en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): image menu M.S.E.
    Si problème consulter le Tuto ici

    Redémarrer Spybot, cliquer sur Vérifier tout, Purger les éléments sélectionner, puis ***Vacciner***
    Le tutorial très complet http://www.safer-networking.org/fr/tutorial/index.html

    1b- Cliquer sur Spywareblaster pour le télécharger
    Après l’installation et la configuration, il suffit de faire les mises à jour il s’occupe du reste (Incompatible Vista).
    Le tutorial très complet ICI (merci à 01net.com)

    -------------
    2- Suivre les instructions pour télécharger et exécuter MalwareBytes_AntiMalware:
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    Après installation fermer vos programmes et votre navigateur:

    * MBAM se met automatiquement à jour en fin d'installation

    * Dans l'onglet analyse, vérifie que "Exécuter une analyse rapide" n'est pas coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    * Si des malwares ont été détectés, leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    * MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    *Le coller dans le prochain message

    * Pour terminer le nettoyage tu auras peut être besoin de redémarrer.

    Ensuite
    -------------
    Cliquer sur HiJackThis pour télécharger (la dernière version) sur votre bureau :
    - Le tutoriel ici (ancienne version) : https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

    - Installer le sur un répertoire dédié (pas un dossier temporaire).
    - Double-clic sur Hijackthis.exe.
    - Cliquer sur Do a scan and save log file.
    - Le rapport s'ouvre sur le Bloc-Note , tout sélectionner (Ctrl+A).
    - Copier (Ctrl+C) et Coller (Ctrl+V) le rapport dans le prochain message.

    Décalage horaire oblige, dodo time pour moi.
    Je consulterais les rapports demain.

    A+

    Denis
    0
    1. kendoka15 Messages postés 371 Statut Membre 17
       
      Merci^^

      Ouais, j'ai des pages qui me disent que j'ai du spyware et autres, mon ordi crash des fois(moins souvent que le spyware) et les alertes poppent à toutes les 15-30 minutes

      Rapport MBAM:
      Malwarebytes' Anti-Malware 1.14
      Database version: 801

      14:43:24 2008-05-30
      mbam-log-5-30-2008 (14-43-24).txt

      Scan type: Full Scan (C:\|)
      Objects scanned: 136479
      Time elapsed: 51 minute(s), 32 second(s)

      Memory Processes Infected: 2
      Memory Modules Infected: 0
      Registry Keys Infected: 63
      Registry Values Infected: 2
      Registry Data Items Infected: 0
      Folders Infected: 17
      Files Infected: 227

      Memory Processes Infected:
      C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Unloaded process successfully.
      C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Unloaded process successfully.

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44a1-9f4543d34545} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Classes\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorertoolbar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Golden Palace Casino PT (Trojan.DNSChanger) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

      Registry Values Infected:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.

      Registry Data Items Infected:
      (No malicious items detected)

      Folders Infected:
      C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

      Files Infected:
      C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP470\A0188902.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190519.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190520.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190521.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP491\A0198665.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP495\A0199363.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\hkfejalc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\inabohgd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\mhebepwv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\Web\def.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
      C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
      C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32akttzn.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32anticipator.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32awtoolb.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32bdn.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32bsva-egihsg52.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32dpcproxy.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32emesx.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32h@tkeysh@@k.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32hoproxy.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32hxiwlgpm.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32hxiwlgpm.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32medup012.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32medup020.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32msgp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32msnbho.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32mssecu.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32msvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32mtr2.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32mwin32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32netode.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32newsd32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32ps1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32psof1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32psoft1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32regc64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32regm64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32Rundl1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32sncntr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32ssurf022.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32ssvchost.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32ssvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32sysreq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32taack.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32taack.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32temp#01.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32thun.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32thun32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32VBIEWER.OCX (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32vbsys2.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32vcatchpi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32winlogonpc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\System32WINWGPX.EXE (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.







      Rapport Hijackthis:
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 15:13:50, on 2008-05-30
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\WINDOWS\system32\bgsvcgen.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\CTsvcCDA.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\VTTimer.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\Common Files\System\smss.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
      O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
      O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
      O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [OM_Monitor] C:\Documents and Settings\Justine\Bureau\Justine\Monitor.exe (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [] (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
      O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
      O4 - Startup: autostart.exe
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O15 - Trusted Zone: https://www.travian.com/fr
      O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
      O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
      O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
      O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
      O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
      O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
      O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
      O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      0
  2. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    salut kendoka,

    - MBAM s'est fait plaisir sur ta machine il a bien travaillé ;-)
    Si tu as le temps passes MBAM en mode sans échec, pour voir pousser le nettoyage plus loin.

    - Tu n'as pas installé Spybot ou Spyware blaster?
    Si tu n'as pas pu avant le nettoyage avec MBAM, réessayes maintenant.
    Fais le également en M.S.E. pour Spybot.

    - Renvois ensuite un autre rapport HJThis car tu es encore infecté je te préparerais une procédure pour compléter le nettoyage.

    A+
    0
    1. kendoka15 Messages postés 371 Statut Membre 17
       
      Merci, je vais le faire demain^^
      0
  3. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    Re,

    - Également tu pourras exécuter les procédures suivante.

    ------------------------
    4- Faire un scan en ligne (sous IE uniquement, cliquer sur la barre jaune clair qui s'affiche un peu en dessous de la barre d'adresse et accepter le module activeX) :
    Bitdefender http://www.bitdefender.fr/scan_fr/scan8/ie.html
    Coller le rapport si il y a détection d'une infection autre que des cookies.

    ------------------------
    5- De nombreuses infections utilisent les ordinateurs infectés comme serveurs distant ou autre gentillesse du genre, usurpation d'identité. Pour contrer ce genre d'attaque il faut un parefeu (Celui de windows est inefficace).
    je conseillerais Comodo 3.0 free : http://www.personalfirewall.comodo.com/download_firewall.html
    Bien consulter le Tutoriel (merci Malekal)

    ------------------------
    6- Mises à jours en particulier Adobe, Flash, et autres programmes.
    Updatechecker : https://filehippo.com/windows/tuning-utilities/
    Quelques détails ici pour l’installation en particulier de Framework:
    http://www.commentcamarche.net/faq/sujet 9908 update checker vos logiciels sont ils a jour#update checker la solution

    Pour les mises à Jour Java en particulier ici une version online de Secunia en anglais, mais il y a juste 1 ou 2 boutons à cliquer :
    https://www.flexera.com/products/operations/software-vulnerability-management.html
    Une petite explication dans ce lien (merci malekal).

    Et bien entendu windows update:
    http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=fr

    A+
    0
  4. kendoka15 Messages postés 371 Statut Membre 17
     
    Rapport Bit defender:
    BitDefender Online Scanner - Rapport virus en temps réel

    Généré à: Sat, May 31, 2008 - 12:33:54

    --------------------------------------------------------------------------------

    Info d'analyse

    Fichiers scannés
    82424

    Infectés Fichiers
    10

    Virus Détectés

    Adware.Netnucleus.B
    1

    Adware.Fotomoto.P
    1

    Adware.Rotator.D
    1

    Adware.Fotomoto.Gen
    5

    Application.Memedia.B
    1

    Application.Keylogger.Ardamax.G
    1

    --------------------------------------------------------------------------------

    Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

    Rapport hujackthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:08:06, on 2008-05-31
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.17184)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\COMODO\SafeSurf\cssurf.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Common Files\System\smss.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\winlogon.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [OM_Monitor] C:\Documents and Settings\Justine\Bureau\Justine\Monitor.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [] (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
    O4 - Startup: autostart.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.travian.com/fr
    O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
    O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
    O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
    O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
    O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    kendoka,

    - Tu n'as toujours pas installé Spybot et spyware blaster?
    Voir message 1.

    - J'aurais aimé avoir le reste du rapport Bitdefender si il a bien tout effacé, car le rapport indique juste ce le type d'infection qu'il a détecté sans autre détails.

    - Tu as installé Comodo c'est une bonne chose.

    - Tu as encore beaucoup d'infection as tu repassé MBAM en mode sans échec également?
    Il existait un outil pour enlever une partie de tes infections mais l'éditeur à demandé de retirer les liens, pas de raison donné pour le moment.
    Essayes au moins ceci: supprime par ajout suppression de programmes
    AskTBar
    Affiche les dossiers les fichiers cachés de XP : https://1map.com/fr/astwindscom
    ensuite va ici et supprime si encore présent le dossier en gras :
    C:\Program Files\AskTBar

    Ensuite
    ------------------------
    - Cliquer CCleaner (en français) pour nettoyer les fichiers temporaires, cookies... ainsi que les clefs de la base de registre inutile.

    Bien consulter son tutorial ICI
    Ensuite dans Options / Avancés, décocher : effacer uniquement les fichiers du répertoires temp de Windows de plus vieux que 48h.

    Bouton Nettoyer (s’assurer que dans l’onglet Windows la case Avancé est décoché), cliquer sur Analyse ensuite cliquer sur Lancer le nettoyage.

    Ensuite sur le bouton Registre (s’assurer que Intégrité du registre est coché) répéter 2 fois les étapes suivantes:
    Chercher les erreurs- Réparer les erreurs sélectionnées
    Ne pas oublier de sauvegarder au cas où il supprimerait une mauvaise clef (peu probable).

    Fichier de sauvegarde à effacer plus tard s’il n’y a pas de problème par la suite.

    - Un autre nettoyeur de registre Wise Registry Cleaner, télécharger et consulter son tutoriel ici :
    https://kerio.probb.fr/t1163-tuto-wise-registry-cleaner

    Je reviens plus tard ce week end,

    A+
    0
    1. kendoka15 Messages postés 371 Statut Membre 17
       
      1.J'ai installé spybot et spyware blaster
      2.Moi j'ai seulement Asktbar et il ne s'efface pas
      3. Bitdefender me donnait seulement cela
      4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
      0
  7. kendoka15 Messages postés 371 Statut Membre 17
     
    aha! j'ai trouvé le rapport bitdefender:

    Voie d'analyse: A:\;C:\;D:\;E:\;

    Statistiques

    Temps
    00:47:56

    Fichiers
    77665

    Directoires
    9189

    Secteurs de boot
    4

    Archives
    1270

    Paquets programmes
    6734

    Résultats

    Virus identifiés
    2

    Fichiers infectés
    2

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    2

    Info sur les moteurs

    Définition virus
    1255525

    Version des moteurs
    AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

    Analyse des plugins
    16

    Archive des plugins
    42

    Unpack des plugins
    7

    E-mail plugins
    6

    Système plugins
    5

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
    Détecté avec: Adware.Fotomoto.P

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
    Supprimé

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe
    Echec de la mise à jour

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
    Détecté avec: Adware.WinButler.A

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
    Supprimé

    0
  8. kendoka15 Messages postés 371 Statut Membre 17
     
    et le nouveau logiciel wise registry... , voici le errorlog:

    Time: 14:01:25 Problems:
    =======================================================================
    Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Microsoft Games\Pandora's Box Trial
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------
    Time: 14:01:33 Problems:
    =======================================================================
    Key: HKEY_CLASSES_ROOT\HeaderFooter.HeaderFooter.1
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------
    Time: 14:01:33 Problems:
    =======================================================================
    Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------
    Time: 14:01:33 Problems:
    =======================================================================
    Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------
    Time: 14:01:33 Problems:
    =======================================================================
    Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------
    Time: 14:01:33 Problems:
    =======================================================================
    Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
    Reason: Remove Key failed.
    ErrorCode:0
    -----------------------------------------------------------------------

    0
  9. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    salut kendoka,

    1.J'ai installé spybot et spyware blaster
    Tu as lancé une analyse Spybot en mode sans échec après la mise à jour puis Vacciner?

    2.Moi j'ai seulement Asktbar et il ne s'efface pas
    On va passer par un procédure un peu plus manuel.

    3. Bitdefender me donnait seulement cela
    Première fois que je vois un rapport Bitdefender si court ;-)

    4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
    Ok tu me diras si il a trouvé encore des infections en M.S.E.

    ------------
    Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:


    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
    O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')


    Comment fixer une ligne: (Merci a Balltrap34 pour cette réalisation vidéo)
     http://pageperso.aol.fr/balltrap34/demohijack.htm
    Fermer toutes tes applications et ton navigateur puis fix checked.

    ----------
    Télécharger OTMoveIt2(de Old_Timer) sur le Bureau. http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

    /!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

    Double cliquer sur OTMoveIt2.exe pour le lancer.
    Copier la liste de fichier ou de dossier qui se trouve en gras ci-dessous,
    et coller-la dans le cadre de gauche de OTMoveIt :
    Paste List of Files/Folders to be moved.


    C:\Program Files\AskSBar
    C:\WINDOWS\system32\azgruruj.exe
    C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe
    C:\WINDOWS\system32\utuvqpkb.exe
    C:\WINDOWS\system32\vcbwlklm.exe


    Cliquer sur MoveIt! pour lancer la suppression.
    Le résultat apparaîtra dans le cadre Results.
    Cliquer sur Exit pour fermer.

    Il sera peut-être demander de redémarrer le pc pour achever la suppression.
    Si c'est le cas accepter par Yes
    .

    Redémarres en M.S.E. puis exécutes CCleaner bouton Registre et Wise Cleaner.

    Et redémarres en mode normal.

    --> Poster le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)

    ------------
    • Si tu as installé messenger plus désinstalle le dans le panneau de configuration et réinstalle le sans les sponsors
    • Télécharger Lopxp (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup
    • Double cliquer sur Lopxpsetup.exe pour lancer l'installation
    • Au menu, choisir l'option 1
    • Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
    • Le contenu du rapport est situé dans : C:\Programfiles\Lopxp\cid.txt

    Désactive le tea timer de spybot

    • Aller dans : Démarrer > Exécuter puis copie/colle la ligne suivante en gras :
    o "%programfiles%\Lopxp\Lopxp.bat" /Fixme puis valide,
    • Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
    • Pour chaque fichier, il faudra accepter ( appuyer sur la touche y ) ou refuser ( appuyer sur la touche n ) la suppression afin d'éviter toute erreur d'interprétation de la partie suggestion.
    • Les sauvegardes de chaque suppression seront stockées dans le dossier C:\Programfiles\Lopxp\Sauvegardes

    Renvoyer le rapport dans le prochain message, si tu as un doute je te dirais quoi effacer mais il est vraiment exceptionnel que le rapport détecte un fichier valide.

    A+
    0
  10. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    kendoka,

    - Nos messages se sont croisés, quand tu auras fini l'autre procédure renvois un log HJThis.

    A+
    0
  11. kendoka15 Messages postés 371 Statut Membre 17
     
    quelle autre procédure?
    0
  12. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    kendoka,

    regardes plus haut ;-)
    message 11.
    nos messages ont été envoyé à 3min d'intervalles.

    A+
    0
  13. kendoka15 Messages postés 371 Statut Membre 17
     
    MBAM?
    0
  14. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    kendoka,

    Tu as déjà oublié je répondais à ton message.
    MBAM: MalwareBytes_AntiMalware

    A+
    0
  15. kendoka15 Messages postés 371 Statut Membre 17
     
    ah daccrod^^ j'étais melangé je le fais tout de suite
    0
  16. kendoka15 Messages postés 371 Statut Membre 17
     
    Rapport:

    # Rapport Lopxp fait le 2008-06-01 à 17:18:30
    # Exécuté dans : C:\Program Files\Lopxp
    # Version 3.10 - Maj du 11/04/2008

    Killing 'iexplore.exe'
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (1436)
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding (1740)
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:78337 (3156)

    ========== Listing des dossiers Application Data

    +- C:\Documents and Settings\Administrateur\Application Data

    2008-03-29 à 00:33:31 - Identities
    2008-05-30 à 13:31:11 - Microsoft

    +- C:\Documents and Settings\Administrateur\Local Settings\Application Data

    2008-05-30 à 13:31:12 - Microsoft

    +- C:\Documents and Settings\All Users\Application Data

    2008-05-31 à 16:57:02 - Adobe
    2007-09-03 à 20:45:25 - Adobe Systems
    2007-09-11 à 20:17:37 - Age of Empires 3 XPack Trial
    2008-04-26 à 19:15:59 - Age of Empires 3 YPack Trial
    2007-07-04 à 15:06:58 - Apple
    2007-08-13 à 14:22:50 - Apple Computer
    2007-10-30 à 20:44:38 - Autodesk
    2008-05-30 à 12:16:18 - avg8
    2007-08-20 à 14:23:06 - AVS4YOU
    2008-05-31 à 16:43:53 - comodo
    2007-06-28 à 00:58:52 - Creative
    2007-09-29 à 22:33:31 - GoBoingo
    2008-02-04 à 17:08:48 - Google
    2008-06-01 à 01:53:15 - Google Updater
    2008-04-01 à 00:30:19 - Hewlett-Packard
    2008-05-30 à 00:14:35 - krwpktuv
    2008-04-06 à 19:36:06 - LookMyPC
    2008-05-30 à 16:26:00 - Malwarebytes
    2007-10-27 à 21:29:42 - Messenger Plus!
    2008-05-06 à 21:02:25 - Microsoft
    2007-02-24 à 17:38:18 - MSN6
    2007-02-24 à 17:37:17 - Protexis
    2007-02-02 à 22:15:38 - QuickTime
    2007-02-01 à 00:05:34 - Shared Phrogram Files
    2008-05-30 à 13:29:17 - Skype
    2008-05-02 à 19:40:48 - soft chic meet great
    2008-05-30 à 15:59:07 - Spybot - Search & Destroy
    2008-05-09 à 21:36:17 - SUPERAntiSpyware.com
    2008-03-31 à 20:53:49 - SwiftKit
    2007-06-03 à 23:55:07 - SwiftSwitch
    2008-05-31 à 15:34:56 - TEMP
    2007-09-09 à 22:04:16 - Trymedia
    2007-03-06 à 13:14:33 - Windows Genuine Advantage
    2007-01-26 à 00:28:37 - Windows Live Toolbar
    2008-05-31 à 20:06:36 - WinZip
    2008-05-02 à 23:01:33 - WLInstaller
    2007-06-29 à 21:16:09 - YAHOO

    +- C:\Documents and Settings\Dom\Application Data

    2008-05-31 à 19:00:08 - Adobe
    2007-03-15 à 00:20:46 - Ahead
    2007-07-16 à 20:26:39 - Apple Computer
    2007-08-20 à 14:27:08 - AVSMedia
    2007-07-12 à 02:03:11 - BitTorrent
    2008-05-31 à 16:38:22 - Comodo
    2008-04-26 à 00:57:22 - Creative
    2008-03-29 à 22:09:22 - Download Manager
    2007-08-14 à 20:29:27 - Eclipsit
    2007-09-19 à 20:58:16 - Electronic Arts
    2007-10-04 à 21:56:55 - GetRightToGo
    2007-06-19 à 14:56:27 - Google
    2008-06-01 à 01:56:40 - gtk-2.0
    2007-01-20 à 16:34:33 - Help
    2007-01-07 à 17:29:32 - Identities
    2007-09-09 à 01:22:26 - IGN_DLM
    2008-05-29 à 21:36:04 - iWin
    2008-03-02 à 14:05:40 - JGsoft
    2007-06-21 à 16:13:48 - LEGO Company
    2008-05-30 à 18:36:56 - LimeWire
    2007-01-08 à 17:17:30 - Macromedia
    2008-05-30 à 16:26:04 - Malwarebytes
    2008-05-30 à 13:31:11 - Microsoft
    2007-11-16 à 21:09:17 - mIRC
    2008-05-19 à 02:49:26 - Move Networks
    2007-03-17 à 15:56:06 - MoyeaFLV2Video
    2008-05-31 à 18:19:50 - Mozilla
    2007-03-04 à 23:56:49 - MSN6
    2007-09-03 à 21:05:24 - Opera
    2007-07-04 à 14:38:24 - Orbit
    2008-02-17 à 17:10:28 - Publish Providers
    2008-05-07 à 19:43:33 - Search Settings
    2007-11-08 à 21:56:13 - SecondLife
    2008-05-30 à 12:48:50 - skypePM
    2008-02-17 à 17:08:31 - Sony
    2007-02-24 à 23:17:27 - Sun
    2008-05-09 à 21:36:07 - SUPERAntiSpyware.com
    2008-05-16 à 18:03:14 - U3
    2007-09-17 à 18:49:26 - VideoNow Media Wizard
    2007-12-04 à 20:38:24 - VMNTOOLBAR
    2008-01-17 à 22:00:41 - WinButler
    2007-06-09 à 17:58:55 - WinRAR

    +- C:\Documents and Settings\Dom\Local Settings\Application Data

    2008-05-31 à 19:00:14 - Adobe
    2007-07-04 à 15:07:44 - Apple
    2007-07-04 à 15:21:01 - Apple Computer
    2008-06-01 à 21:09:03 - ApplicationHistory
    2007-10-30 à 19:53:43 - BitLord
    2008-01-28 à 22:11:57 - EffectsLab Pro 1.5
    2007-06-19 à 14:56:27 - Google
    2007-01-16 à 20:58:14 - Help
    2007-01-07 à 17:58:18 - HP
    2007-02-13 à 16:51:55 - Identities
    2007-01-07 à 17:58:18 - IsolatedStorage
    2007-02-10 à 22:54:10 - Microangelo Toolset 6
    2008-05-30 à 14:25:47 - Microsoft
    2007-05-30 à 22:29:25 - Mozilla
    2007-12-06 à 23:52:47 - Paint.NET
    2008-02-13 à 03:11:56 - Pando
    2007-02-01 à 00:05:34 - Phrogram
    2008-04-02 à 22:24:19 - RcIncidents
    2008-02-17 à 17:08:31 - Sony
    2008-05-24 à 01:41:20 - WMTools Downloaded Files
    2007-06-29 à 21:16:09 - Yahoo

    +- C:\Documents and Settings\Dominic\Application Data

    2008-06-01 à 13:24:43 - Adobe
    2008-06-01 à 13:12:50 - Comodo
    2007-10-13 à 18:11:30 - Google
    2007-01-14 à 13:47:44 - Identities
    2007-02-10 à 20:04:03 - Macromedia
    2008-05-30 à 13:31:11 - Microsoft
    2007-06-19 à 00:09:58 - Mozilla
    2007-10-08 à 00:04:21 - Sun

    +- C:\Documents and Settings\Dominic\Local Settings\Application Data

    2008-06-01 à 13:25:09 - Adobe
    2007-08-14 à 17:55:14 - Apple Computer
    2008-06-01 à 13:12:58 - ApplicationHistory
    2007-10-13 à 18:11:30 - Google
    2007-01-14 à 13:48:10 - HP
    2007-02-10 à 20:08:12 - Identities
    2007-01-14 à 13:48:10 - IsolatedStorage
    2008-05-30 à 13:31:12 - Microsoft
    2007-06-19 à 00:09:58 - Mozilla
    2007-06-29 à 21:16:09 - Yahoo

    +- C:\Documents and Settings\Justine\Application Data

    2008-05-31 à 20:59:01 - Adobe
    2007-02-06 à 20:13:17 - Ahead
    2007-12-09 à 01:15:53 - Apple Computer
    2008-05-31 à 17:04:29 - Comodo
    2007-08-29 à 21:04:16 - Creative
    2008-05-02 à 19:40:56 - Drive 1 window
    2007-02-09 à 01:54:19 - Google
    2007-01-07 à 17:31:38 - Identities
    2007-06-12 à 21:45:12 - Inspiration Software
    2008-05-05 à 20:25:10 - LimeWire
    2007-01-09 à 22:18:12 - Macromedia
    2008-05-30 à 13:31:11 - Microsoft
    2007-06-14 à 16:52:41 - Mozilla
    2007-05-12 à 02:10:24 - Nero
    2007-08-28 à 19:51:21 - OLYMPUS
    2008-05-07 à 22:09:34 - Search Settings
    2007-03-03 à 02:36:15 - Sun
    2005-12-02 à 02:08:18 - VideoNow Media Wizard
    2007-12-04 à 02:06:38 - VMNTOOLBAR
    2007-11-19 à 03:02:29 - WinRAR

    ========== Listing du dossier Program Files

    +- C:\Program Files

    2008-05-21 à 22:18:06 - 3D Gugle
    2008-05-31 à 16:56:03 - Adobe
    2007-09-23 à 16:59:54 - Adobe Partner Programs
    2008-05-19 à 03:24:03 - AdVantage
    2007-10-27 à 21:19:31 - Adverts
    2007-01-07 à 15:19:54 - Ahead
    2007-01-07 à 15:08:58 - Alwil Software
    2007-11-12 à 15:18:58 - Apple Software Update
    2007-09-08 à 21:03:12 - Audible
    2008-04-30 à 21:45:27 - AviSynth 2.5
    2008-05-31 à 17:32:19 - Bonjour
    2008-05-30 à 00:39:34 - CCleaner
    2008-05-25 à 00:11:05 - Common Files
    2008-05-31 à 16:39:20 - COMODO
    2007-01-07 à 03:14:06 - ComPlus Applications
    2007-06-28 à 01:05:19 - Creative
    2007-06-28 à 01:01:36 - Creative Installation Information
    2007-09-23 à 16:59:34 - Deutsch
    2007-05-18 à 17:00:52 - directx
    2007-08-19 à 17:09:51 - DivX
    2008-05-29 à 20:10:16 - DominateGame
    2008-05-02 à 19:40:01 - Drive 1 window
    2007-11-09 à 23:23:47 - EA GAMES
    2007-09-08 à 21:04:24 - Elecard
    2007-09-23 à 16:59:23 - English
    2008-04-18 à 21:45:20 - Enigma Software Group
    2007-09-23 à 16:59:48 - Español
    2008-05-30 à 13:29:19 - Fichiers communs
    2008-05-07 à 19:42:15 - FileSubmit
    2007-09-23 à 16:59:41 - Français
    2008-05-30 à 13:28:23 - GameSpy Arcade
    2008-05-31 à 19:36:07 - Google
    2008-05-05 à 12:24:23 - Hasbro
    2008-05-12 à 15:16:25 - Hasbro Interactive
    2008-04-03 à 00:14:45 - Hewlett-Packard
    2008-04-01 à 00:30:19 - HP
    2007-09-08 à 17:29:34 - IGN
    2007-01-21 à 14:42:03 - Incomplete
    2008-05-23 à 23:40:25 - InstallShield Installation Information
    2008-05-31 à 17:59:52 - Internet Explorer
    2008-05-31 à 17:33:49 - iPod
    2007-09-23 à 16:59:54 - Italiano
    2008-05-31 à 17:34:05 - iTunes
    2008-05-31 à 17:37:08 - Java
    2007-12-09 à 17:21:04 - Konvertor
    2007-11-11 à 19:05:17 - LEGO Company
    2008-05-31 à 18:24:07 - LimeWire
    2008-06-01 à 21:18:45 - Lopxp
    2008-05-30 à 16:26:02 - Malwarebytes' Anti-Malware
    2007-01-22 à 03:25:14 - Messenger
    2008-05-04 à 22:07:30 - Messenger Plus! Live
    2007-01-07 à 03:18:46 - microsoft frontpage
    2008-05-06 à 21:38:17 - Microsoft Games
    2007-01-07 à 15:14:03 - Microsoft Office
    2007-09-26 à 15:15:31 - Microsoft SQL Server
    2008-05-06 à 20:54:57 - Microsoft SQL Server Compact Edition
    2007-01-07 à 15:15:06 - Microsoft Visual Studio
    2007-01-07 à 05:20:04 - Movie Maker
    2008-06-01 à 15:38:16 - Mozilla Firefox
    2007-01-07 à 03:13:51 - MSN
    2007-01-07 à 03:13:30 - MSN Gaming Zone
    2008-05-06 à 19:04:19 - MSN Messenger
    2007-10-03 à 21:53:35 - MSXML 4.0
    2008-05-10 à 00:59:05 - NetMeeting
    2008-05-09 à 20:41:44 - Norton Security Scan
    2007-01-22 à 03:21:27 - Outlook Express
    2008-03-29 à 01:30:20 - Paint
    2007-12-14 à 03:45:54 - Paint.NET
    2007-12-04 à 20:40:22 - PhotoFiltre
    2007-08-28 à 19:34:12 - PIXELA
    2007-04-01 à 02:33:21 - pspvideo9
    2008-05-31 à 17:40:07 - QuickTime
    2008-05-25 à 00:17:23 - Red Kawa
    2008-05-04 à 18:26:33 - RegCleaner
    2007-07-04 à 17:35:28 - Replay Converter
    2007-08-20 à 17:20:40 - Riva
    2007-01-07 à 14:57:02 - S3Inc
    2008-05-29 à 23:02:23 - Search Settings
    2008-02-01 à 02:25:52 - SEGA
    2007-01-07 à 03:13:52 - Services en ligne
    2008-05-29 à 22:20:16 - Shockwave.com
    2007-09-17 à 18:51:47 - Sintec
    2008-05-06 à 23:20:55 - Sony
    2008-05-04 à 22:50:47 - Sony Setup
    2008-05-30 à 15:57:00 - Spybot - Search & Destroy
    2008-05-30 à 16:08:21 - SpywareBlaster
    2008-05-07 à 19:53:56 - Stardock
    2007-11-09 à 18:23:13 - StopMotion Station
    2007-10-27 à 17:12:01 - TC Digital
    2007-11-12 à 20:34:58 - Team17
    2008-03-09 à 01:10:01 - Travian
    2008-05-29 à 22:48:20 - Trend Micro
    2007-11-12 à 20:11:02 - TryMedia
    2007-09-26 à 15:16:06 - Uninstall Information
    2008-05-06 à 21:39:45 - VAIOXP
    2008-05-04 à 21:02:18 - VCamNow
    2007-01-07 à 14:45:18 - VIA Technologies, INC
    2008-02-04 à 17:13:45 - VideoEgg
    2007-12-09 à 17:21:18 - Visicom Media
    2007-12-04 à 20:38:08 - vmntoolbar
    2008-05-06 à 21:43:04 - Windows Journal Viewer
    2008-05-06 à 21:04:58 - Windows Live
    2008-05-12 à 15:24:33 - Windows Live Toolbar
    2007-04-03 à 21:48:53 - Windows Media Connect 2
    2007-08-24 à 19:48:56 - Windows Media Player
    2007-01-07 à 05:18:25 - Windows NT
    2007-01-07 à 03:13:52 - WindowsUpdate
    2007-06-09 à 17:57:46 - WinRAR
    2008-05-31 à 20:05:01 - WinZip
    2008-06-01 à 18:02:28 - Wise Registry Cleaner 3
    2007-01-07 à 03:18:46 - xerox
    2007-06-29 à 21:16:12 - Yahoo!
    2007-09-23 à 16:59:29 - ???

    ========== Tâches planifiées

    ADF254609185C700.job: c:\docume~1\justine\applic~1\drive1~1\BONE BALM COPY.exe
    AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
    Norton Security Scan.job: C:\Program Files\Norton Security Scan\Nss.exe /scan-full /scheduled
    User_Feed_Synchronization-{7D2EEB0A-7F4B-4D68-AABF-9323C5FA62B3}.job: C:\WINDOWS\system32\msfeedssync.exe sync

    ========== Clés registre

    ========== Bloqueur popups Internet Explorer

    www.ugotgames.com
    www.google.ca
    www.dailymotion.com
    chev-demeraude.go-forum.net
    *.shinobilegends.com
    mondeinfernal.myrealboard.com
    www.clubic.com
    www.zdnet.fr
    www.infos-du-net.com
    www.startawar.com
    pic6.piczo.com
    www.swisstools.net
    facebook.miniclip.com
    zonenxt.msn-int.com
    zonenxt.msn-ppe.com
    zone.msn.com
    pic3.piczo.com
    every-naruto-thing.piczo.com
    exernet.i8.com
    www.skyrock.com
    PopupMgr

    ========== Suggestion ( /!\ Nécessite une interprétation.) ==========

    C:\Documents and Settings\All Users\Application Data\soft chic meet great
    C:\Documents and Settings\Justine\Application Data\Drive 1 window
    C:\Program Files\Adverts
    C:\Program Files\Drive 1 window
    C:\WINDOWS\tasks\ADF254609185C700.job

    +- Registre : Aucune suggestion.

    - Fin du rapport -

    Rapport otmoveit:

    File/Folder C:\Program Files\AskSBar not found.
    File/Folder C:\WINDOWS\system32\azgruruj.exe not found.
    C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe moved successfully.
    File/Folder C:\WINDOWS\system32\utuvqpkb.exe not found.
    File/Folder C:\WINDOWS\system32\vcbwlklm.exe not found.

    OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_165845
    0
  17. kendoka15 Messages postés 371 Statut Membre 17
     
    J'ai pas trouvé les suivantes:
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    0
  18. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    Re,

    Tu as tout enlevé avec lopxp?

    Renvois un rapport HJThis.

    A+
    0
  19. kendoka15 Messages postés 371 Statut Membre 17
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:57:42, on 2008-06-02
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.17184)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\COMODO\SafeSurf\cssurf.exe
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\System\smss.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
    O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - Startup: autostart.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.travian.com/fr
    O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
    O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
    O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
    O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
    O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  20. DeNisCoOl Messages postés 2871 Statut Membre 224
     
    salut kendoka15,

    - Plus de pubs intempestives?

    - Tu n'as pas répondu aux questions finalement:
    * MBAM en mode M.S.E. n'a rien trouvé de plus? (Les rapports sont disponible dans l'onglet report).
    * As tu tout enlevé avec lopxp comme suggeré ?


    ------------
    Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:


    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)


    Puis cocher toutes les lignes O16 sauf les activeX dont tu te sers souvent

    O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
    O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab


    Fermer toutes tes applications et ton navigateur puis fix checked.

    ------------
    - Désactiver la restauration système, laisser tourner le sablier puis la réactiver, pour plus de détails consulter le lien ci dessous :
    http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924

    A+
    0
  21. kendoka15 Messages postés 371 Statut Membre 17
     
    ok c fait^^
    0
  • 1
  • 2