Aidez moi, mon ordi boggue!!
Fermé
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
-
30 mai 2008 à 01:57
kendoka15 Messages postés 361 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 26 février 2011 - 8 juin 2008 à 16:23
kendoka15 Messages postés 361 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 26 février 2011 - 8 juin 2008 à 16:23
A voir également:
- Aidez moi, mon ordi boggue!!
- Mon ordi rame que faire - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Comment retourner ecran ordi - Guide
- Mon ordi freeze - Guide
40 réponses
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
30 mai 2008 à 06:57
30 mai 2008 à 06:57
salut kendoka15,
Bienvenue dans la communauté CCM,
Quels noms ou quels type ces popup?
De faux programme de protection doivent vous envoyer des messages comme quoi vous êtes infecté.
Exécuter et Télécharger Spybot - Spywareblaster
------------------------
1a- Cliquer sur Spybot pour télécharger la dernière version 1.5 (septembre 2007)
Après installation cliquer sur Rechercher les Mises à Jour, cocher les MàJ , télécharger les MàJ.
La première fois redémarrer en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): image menu M.S.E.
Si problème consulter le Tuto ici
Redémarrer Spybot, cliquer sur Vérifier tout, Purger les éléments sélectionner, puis ***Vacciner***
Le tutorial très complet http://www.safer-networking.org/fr/tutorial/index.html
1b- Cliquer sur Spywareblaster pour le télécharger
Après l’installation et la configuration, il suffit de faire les mises à jour il s’occupe du reste (Incompatible Vista).
Le tutorial très complet ICI (merci à 01net.com)
-------------
2- Suivre les instructions pour télécharger et exécuter MalwareBytes_AntiMalware:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Après installation fermer vos programmes et votre navigateur:
* MBAM se met automatiquement à jour en fin d'installation
* Dans l'onglet analyse, vérifie que "Exécuter une analyse rapide" n'est pas coché et clique sur le bouton Rechercher pour démarrer l'analyse.
* Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
*Le coller dans le prochain message
* Pour terminer le nettoyage tu auras peut être besoin de redémarrer.
Ensuite
-------------
Cliquer sur HiJackThis pour télécharger (la dernière version) sur votre bureau :
- Le tutoriel ici (ancienne version) : https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
- Installer le sur un répertoire dédié (pas un dossier temporaire).
- Double-clic sur Hijackthis.exe.
- Cliquer sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note , tout sélectionner (Ctrl+A).
- Copier (Ctrl+C) et Coller (Ctrl+V) le rapport dans le prochain message.
Décalage horaire oblige, dodo time pour moi.
Je consulterais les rapports demain.
A+
Denis
Bienvenue dans la communauté CCM,
Quels noms ou quels type ces popup?
De faux programme de protection doivent vous envoyer des messages comme quoi vous êtes infecté.
Exécuter et Télécharger Spybot - Spywareblaster
------------------------
1a- Cliquer sur Spybot pour télécharger la dernière version 1.5 (septembre 2007)
Après installation cliquer sur Rechercher les Mises à Jour, cocher les MàJ , télécharger les MàJ.
La première fois redémarrer en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): image menu M.S.E.
Si problème consulter le Tuto ici
Redémarrer Spybot, cliquer sur Vérifier tout, Purger les éléments sélectionner, puis ***Vacciner***
Le tutorial très complet http://www.safer-networking.org/fr/tutorial/index.html
1b- Cliquer sur Spywareblaster pour le télécharger
Après l’installation et la configuration, il suffit de faire les mises à jour il s’occupe du reste (Incompatible Vista).
Le tutorial très complet ICI (merci à 01net.com)
-------------
2- Suivre les instructions pour télécharger et exécuter MalwareBytes_AntiMalware:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Après installation fermer vos programmes et votre navigateur:
* MBAM se met automatiquement à jour en fin d'installation
* Dans l'onglet analyse, vérifie que "Exécuter une analyse rapide" n'est pas coché et clique sur le bouton Rechercher pour démarrer l'analyse.
* Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
*Le coller dans le prochain message
* Pour terminer le nettoyage tu auras peut être besoin de redémarrer.
Ensuite
-------------
Cliquer sur HiJackThis pour télécharger (la dernière version) sur votre bureau :
- Le tutoriel ici (ancienne version) : https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
- Installer le sur un répertoire dédié (pas un dossier temporaire).
- Double-clic sur Hijackthis.exe.
- Cliquer sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note , tout sélectionner (Ctrl+A).
- Copier (Ctrl+C) et Coller (Ctrl+V) le rapport dans le prochain message.
Décalage horaire oblige, dodo time pour moi.
Je consulterais les rapports demain.
A+
Denis
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
31 mai 2008 à 00:41
31 mai 2008 à 00:41
salut kendoka,
- MBAM s'est fait plaisir sur ta machine il a bien travaillé ;-)
Si tu as le temps passes MBAM en mode sans échec, pour voir pousser le nettoyage plus loin.
- Tu n'as pas installé Spybot ou Spyware blaster?
Si tu n'as pas pu avant le nettoyage avec MBAM, réessayes maintenant.
Fais le également en M.S.E. pour Spybot.
- Renvois ensuite un autre rapport HJThis car tu es encore infecté je te préparerais une procédure pour compléter le nettoyage.
A+
- MBAM s'est fait plaisir sur ta machine il a bien travaillé ;-)
Si tu as le temps passes MBAM en mode sans échec, pour voir pousser le nettoyage plus loin.
- Tu n'as pas installé Spybot ou Spyware blaster?
Si tu n'as pas pu avant le nettoyage avec MBAM, réessayes maintenant.
Fais le également en M.S.E. pour Spybot.
- Renvois ensuite un autre rapport HJThis car tu es encore infecté je te préparerais une procédure pour compléter le nettoyage.
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
31 mai 2008 à 03:20
31 mai 2008 à 03:20
Merci, je vais le faire demain^^
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
31 mai 2008 à 03:42
31 mai 2008 à 03:42
Re,
- Également tu pourras exécuter les procédures suivante.
------------------------
4- Faire un scan en ligne (sous IE uniquement, cliquer sur la barre jaune clair qui s'affiche un peu en dessous de la barre d'adresse et accepter le module activeX) :
Bitdefender http://www.bitdefender.fr/scan_fr/scan8/ie.html
Coller le rapport si il y a détection d'une infection autre que des cookies.
------------------------
5- De nombreuses infections utilisent les ordinateurs infectés comme serveurs distant ou autre gentillesse du genre, usurpation d'identité. Pour contrer ce genre d'attaque il faut un parefeu (Celui de windows est inefficace).
je conseillerais Comodo 3.0 free : http://www.personalfirewall.comodo.com/download_firewall.html
Bien consulter le Tutoriel (merci Malekal)
------------------------
6- Mises à jours en particulier Adobe, Flash, et autres programmes.
Updatechecker : https://filehippo.com/windows/tuning-utilities/
Quelques détails ici pour l’installation en particulier de Framework:
http://www.commentcamarche.net/faq/sujet 9908 update checker vos logiciels sont ils a jour#update checker la solution
Pour les mises à Jour Java en particulier ici une version online de Secunia en anglais, mais il y a juste 1 ou 2 boutons à cliquer :
https://www.flexera.com/products/operations/software-vulnerability-management.html
Une petite explication dans ce lien (merci malekal).
Et bien entendu windows update:
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=fr
A+
- Également tu pourras exécuter les procédures suivante.
------------------------
4- Faire un scan en ligne (sous IE uniquement, cliquer sur la barre jaune clair qui s'affiche un peu en dessous de la barre d'adresse et accepter le module activeX) :
Bitdefender http://www.bitdefender.fr/scan_fr/scan8/ie.html
Coller le rapport si il y a détection d'une infection autre que des cookies.
------------------------
5- De nombreuses infections utilisent les ordinateurs infectés comme serveurs distant ou autre gentillesse du genre, usurpation d'identité. Pour contrer ce genre d'attaque il faut un parefeu (Celui de windows est inefficace).
je conseillerais Comodo 3.0 free : http://www.personalfirewall.comodo.com/download_firewall.html
Bien consulter le Tutoriel (merci Malekal)
------------------------
6- Mises à jours en particulier Adobe, Flash, et autres programmes.
Updatechecker : https://filehippo.com/windows/tuning-utilities/
Quelques détails ici pour l’installation en particulier de Framework:
http://www.commentcamarche.net/faq/sujet 9908 update checker vos logiciels sont ils a jour#update checker la solution
Pour les mises à Jour Java en particulier ici une version online de Secunia en anglais, mais il y a juste 1 ou 2 boutons à cliquer :
https://www.flexera.com/products/operations/software-vulnerability-management.html
Une petite explication dans ce lien (merci malekal).
Et bien entendu windows update:
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=fr
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
31 mai 2008 à 21:10
31 mai 2008 à 21:10
Rapport Bit defender:
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Sat, May 31, 2008 - 12:33:54
--------------------------------------------------------------------------------
Info d'analyse
Fichiers scannés
82424
Infectés Fichiers
10
Virus Détectés
Adware.Netnucleus.B
1
Adware.Fotomoto.P
1
Adware.Rotator.D
1
Adware.Fotomoto.Gen
5
Application.Memedia.B
1
Application.Keylogger.Ardamax.G
1
--------------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
Rapport hujackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:06, on 2008-05-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Common Files\System\smss.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [OM_Monitor] C:\Documents and Settings\Justine\Bureau\Justine\Monitor.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [] (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
O4 - Startup: autostart.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.travian.com/fr
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Sat, May 31, 2008 - 12:33:54
--------------------------------------------------------------------------------
Info d'analyse
Fichiers scannés
82424
Infectés Fichiers
10
Virus Détectés
Adware.Netnucleus.B
1
Adware.Fotomoto.P
1
Adware.Rotator.D
1
Adware.Fotomoto.Gen
5
Application.Memedia.B
1
Application.Keylogger.Ardamax.G
1
--------------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
Rapport hujackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:06, on 2008-05-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Common Files\System\smss.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [OM_Monitor] C:\Documents and Settings\Justine\Bureau\Justine\Monitor.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [] (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
O4 - Startup: autostart.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.travian.com/fr
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
31 mai 2008 à 22:12
31 mai 2008 à 22:12
kendoka,
- Tu n'as toujours pas installé Spybot et spyware blaster?
Voir message 1.
- J'aurais aimé avoir le reste du rapport Bitdefender si il a bien tout effacé, car le rapport indique juste ce le type d'infection qu'il a détecté sans autre détails.
- Tu as installé Comodo c'est une bonne chose.
- Tu as encore beaucoup d'infection as tu repassé MBAM en mode sans échec également?
Il existait un outil pour enlever une partie de tes infections mais l'éditeur à demandé de retirer les liens, pas de raison donné pour le moment.
Essayes au moins ceci: supprime par ajout suppression de programmes
AskTBar
Affiche les dossiers les fichiers cachés de XP : https://1map.com/fr/astwindscom
ensuite va ici et supprime si encore présent le dossier en gras :
C:\Program Files\AskTBar
Ensuite
------------------------
- Cliquer CCleaner (en français) pour nettoyer les fichiers temporaires, cookies... ainsi que les clefs de la base de registre inutile.
Bien consulter son tutorial ICI
Ensuite dans Options / Avancés, décocher : effacer uniquement les fichiers du répertoires temp de Windows de plus vieux que 48h.
Bouton Nettoyer (s’assurer que dans l’onglet Windows la case Avancé est décoché), cliquer sur Analyse ensuite cliquer sur Lancer le nettoyage.
Ensuite sur le bouton Registre (s’assurer que Intégrité du registre est coché) répéter 2 fois les étapes suivantes:
Chercher les erreurs- Réparer les erreurs sélectionnées
Ne pas oublier de sauvegarder au cas où il supprimerait une mauvaise clef (peu probable).
Fichier de sauvegarde à effacer plus tard s’il n’y a pas de problème par la suite.
- Un autre nettoyeur de registre Wise Registry Cleaner, télécharger et consulter son tutoriel ici :
https://kerio.probb.fr/t1163-tuto-wise-registry-cleaner
Je reviens plus tard ce week end,
A+
- Tu n'as toujours pas installé Spybot et spyware blaster?
Voir message 1.
- J'aurais aimé avoir le reste du rapport Bitdefender si il a bien tout effacé, car le rapport indique juste ce le type d'infection qu'il a détecté sans autre détails.
- Tu as installé Comodo c'est une bonne chose.
- Tu as encore beaucoup d'infection as tu repassé MBAM en mode sans échec également?
Il existait un outil pour enlever une partie de tes infections mais l'éditeur à demandé de retirer les liens, pas de raison donné pour le moment.
Essayes au moins ceci: supprime par ajout suppression de programmes
AskTBar
Affiche les dossiers les fichiers cachés de XP : https://1map.com/fr/astwindscom
ensuite va ici et supprime si encore présent le dossier en gras :
C:\Program Files\AskTBar
Ensuite
------------------------
- Cliquer CCleaner (en français) pour nettoyer les fichiers temporaires, cookies... ainsi que les clefs de la base de registre inutile.
Bien consulter son tutorial ICI
Ensuite dans Options / Avancés, décocher : effacer uniquement les fichiers du répertoires temp de Windows de plus vieux que 48h.
Bouton Nettoyer (s’assurer que dans l’onglet Windows la case Avancé est décoché), cliquer sur Analyse ensuite cliquer sur Lancer le nettoyage.
Ensuite sur le bouton Registre (s’assurer que Intégrité du registre est coché) répéter 2 fois les étapes suivantes:
Chercher les erreurs- Réparer les erreurs sélectionnées
Ne pas oublier de sauvegarder au cas où il supprimerait une mauvaise clef (peu probable).
Fichier de sauvegarde à effacer plus tard s’il n’y a pas de problème par la suite.
- Un autre nettoyeur de registre Wise Registry Cleaner, télécharger et consulter son tutoriel ici :
https://kerio.probb.fr/t1163-tuto-wise-registry-cleaner
Je reviens plus tard ce week end,
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
31 mai 2008 à 22:25
31 mai 2008 à 22:25
1.J'ai installé spybot et spyware blaster
2.Moi j'ai seulement Asktbar et il ne s'efface pas
3. Bitdefender me donnait seulement cela
4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
2.Moi j'ai seulement Asktbar et il ne s'efface pas
3. Bitdefender me donnait seulement cela
4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 19:45
1 juin 2008 à 19:45
aha! j'ai trouvé le rapport bitdefender:
Voie d'analyse: A:\;C:\;D:\;E:\;
Statistiques
Temps
00:47:56
Fichiers
77665
Directoires
9189
Secteurs de boot
4
Archives
1270
Paquets programmes
6734
Résultats
Virus identifiés
2
Fichiers infectés
2
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
2
Info sur les moteurs
Définition virus
1255525
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
16
Archive des plugins
42
Unpack des plugins
7
E-mail plugins
6
Système plugins
5
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
Détecté avec: Adware.Fotomoto.P
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
Supprimé
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe
Echec de la mise à jour
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Détecté avec: Adware.WinButler.A
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Echec de la désinfection
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Supprimé
Voie d'analyse: A:\;C:\;D:\;E:\;
Statistiques
Temps
00:47:56
Fichiers
77665
Directoires
9189
Secteurs de boot
4
Archives
1270
Paquets programmes
6734
Résultats
Virus identifiés
2
Fichiers infectés
2
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
2
Info sur les moteurs
Définition virus
1255525
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
16
Archive des plugins
42
Unpack des plugins
7
E-mail plugins
6
Système plugins
5
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
Détecté avec: Adware.Fotomoto.P
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe=>(NSIS o)
Supprimé
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP478\A0190251.exe
Echec de la mise à jour
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Détecté avec: Adware.WinButler.A
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Echec de la désinfection
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP485\A0193192.exe
Supprimé
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 20:05
1 juin 2008 à 20:05
et le nouveau logiciel wise registry... , voici le errorlog:
Time: 14:01:25 Problems:
=======================================================================
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Microsoft Games\Pandora's Box Trial
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\HeaderFooter.HeaderFooter.1
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:25 Problems:
=======================================================================
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Microsoft Games\Pandora's Box Trial
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\HeaderFooter.HeaderFooter.1
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
Time: 14:01:33 Problems:
=======================================================================
Key: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Reason: Remove Key failed.
ErrorCode:0
-----------------------------------------------------------------------
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
1 juin 2008 à 20:08
1 juin 2008 à 20:08
salut kendoka,
1.J'ai installé spybot et spyware blaster
Tu as lancé une analyse Spybot en mode sans échec après la mise à jour puis Vacciner?
2.Moi j'ai seulement Asktbar et il ne s'efface pas
On va passer par un procédure un peu plus manuel.
3. Bitdefender me donnait seulement cela
Première fois que je vois un rapport Bitdefender si court ;-)
4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
Ok tu me diras si il a trouvé encore des infections en M.S.E.
------------
Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
Comment fixer une ligne: (Merci a Balltrap34 pour cette réalisation vidéo)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Fermer toutes tes applications et ton navigateur puis fix checked.
----------
Télécharger OTMoveIt2(de Old_Timer) sur le Bureau. http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\
Double cliquer sur OTMoveIt2.exe pour le lancer.
Copier la liste de fichier ou de dossier qui se trouve en gras ci-dessous,
et coller-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
C:\Program Files\AskSBar
C:\WINDOWS\system32\azgruruj.exe
C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe
C:\WINDOWS\system32\utuvqpkb.exe
C:\WINDOWS\system32\vcbwlklm.exe
Cliquer sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Cliquer sur Exit pour fermer.
Il sera peut-être demander de redémarrer le pc pour achever la suppression.
Si c'est le cas accepter par Yes.
Redémarres en M.S.E. puis exécutes CCleaner bouton Registre et Wise Cleaner.
Et redémarres en mode normal.
--> Poster le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)
------------
• Si tu as installé messenger plus désinstalle le dans le panneau de configuration et réinstalle le sans les sponsors
• Télécharger Lopxp (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup
• Double cliquer sur Lopxpsetup.exe pour lancer l'installation
• Au menu, choisir l'option 1
• Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
• Le contenu du rapport est situé dans : C:\Programfiles\Lopxp\cid.txt
Désactive le tea timer de spybot
• Aller dans : Démarrer > Exécuter puis copie/colle la ligne suivante en gras :
o "%programfiles%\Lopxp\Lopxp.bat" /Fixme puis valide,
• Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
• Pour chaque fichier, il faudra accepter ( appuyer sur la touche y ) ou refuser ( appuyer sur la touche n ) la suppression afin d'éviter toute erreur d'interprétation de la partie suggestion.
• Les sauvegardes de chaque suppression seront stockées dans le dossier C:\Programfiles\Lopxp\Sauvegardes
Renvoyer le rapport dans le prochain message, si tu as un doute je te dirais quoi effacer mais il est vraiment exceptionnel que le rapport détecte un fichier valide.
A+
1.J'ai installé spybot et spyware blaster
Tu as lancé une analyse Spybot en mode sans échec après la mise à jour puis Vacciner?
2.Moi j'ai seulement Asktbar et il ne s'efface pas
On va passer par un procédure un peu plus manuel.
3. Bitdefender me donnait seulement cela
Première fois que je vois un rapport Bitdefender si court ;-)
4.MBAM, jai pas eu le temps dsl je le fait a linstant^^
Ok tu me diras si il a trouvé encore des infections en M.S.E.
------------
Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
Comment fixer une ligne: (Merci a Balltrap34 pour cette réalisation vidéo)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Fermer toutes tes applications et ton navigateur puis fix checked.
----------
Télécharger OTMoveIt2(de Old_Timer) sur le Bureau. http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\
Double cliquer sur OTMoveIt2.exe pour le lancer.
Copier la liste de fichier ou de dossier qui se trouve en gras ci-dessous,
et coller-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
C:\Program Files\AskSBar
C:\WINDOWS\system32\azgruruj.exe
C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe
C:\WINDOWS\system32\utuvqpkb.exe
C:\WINDOWS\system32\vcbwlklm.exe
Cliquer sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Cliquer sur Exit pour fermer.
Il sera peut-être demander de redémarrer le pc pour achever la suppression.
Si c'est le cas accepter par Yes.
Redémarres en M.S.E. puis exécutes CCleaner bouton Registre et Wise Cleaner.
Et redémarres en mode normal.
--> Poster le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)
------------
• Si tu as installé messenger plus désinstalle le dans le panneau de configuration et réinstalle le sans les sponsors
• Télécharger Lopxp (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup
• Double cliquer sur Lopxpsetup.exe pour lancer l'installation
• Au menu, choisir l'option 1
• Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
• Le contenu du rapport est situé dans : C:\Programfiles\Lopxp\cid.txt
Désactive le tea timer de spybot
• Aller dans : Démarrer > Exécuter puis copie/colle la ligne suivante en gras :
o "%programfiles%\Lopxp\Lopxp.bat" /Fixme puis valide,
• Le mode fixe reprendra tous les fichiers mentionnés dans la partie suggestion du 1er rapport généré.
• Pour chaque fichier, il faudra accepter ( appuyer sur la touche y ) ou refuser ( appuyer sur la touche n ) la suppression afin d'éviter toute erreur d'interprétation de la partie suggestion.
• Les sauvegardes de chaque suppression seront stockées dans le dossier C:\Programfiles\Lopxp\Sauvegardes
Renvoyer le rapport dans le prochain message, si tu as un doute je te dirais quoi effacer mais il est vraiment exceptionnel que le rapport détecte un fichier valide.
A+
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
1 juin 2008 à 21:12
1 juin 2008 à 21:12
kendoka,
- Nos messages se sont croisés, quand tu auras fini l'autre procédure renvois un log HJThis.
A+
- Nos messages se sont croisés, quand tu auras fini l'autre procédure renvois un log HJThis.
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 21:20
1 juin 2008 à 21:20
quelle autre procédure?
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
1 juin 2008 à 21:41
1 juin 2008 à 21:41
kendoka,
regardes plus haut ;-)
message 11.
nos messages ont été envoyé à 3min d'intervalles.
A+
regardes plus haut ;-)
message 11.
nos messages ont été envoyé à 3min d'intervalles.
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 21:44
1 juin 2008 à 21:44
MBAM?
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
1 juin 2008 à 22:32
1 juin 2008 à 22:32
kendoka,
Tu as déjà oublié je répondais à ton message.
MBAM: MalwareBytes_AntiMalware
A+
Tu as déjà oublié je répondais à ton message.
MBAM: MalwareBytes_AntiMalware
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 22:47
1 juin 2008 à 22:47
ah daccrod^^ j'étais melangé je le fais tout de suite
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 23:27
1 juin 2008 à 23:27
Rapport:
# Rapport Lopxp fait le 2008-06-01 à 17:18:30
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (1436)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding (1740)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:78337 (3156)
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2008-03-29 à 00:33:31 - Identities
2008-05-30 à 13:31:11 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2008-05-30 à 13:31:12 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2008-05-31 à 16:57:02 - Adobe
2007-09-03 à 20:45:25 - Adobe Systems
2007-09-11 à 20:17:37 - Age of Empires 3 XPack Trial
2008-04-26 à 19:15:59 - Age of Empires 3 YPack Trial
2007-07-04 à 15:06:58 - Apple
2007-08-13 à 14:22:50 - Apple Computer
2007-10-30 à 20:44:38 - Autodesk
2008-05-30 à 12:16:18 - avg8
2007-08-20 à 14:23:06 - AVS4YOU
2008-05-31 à 16:43:53 - comodo
2007-06-28 à 00:58:52 - Creative
2007-09-29 à 22:33:31 - GoBoingo
2008-02-04 à 17:08:48 - Google
2008-06-01 à 01:53:15 - Google Updater
2008-04-01 à 00:30:19 - Hewlett-Packard
2008-05-30 à 00:14:35 - krwpktuv
2008-04-06 à 19:36:06 - LookMyPC
2008-05-30 à 16:26:00 - Malwarebytes
2007-10-27 à 21:29:42 - Messenger Plus!
2008-05-06 à 21:02:25 - Microsoft
2007-02-24 à 17:38:18 - MSN6
2007-02-24 à 17:37:17 - Protexis
2007-02-02 à 22:15:38 - QuickTime
2007-02-01 à 00:05:34 - Shared Phrogram Files
2008-05-30 à 13:29:17 - Skype
2008-05-02 à 19:40:48 - soft chic meet great
2008-05-30 à 15:59:07 - Spybot - Search & Destroy
2008-05-09 à 21:36:17 - SUPERAntiSpyware.com
2008-03-31 à 20:53:49 - SwiftKit
2007-06-03 à 23:55:07 - SwiftSwitch
2008-05-31 à 15:34:56 - TEMP
2007-09-09 à 22:04:16 - Trymedia
2007-03-06 à 13:14:33 - Windows Genuine Advantage
2007-01-26 à 00:28:37 - Windows Live Toolbar
2008-05-31 à 20:06:36 - WinZip
2008-05-02 à 23:01:33 - WLInstaller
2007-06-29 à 21:16:09 - YAHOO
+- C:\Documents and Settings\Dom\Application Data
2008-05-31 à 19:00:08 - Adobe
2007-03-15 à 00:20:46 - Ahead
2007-07-16 à 20:26:39 - Apple Computer
2007-08-20 à 14:27:08 - AVSMedia
2007-07-12 à 02:03:11 - BitTorrent
2008-05-31 à 16:38:22 - Comodo
2008-04-26 à 00:57:22 - Creative
2008-03-29 à 22:09:22 - Download Manager
2007-08-14 à 20:29:27 - Eclipsit
2007-09-19 à 20:58:16 - Electronic Arts
2007-10-04 à 21:56:55 - GetRightToGo
2007-06-19 à 14:56:27 - Google
2008-06-01 à 01:56:40 - gtk-2.0
2007-01-20 à 16:34:33 - Help
2007-01-07 à 17:29:32 - Identities
2007-09-09 à 01:22:26 - IGN_DLM
2008-05-29 à 21:36:04 - iWin
2008-03-02 à 14:05:40 - JGsoft
2007-06-21 à 16:13:48 - LEGO Company
2008-05-30 à 18:36:56 - LimeWire
2007-01-08 à 17:17:30 - Macromedia
2008-05-30 à 16:26:04 - Malwarebytes
2008-05-30 à 13:31:11 - Microsoft
2007-11-16 à 21:09:17 - mIRC
2008-05-19 à 02:49:26 - Move Networks
2007-03-17 à 15:56:06 - MoyeaFLV2Video
2008-05-31 à 18:19:50 - Mozilla
2007-03-04 à 23:56:49 - MSN6
2007-09-03 à 21:05:24 - Opera
2007-07-04 à 14:38:24 - Orbit
2008-02-17 à 17:10:28 - Publish Providers
2008-05-07 à 19:43:33 - Search Settings
2007-11-08 à 21:56:13 - SecondLife
2008-05-30 à 12:48:50 - skypePM
2008-02-17 à 17:08:31 - Sony
2007-02-24 à 23:17:27 - Sun
2008-05-09 à 21:36:07 - SUPERAntiSpyware.com
2008-05-16 à 18:03:14 - U3
2007-09-17 à 18:49:26 - VideoNow Media Wizard
2007-12-04 à 20:38:24 - VMNTOOLBAR
2008-01-17 à 22:00:41 - WinButler
2007-06-09 à 17:58:55 - WinRAR
+- C:\Documents and Settings\Dom\Local Settings\Application Data
2008-05-31 à 19:00:14 - Adobe
2007-07-04 à 15:07:44 - Apple
2007-07-04 à 15:21:01 - Apple Computer
2008-06-01 à 21:09:03 - ApplicationHistory
2007-10-30 à 19:53:43 - BitLord
2008-01-28 à 22:11:57 - EffectsLab Pro 1.5
2007-06-19 à 14:56:27 - Google
2007-01-16 à 20:58:14 - Help
2007-01-07 à 17:58:18 - HP
2007-02-13 à 16:51:55 - Identities
2007-01-07 à 17:58:18 - IsolatedStorage
2007-02-10 à 22:54:10 - Microangelo Toolset 6
2008-05-30 à 14:25:47 - Microsoft
2007-05-30 à 22:29:25 - Mozilla
2007-12-06 à 23:52:47 - Paint.NET
2008-02-13 à 03:11:56 - Pando
2007-02-01 à 00:05:34 - Phrogram
2008-04-02 à 22:24:19 - RcIncidents
2008-02-17 à 17:08:31 - Sony
2008-05-24 à 01:41:20 - WMTools Downloaded Files
2007-06-29 à 21:16:09 - Yahoo
+- C:\Documents and Settings\Dominic\Application Data
2008-06-01 à 13:24:43 - Adobe
2008-06-01 à 13:12:50 - Comodo
2007-10-13 à 18:11:30 - Google
2007-01-14 à 13:47:44 - Identities
2007-02-10 à 20:04:03 - Macromedia
2008-05-30 à 13:31:11 - Microsoft
2007-06-19 à 00:09:58 - Mozilla
2007-10-08 à 00:04:21 - Sun
+- C:\Documents and Settings\Dominic\Local Settings\Application Data
2008-06-01 à 13:25:09 - Adobe
2007-08-14 à 17:55:14 - Apple Computer
2008-06-01 à 13:12:58 - ApplicationHistory
2007-10-13 à 18:11:30 - Google
2007-01-14 à 13:48:10 - HP
2007-02-10 à 20:08:12 - Identities
2007-01-14 à 13:48:10 - IsolatedStorage
2008-05-30 à 13:31:12 - Microsoft
2007-06-19 à 00:09:58 - Mozilla
2007-06-29 à 21:16:09 - Yahoo
+- C:\Documents and Settings\Justine\Application Data
2008-05-31 à 20:59:01 - Adobe
2007-02-06 à 20:13:17 - Ahead
2007-12-09 à 01:15:53 - Apple Computer
2008-05-31 à 17:04:29 - Comodo
2007-08-29 à 21:04:16 - Creative
2008-05-02 à 19:40:56 - Drive 1 window
2007-02-09 à 01:54:19 - Google
2007-01-07 à 17:31:38 - Identities
2007-06-12 à 21:45:12 - Inspiration Software
2008-05-05 à 20:25:10 - LimeWire
2007-01-09 à 22:18:12 - Macromedia
2008-05-30 à 13:31:11 - Microsoft
2007-06-14 à 16:52:41 - Mozilla
2007-05-12 à 02:10:24 - Nero
2007-08-28 à 19:51:21 - OLYMPUS
2008-05-07 à 22:09:34 - Search Settings
2007-03-03 à 02:36:15 - Sun
2005-12-02 à 02:08:18 - VideoNow Media Wizard
2007-12-04 à 02:06:38 - VMNTOOLBAR
2007-11-19 à 03:02:29 - WinRAR
========== Listing du dossier Program Files
+- C:\Program Files
2008-05-21 à 22:18:06 - 3D Gugle
2008-05-31 à 16:56:03 - Adobe
2007-09-23 à 16:59:54 - Adobe Partner Programs
2008-05-19 à 03:24:03 - AdVantage
2007-10-27 à 21:19:31 - Adverts
2007-01-07 à 15:19:54 - Ahead
2007-01-07 à 15:08:58 - Alwil Software
2007-11-12 à 15:18:58 - Apple Software Update
2007-09-08 à 21:03:12 - Audible
2008-04-30 à 21:45:27 - AviSynth 2.5
2008-05-31 à 17:32:19 - Bonjour
2008-05-30 à 00:39:34 - CCleaner
2008-05-25 à 00:11:05 - Common Files
2008-05-31 à 16:39:20 - COMODO
2007-01-07 à 03:14:06 - ComPlus Applications
2007-06-28 à 01:05:19 - Creative
2007-06-28 à 01:01:36 - Creative Installation Information
2007-09-23 à 16:59:34 - Deutsch
2007-05-18 à 17:00:52 - directx
2007-08-19 à 17:09:51 - DivX
2008-05-29 à 20:10:16 - DominateGame
2008-05-02 à 19:40:01 - Drive 1 window
2007-11-09 à 23:23:47 - EA GAMES
2007-09-08 à 21:04:24 - Elecard
2007-09-23 à 16:59:23 - English
2008-04-18 à 21:45:20 - Enigma Software Group
2007-09-23 à 16:59:48 - Español
2008-05-30 à 13:29:19 - Fichiers communs
2008-05-07 à 19:42:15 - FileSubmit
2007-09-23 à 16:59:41 - Français
2008-05-30 à 13:28:23 - GameSpy Arcade
2008-05-31 à 19:36:07 - Google
2008-05-05 à 12:24:23 - Hasbro
2008-05-12 à 15:16:25 - Hasbro Interactive
2008-04-03 à 00:14:45 - Hewlett-Packard
2008-04-01 à 00:30:19 - HP
2007-09-08 à 17:29:34 - IGN
2007-01-21 à 14:42:03 - Incomplete
2008-05-23 à 23:40:25 - InstallShield Installation Information
2008-05-31 à 17:59:52 - Internet Explorer
2008-05-31 à 17:33:49 - iPod
2007-09-23 à 16:59:54 - Italiano
2008-05-31 à 17:34:05 - iTunes
2008-05-31 à 17:37:08 - Java
2007-12-09 à 17:21:04 - Konvertor
2007-11-11 à 19:05:17 - LEGO Company
2008-05-31 à 18:24:07 - LimeWire
2008-06-01 à 21:18:45 - Lopxp
2008-05-30 à 16:26:02 - Malwarebytes' Anti-Malware
2007-01-22 à 03:25:14 - Messenger
2008-05-04 à 22:07:30 - Messenger Plus! Live
2007-01-07 à 03:18:46 - microsoft frontpage
2008-05-06 à 21:38:17 - Microsoft Games
2007-01-07 à 15:14:03 - Microsoft Office
2007-09-26 à 15:15:31 - Microsoft SQL Server
2008-05-06 à 20:54:57 - Microsoft SQL Server Compact Edition
2007-01-07 à 15:15:06 - Microsoft Visual Studio
2007-01-07 à 05:20:04 - Movie Maker
2008-06-01 à 15:38:16 - Mozilla Firefox
2007-01-07 à 03:13:51 - MSN
2007-01-07 à 03:13:30 - MSN Gaming Zone
2008-05-06 à 19:04:19 - MSN Messenger
2007-10-03 à 21:53:35 - MSXML 4.0
2008-05-10 à 00:59:05 - NetMeeting
2008-05-09 à 20:41:44 - Norton Security Scan
2007-01-22 à 03:21:27 - Outlook Express
2008-03-29 à 01:30:20 - Paint
2007-12-14 à 03:45:54 - Paint.NET
2007-12-04 à 20:40:22 - PhotoFiltre
2007-08-28 à 19:34:12 - PIXELA
2007-04-01 à 02:33:21 - pspvideo9
2008-05-31 à 17:40:07 - QuickTime
2008-05-25 à 00:17:23 - Red Kawa
2008-05-04 à 18:26:33 - RegCleaner
2007-07-04 à 17:35:28 - Replay Converter
2007-08-20 à 17:20:40 - Riva
2007-01-07 à 14:57:02 - S3Inc
2008-05-29 à 23:02:23 - Search Settings
2008-02-01 à 02:25:52 - SEGA
2007-01-07 à 03:13:52 - Services en ligne
2008-05-29 à 22:20:16 - Shockwave.com
2007-09-17 à 18:51:47 - Sintec
2008-05-06 à 23:20:55 - Sony
2008-05-04 à 22:50:47 - Sony Setup
2008-05-30 à 15:57:00 - Spybot - Search & Destroy
2008-05-30 à 16:08:21 - SpywareBlaster
2008-05-07 à 19:53:56 - Stardock
2007-11-09 à 18:23:13 - StopMotion Station
2007-10-27 à 17:12:01 - TC Digital
2007-11-12 à 20:34:58 - Team17
2008-03-09 à 01:10:01 - Travian
2008-05-29 à 22:48:20 - Trend Micro
2007-11-12 à 20:11:02 - TryMedia
2007-09-26 à 15:16:06 - Uninstall Information
2008-05-06 à 21:39:45 - VAIOXP
2008-05-04 à 21:02:18 - VCamNow
2007-01-07 à 14:45:18 - VIA Technologies, INC
2008-02-04 à 17:13:45 - VideoEgg
2007-12-09 à 17:21:18 - Visicom Media
2007-12-04 à 20:38:08 - vmntoolbar
2008-05-06 à 21:43:04 - Windows Journal Viewer
2008-05-06 à 21:04:58 - Windows Live
2008-05-12 à 15:24:33 - Windows Live Toolbar
2007-04-03 à 21:48:53 - Windows Media Connect 2
2007-08-24 à 19:48:56 - Windows Media Player
2007-01-07 à 05:18:25 - Windows NT
2007-01-07 à 03:13:52 - WindowsUpdate
2007-06-09 à 17:57:46 - WinRAR
2008-05-31 à 20:05:01 - WinZip
2008-06-01 à 18:02:28 - Wise Registry Cleaner 3
2007-01-07 à 03:18:46 - xerox
2007-06-29 à 21:16:12 - Yahoo!
2007-09-23 à 16:59:29 - ???
========== Tâches planifiées
ADF254609185C700.job: c:\docume~1\justine\applic~1\drive1~1\BONE BALM COPY.exe
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Norton Security Scan.job: C:\Program Files\Norton Security Scan\Nss.exe /scan-full /scheduled
User_Feed_Synchronization-{7D2EEB0A-7F4B-4D68-AABF-9323C5FA62B3}.job: C:\WINDOWS\system32\msfeedssync.exe sync
========== Clés registre
========== Bloqueur popups Internet Explorer
www.ugotgames.com
www.google.ca
www.dailymotion.com
chev-demeraude.go-forum.net
*.shinobilegends.com
mondeinfernal.myrealboard.com
www.clubic.com
www.zdnet.fr
www.infos-du-net.com
www.startawar.com
pic6.piczo.com
www.swisstools.net
facebook.miniclip.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
pic3.piczo.com
every-naruto-thing.piczo.com
exernet.i8.com
www.skyrock.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\soft chic meet great
C:\Documents and Settings\Justine\Application Data\Drive 1 window
C:\Program Files\Adverts
C:\Program Files\Drive 1 window
C:\WINDOWS\tasks\ADF254609185C700.job
+- Registre : Aucune suggestion.
- Fin du rapport -
Rapport otmoveit:
File/Folder C:\Program Files\AskSBar not found.
File/Folder C:\WINDOWS\system32\azgruruj.exe not found.
C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe moved successfully.
File/Folder C:\WINDOWS\system32\utuvqpkb.exe not found.
File/Folder C:\WINDOWS\system32\vcbwlklm.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_165845
# Rapport Lopxp fait le 2008-06-01 à 17:18:30
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (1436)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding (1740)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:78337 (3156)
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2008-03-29 à 00:33:31 - Identities
2008-05-30 à 13:31:11 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2008-05-30 à 13:31:12 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2008-05-31 à 16:57:02 - Adobe
2007-09-03 à 20:45:25 - Adobe Systems
2007-09-11 à 20:17:37 - Age of Empires 3 XPack Trial
2008-04-26 à 19:15:59 - Age of Empires 3 YPack Trial
2007-07-04 à 15:06:58 - Apple
2007-08-13 à 14:22:50 - Apple Computer
2007-10-30 à 20:44:38 - Autodesk
2008-05-30 à 12:16:18 - avg8
2007-08-20 à 14:23:06 - AVS4YOU
2008-05-31 à 16:43:53 - comodo
2007-06-28 à 00:58:52 - Creative
2007-09-29 à 22:33:31 - GoBoingo
2008-02-04 à 17:08:48 - Google
2008-06-01 à 01:53:15 - Google Updater
2008-04-01 à 00:30:19 - Hewlett-Packard
2008-05-30 à 00:14:35 - krwpktuv
2008-04-06 à 19:36:06 - LookMyPC
2008-05-30 à 16:26:00 - Malwarebytes
2007-10-27 à 21:29:42 - Messenger Plus!
2008-05-06 à 21:02:25 - Microsoft
2007-02-24 à 17:38:18 - MSN6
2007-02-24 à 17:37:17 - Protexis
2007-02-02 à 22:15:38 - QuickTime
2007-02-01 à 00:05:34 - Shared Phrogram Files
2008-05-30 à 13:29:17 - Skype
2008-05-02 à 19:40:48 - soft chic meet great
2008-05-30 à 15:59:07 - Spybot - Search & Destroy
2008-05-09 à 21:36:17 - SUPERAntiSpyware.com
2008-03-31 à 20:53:49 - SwiftKit
2007-06-03 à 23:55:07 - SwiftSwitch
2008-05-31 à 15:34:56 - TEMP
2007-09-09 à 22:04:16 - Trymedia
2007-03-06 à 13:14:33 - Windows Genuine Advantage
2007-01-26 à 00:28:37 - Windows Live Toolbar
2008-05-31 à 20:06:36 - WinZip
2008-05-02 à 23:01:33 - WLInstaller
2007-06-29 à 21:16:09 - YAHOO
+- C:\Documents and Settings\Dom\Application Data
2008-05-31 à 19:00:08 - Adobe
2007-03-15 à 00:20:46 - Ahead
2007-07-16 à 20:26:39 - Apple Computer
2007-08-20 à 14:27:08 - AVSMedia
2007-07-12 à 02:03:11 - BitTorrent
2008-05-31 à 16:38:22 - Comodo
2008-04-26 à 00:57:22 - Creative
2008-03-29 à 22:09:22 - Download Manager
2007-08-14 à 20:29:27 - Eclipsit
2007-09-19 à 20:58:16 - Electronic Arts
2007-10-04 à 21:56:55 - GetRightToGo
2007-06-19 à 14:56:27 - Google
2008-06-01 à 01:56:40 - gtk-2.0
2007-01-20 à 16:34:33 - Help
2007-01-07 à 17:29:32 - Identities
2007-09-09 à 01:22:26 - IGN_DLM
2008-05-29 à 21:36:04 - iWin
2008-03-02 à 14:05:40 - JGsoft
2007-06-21 à 16:13:48 - LEGO Company
2008-05-30 à 18:36:56 - LimeWire
2007-01-08 à 17:17:30 - Macromedia
2008-05-30 à 16:26:04 - Malwarebytes
2008-05-30 à 13:31:11 - Microsoft
2007-11-16 à 21:09:17 - mIRC
2008-05-19 à 02:49:26 - Move Networks
2007-03-17 à 15:56:06 - MoyeaFLV2Video
2008-05-31 à 18:19:50 - Mozilla
2007-03-04 à 23:56:49 - MSN6
2007-09-03 à 21:05:24 - Opera
2007-07-04 à 14:38:24 - Orbit
2008-02-17 à 17:10:28 - Publish Providers
2008-05-07 à 19:43:33 - Search Settings
2007-11-08 à 21:56:13 - SecondLife
2008-05-30 à 12:48:50 - skypePM
2008-02-17 à 17:08:31 - Sony
2007-02-24 à 23:17:27 - Sun
2008-05-09 à 21:36:07 - SUPERAntiSpyware.com
2008-05-16 à 18:03:14 - U3
2007-09-17 à 18:49:26 - VideoNow Media Wizard
2007-12-04 à 20:38:24 - VMNTOOLBAR
2008-01-17 à 22:00:41 - WinButler
2007-06-09 à 17:58:55 - WinRAR
+- C:\Documents and Settings\Dom\Local Settings\Application Data
2008-05-31 à 19:00:14 - Adobe
2007-07-04 à 15:07:44 - Apple
2007-07-04 à 15:21:01 - Apple Computer
2008-06-01 à 21:09:03 - ApplicationHistory
2007-10-30 à 19:53:43 - BitLord
2008-01-28 à 22:11:57 - EffectsLab Pro 1.5
2007-06-19 à 14:56:27 - Google
2007-01-16 à 20:58:14 - Help
2007-01-07 à 17:58:18 - HP
2007-02-13 à 16:51:55 - Identities
2007-01-07 à 17:58:18 - IsolatedStorage
2007-02-10 à 22:54:10 - Microangelo Toolset 6
2008-05-30 à 14:25:47 - Microsoft
2007-05-30 à 22:29:25 - Mozilla
2007-12-06 à 23:52:47 - Paint.NET
2008-02-13 à 03:11:56 - Pando
2007-02-01 à 00:05:34 - Phrogram
2008-04-02 à 22:24:19 - RcIncidents
2008-02-17 à 17:08:31 - Sony
2008-05-24 à 01:41:20 - WMTools Downloaded Files
2007-06-29 à 21:16:09 - Yahoo
+- C:\Documents and Settings\Dominic\Application Data
2008-06-01 à 13:24:43 - Adobe
2008-06-01 à 13:12:50 - Comodo
2007-10-13 à 18:11:30 - Google
2007-01-14 à 13:47:44 - Identities
2007-02-10 à 20:04:03 - Macromedia
2008-05-30 à 13:31:11 - Microsoft
2007-06-19 à 00:09:58 - Mozilla
2007-10-08 à 00:04:21 - Sun
+- C:\Documents and Settings\Dominic\Local Settings\Application Data
2008-06-01 à 13:25:09 - Adobe
2007-08-14 à 17:55:14 - Apple Computer
2008-06-01 à 13:12:58 - ApplicationHistory
2007-10-13 à 18:11:30 - Google
2007-01-14 à 13:48:10 - HP
2007-02-10 à 20:08:12 - Identities
2007-01-14 à 13:48:10 - IsolatedStorage
2008-05-30 à 13:31:12 - Microsoft
2007-06-19 à 00:09:58 - Mozilla
2007-06-29 à 21:16:09 - Yahoo
+- C:\Documents and Settings\Justine\Application Data
2008-05-31 à 20:59:01 - Adobe
2007-02-06 à 20:13:17 - Ahead
2007-12-09 à 01:15:53 - Apple Computer
2008-05-31 à 17:04:29 - Comodo
2007-08-29 à 21:04:16 - Creative
2008-05-02 à 19:40:56 - Drive 1 window
2007-02-09 à 01:54:19 - Google
2007-01-07 à 17:31:38 - Identities
2007-06-12 à 21:45:12 - Inspiration Software
2008-05-05 à 20:25:10 - LimeWire
2007-01-09 à 22:18:12 - Macromedia
2008-05-30 à 13:31:11 - Microsoft
2007-06-14 à 16:52:41 - Mozilla
2007-05-12 à 02:10:24 - Nero
2007-08-28 à 19:51:21 - OLYMPUS
2008-05-07 à 22:09:34 - Search Settings
2007-03-03 à 02:36:15 - Sun
2005-12-02 à 02:08:18 - VideoNow Media Wizard
2007-12-04 à 02:06:38 - VMNTOOLBAR
2007-11-19 à 03:02:29 - WinRAR
========== Listing du dossier Program Files
+- C:\Program Files
2008-05-21 à 22:18:06 - 3D Gugle
2008-05-31 à 16:56:03 - Adobe
2007-09-23 à 16:59:54 - Adobe Partner Programs
2008-05-19 à 03:24:03 - AdVantage
2007-10-27 à 21:19:31 - Adverts
2007-01-07 à 15:19:54 - Ahead
2007-01-07 à 15:08:58 - Alwil Software
2007-11-12 à 15:18:58 - Apple Software Update
2007-09-08 à 21:03:12 - Audible
2008-04-30 à 21:45:27 - AviSynth 2.5
2008-05-31 à 17:32:19 - Bonjour
2008-05-30 à 00:39:34 - CCleaner
2008-05-25 à 00:11:05 - Common Files
2008-05-31 à 16:39:20 - COMODO
2007-01-07 à 03:14:06 - ComPlus Applications
2007-06-28 à 01:05:19 - Creative
2007-06-28 à 01:01:36 - Creative Installation Information
2007-09-23 à 16:59:34 - Deutsch
2007-05-18 à 17:00:52 - directx
2007-08-19 à 17:09:51 - DivX
2008-05-29 à 20:10:16 - DominateGame
2008-05-02 à 19:40:01 - Drive 1 window
2007-11-09 à 23:23:47 - EA GAMES
2007-09-08 à 21:04:24 - Elecard
2007-09-23 à 16:59:23 - English
2008-04-18 à 21:45:20 - Enigma Software Group
2007-09-23 à 16:59:48 - Español
2008-05-30 à 13:29:19 - Fichiers communs
2008-05-07 à 19:42:15 - FileSubmit
2007-09-23 à 16:59:41 - Français
2008-05-30 à 13:28:23 - GameSpy Arcade
2008-05-31 à 19:36:07 - Google
2008-05-05 à 12:24:23 - Hasbro
2008-05-12 à 15:16:25 - Hasbro Interactive
2008-04-03 à 00:14:45 - Hewlett-Packard
2008-04-01 à 00:30:19 - HP
2007-09-08 à 17:29:34 - IGN
2007-01-21 à 14:42:03 - Incomplete
2008-05-23 à 23:40:25 - InstallShield Installation Information
2008-05-31 à 17:59:52 - Internet Explorer
2008-05-31 à 17:33:49 - iPod
2007-09-23 à 16:59:54 - Italiano
2008-05-31 à 17:34:05 - iTunes
2008-05-31 à 17:37:08 - Java
2007-12-09 à 17:21:04 - Konvertor
2007-11-11 à 19:05:17 - LEGO Company
2008-05-31 à 18:24:07 - LimeWire
2008-06-01 à 21:18:45 - Lopxp
2008-05-30 à 16:26:02 - Malwarebytes' Anti-Malware
2007-01-22 à 03:25:14 - Messenger
2008-05-04 à 22:07:30 - Messenger Plus! Live
2007-01-07 à 03:18:46 - microsoft frontpage
2008-05-06 à 21:38:17 - Microsoft Games
2007-01-07 à 15:14:03 - Microsoft Office
2007-09-26 à 15:15:31 - Microsoft SQL Server
2008-05-06 à 20:54:57 - Microsoft SQL Server Compact Edition
2007-01-07 à 15:15:06 - Microsoft Visual Studio
2007-01-07 à 05:20:04 - Movie Maker
2008-06-01 à 15:38:16 - Mozilla Firefox
2007-01-07 à 03:13:51 - MSN
2007-01-07 à 03:13:30 - MSN Gaming Zone
2008-05-06 à 19:04:19 - MSN Messenger
2007-10-03 à 21:53:35 - MSXML 4.0
2008-05-10 à 00:59:05 - NetMeeting
2008-05-09 à 20:41:44 - Norton Security Scan
2007-01-22 à 03:21:27 - Outlook Express
2008-03-29 à 01:30:20 - Paint
2007-12-14 à 03:45:54 - Paint.NET
2007-12-04 à 20:40:22 - PhotoFiltre
2007-08-28 à 19:34:12 - PIXELA
2007-04-01 à 02:33:21 - pspvideo9
2008-05-31 à 17:40:07 - QuickTime
2008-05-25 à 00:17:23 - Red Kawa
2008-05-04 à 18:26:33 - RegCleaner
2007-07-04 à 17:35:28 - Replay Converter
2007-08-20 à 17:20:40 - Riva
2007-01-07 à 14:57:02 - S3Inc
2008-05-29 à 23:02:23 - Search Settings
2008-02-01 à 02:25:52 - SEGA
2007-01-07 à 03:13:52 - Services en ligne
2008-05-29 à 22:20:16 - Shockwave.com
2007-09-17 à 18:51:47 - Sintec
2008-05-06 à 23:20:55 - Sony
2008-05-04 à 22:50:47 - Sony Setup
2008-05-30 à 15:57:00 - Spybot - Search & Destroy
2008-05-30 à 16:08:21 - SpywareBlaster
2008-05-07 à 19:53:56 - Stardock
2007-11-09 à 18:23:13 - StopMotion Station
2007-10-27 à 17:12:01 - TC Digital
2007-11-12 à 20:34:58 - Team17
2008-03-09 à 01:10:01 - Travian
2008-05-29 à 22:48:20 - Trend Micro
2007-11-12 à 20:11:02 - TryMedia
2007-09-26 à 15:16:06 - Uninstall Information
2008-05-06 à 21:39:45 - VAIOXP
2008-05-04 à 21:02:18 - VCamNow
2007-01-07 à 14:45:18 - VIA Technologies, INC
2008-02-04 à 17:13:45 - VideoEgg
2007-12-09 à 17:21:18 - Visicom Media
2007-12-04 à 20:38:08 - vmntoolbar
2008-05-06 à 21:43:04 - Windows Journal Viewer
2008-05-06 à 21:04:58 - Windows Live
2008-05-12 à 15:24:33 - Windows Live Toolbar
2007-04-03 à 21:48:53 - Windows Media Connect 2
2007-08-24 à 19:48:56 - Windows Media Player
2007-01-07 à 05:18:25 - Windows NT
2007-01-07 à 03:13:52 - WindowsUpdate
2007-06-09 à 17:57:46 - WinRAR
2008-05-31 à 20:05:01 - WinZip
2008-06-01 à 18:02:28 - Wise Registry Cleaner 3
2007-01-07 à 03:18:46 - xerox
2007-06-29 à 21:16:12 - Yahoo!
2007-09-23 à 16:59:29 - ???
========== Tâches planifiées
ADF254609185C700.job: c:\docume~1\justine\applic~1\drive1~1\BONE BALM COPY.exe
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Norton Security Scan.job: C:\Program Files\Norton Security Scan\Nss.exe /scan-full /scheduled
User_Feed_Synchronization-{7D2EEB0A-7F4B-4D68-AABF-9323C5FA62B3}.job: C:\WINDOWS\system32\msfeedssync.exe sync
========== Clés registre
========== Bloqueur popups Internet Explorer
www.ugotgames.com
www.google.ca
www.dailymotion.com
chev-demeraude.go-forum.net
*.shinobilegends.com
mondeinfernal.myrealboard.com
www.clubic.com
www.zdnet.fr
www.infos-du-net.com
www.startawar.com
pic6.piczo.com
www.swisstools.net
facebook.miniclip.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
pic3.piczo.com
every-naruto-thing.piczo.com
exernet.i8.com
www.skyrock.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\soft chic meet great
C:\Documents and Settings\Justine\Application Data\Drive 1 window
C:\Program Files\Adverts
C:\Program Files\Drive 1 window
C:\WINDOWS\tasks\ADF254609185C700.job
+- Registre : Aucune suggestion.
- Fin du rapport -
Rapport otmoveit:
File/Folder C:\Program Files\AskSBar not found.
File/Folder C:\WINDOWS\system32\azgruruj.exe not found.
C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe moved successfully.
File/Folder C:\WINDOWS\system32\utuvqpkb.exe not found.
File/Folder C:\WINDOWS\system32\vcbwlklm.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_165845
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
1 juin 2008 à 23:31
1 juin 2008 à 23:31
J'ai pas trouvé les suivantes:
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
2 juin 2008 à 01:09
2 juin 2008 à 01:09
Re,
Tu as tout enlevé avec lopxp?
Renvois un rapport HJThis.
A+
Tu as tout enlevé avec lopxp?
Renvois un rapport HJThis.
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
2 juin 2008 à 21:59
2 juin 2008 à 21:59
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:57:42, on 2008-06-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\System\smss.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: autostart.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.travian.com/fr
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Scan saved at 15:57:42, on 2008-06-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\System\smss.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: autostart.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.travian.com/fr
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
DeNisCoOl
Messages postés
2802
Date d'inscription
vendredi 19 août 2005
Statut
Membre
Dernière intervention
28 février 2011
224
2 juin 2008 à 22:50
2 juin 2008 à 22:50
salut kendoka15,
- Plus de pubs intempestives?
- Tu n'as pas répondu aux questions finalement:
* MBAM en mode M.S.E. n'a rien trouvé de plus? (Les rapports sont disponible dans l'onglet report).
* As tu tout enlevé avec lopxp comme suggeré ?
------------
Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
Puis cocher toutes les lignes O16 sauf les activeX dont tu te sers souvent
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
Fermer toutes tes applications et ton navigateur puis fix checked.
------------
- Désactiver la restauration système, laisser tourner le sablier puis la réactiver, pour plus de détails consulter le lien ci dessous :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
A+
- Plus de pubs intempestives?
- Tu n'as pas répondu aux questions finalement:
* MBAM en mode M.S.E. n'a rien trouvé de plus? (Les rapports sont disponible dans l'onglet report).
* As tu tout enlevé avec lopxp comme suggeré ?
------------
Relancer HiJackthis cliquer sur Do a scan only et cocher les lignes en gras:
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
Puis cocher toutes les lignes O16 sauf les activeX dont tu te sers souvent
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
Fermer toutes tes applications et ton navigateur puis fix checked.
------------
- Désactiver la restauration système, laisser tourner le sablier puis la réactiver, pour plus de détails consulter le lien ci dessous :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
A+
kendoka15
Messages postés
361
Date d'inscription
vendredi 30 mai 2008
Statut
Membre
Dernière intervention
26 février 2011
17
2 juin 2008 à 23:07
2 juin 2008 à 23:07
ok c fait^^
30 mai 2008 à 21:19
Ouais, j'ai des pages qui me disent que j'ai du spyware et autres, mon ordi crash des fois(moins souvent que le spyware) et les alertes poppent à toutes les 15-30 minutes
Rapport MBAM:
Malwarebytes' Anti-Malware 1.14
Database version: 801
14:43:24 2008-05-30
mbam-log-5-30-2008 (14-43-24).txt
Scan type: Full Scan (C:\|)
Objects scanned: 136479
Time elapsed: 51 minute(s), 32 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 63
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 17
Files Infected: 227
Memory Processes Infected:
C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44a1-9f4543d34545} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Classes\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorertoolbar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Golden Palace Casino PT (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\utuvqpkb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP470\A0188902.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190519.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190520.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP482\A0190521.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP491\A0198665.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFFC30B1-2A6B-41FA-8BCA-7385DF9673BB}\RP495\A0199363.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkfejalc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\inabohgd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhebepwv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Web\def.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dom\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32akttzn.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32anticipator.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32awtoolb.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32bdn.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32bsva-egihsg52.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32dpcproxy.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32emesx.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32h@tkeysh@@k.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hoproxy.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hxiwlgpm.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hxiwlgpm.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32medup012.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32medup020.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msgp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msnbho.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mssecu.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mtr2.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mwin32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32netode.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32newsd32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ps1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32psof1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32psoft1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32regc64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32regm64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32Rundl1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32sncntr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssurf022.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssvchost.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32sysreq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32taack.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32taack.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32temp#01.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32thun.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32thun32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32VBIEWER.OCX (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32vbsys2.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32vcatchpi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32winlogonpc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32WINWGPX.EXE (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:50, on 2008-05-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\System\smss.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [fckqmgve] C:\WINDOWS\system32\azgruruj.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [OM_Monitor] C:\Documents and Settings\Justine\Bureau\Justine\Monitor.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [] (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [user nurb] C:\DOCUME~1\Justine\APPLIC~1\DRIVE1~1\Bat Tick Third.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [xjgcbgaq] C:\WINDOWS\system32\utuvqpkb.exe (User 'Justine')
O4 - HKUS\S-1-5-21-527237240-1035525444-682003330-1006\..\Run: [wdvabqwa] C:\WINDOWS\system32\vcbwlklm.exe (User 'Justine')
O4 - Startup: autostart.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.travian.com/fr
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} - http://www.webcam.com/smilecam/office/AXWebMonProj1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.179.205.99:8888/activex/AxisCamControl.cab
O16 - DPF: {98164EE5-3C94-4844-841D-2B740D4EFB5E} - http://www.elecard.com/AXConverter/EOnline_Converter_Demo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: AVG8 Firewall (avgfws8) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgfws8.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe