Publicités incessantes !
Résolu/Fermé
A voir également:
- Publicités incessantes !
- Supprimer les publicités - Guide
- Comment bloquer les publicités sur mon téléphone - Guide
- Bloquer publicités youtube - Guide
- Comment bloquer les publicités sur youtube - Guide
- Adblock plus - bloqueur de publicités gratuit - Télécharger - Outils pour navigateurs
21 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
13 juin 2008 à 12:25
13 juin 2008 à 12:25
slt
tu es gavé!!! c'est pas gagné!!! tu n'as aucun antivirus, aucune protection!!!!
_____________
Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix
______________
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
_____________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
_______________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
__________________
installe un antivirus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
recolle un hijakchits et dis tes soucis
tu es gavé!!! c'est pas gagné!!! tu n'as aucun antivirus, aucune protection!!!!
_____________
Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix
______________
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
_____________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
_______________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
__________________
installe un antivirus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
recolle un hijakchits et dis tes soucis
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 14:12
18 juin 2008 à 14:12
Excuse moi
j'étais absent !
Ouè c'est vrai que j'ai pas d'antivirus :/
Merci pour ton aide jlpjlp !
jvais essayer de suivre tes conseils !
j'étais absent !
Ouè c'est vrai que j'ai pas d'antivirus :/
Merci pour ton aide jlpjlp !
jvais essayer de suivre tes conseils !
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 14:24
18 juin 2008 à 14:24
Rapport avec Msnfix :
MSNFix 1.724
D:\Documents and Settings\Windows\Bureau\msnfix\MSNFix
Fix exécuté le 18/06/2008 - 14:15:07,70 By Windows
mode normal
************************ Recherche les fichiers présents
... D:\WINDOWS\system32\%%%.exe
... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\SRUninstall.exe
... D:\Documents and Settings\Windows\??????.exe
... D:\Documents and Settings\Windows\????????.exe
... D:\WINDOWS\b???.exe
************************ Recherche les dossiers présents
... D:\Program Files\Spcron\
... D:\Program Files\Svconr\
... D:\Program Files\outerinfo\
... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\
... D:\Program Files\ISM\
... D:\Program Files\QdrPack\
************************ Suppression des fichiers
.. OK ... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\SRUninstall.exe
.. OK ... D:\Documents and Settings\Windows\??????.exe
.. OK ... D:\Documents and Settings\Windows\????????.exe
.. OK ... D:\WINDOWS\b???.exe
.. OK ... D:\WINDOWS\system32\real.txt
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[D:\DOCUME~1\Windows\LOCALS~1\Temp\Naruto_404_Binktopia_.zip] 06EB67E7A4C688F888FE687AF753ECF2
[D:\DOCUME~1\Windows\LOCALS~1\Temp\UpdateJavaCore.zip] AB0C874853E5AF3E431E700581D8CB66
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] D:\DOCUME~1\Windows\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18062008_14200601.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = D:\WINDOWS\system32\userinit.exe,D:\WINDOWS\system32\%.exe
Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte
MSNFix 1.724
D:\Documents and Settings\Windows\Bureau\msnfix\MSNFix
Fix exécuté le 18/06/2008 - 14:15:07,70 By Windows
mode normal
************************ Recherche les fichiers présents
... D:\WINDOWS\system32\%%%.exe
... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\SRUninstall.exe
... D:\Documents and Settings\Windows\??????.exe
... D:\Documents and Settings\Windows\????????.exe
... D:\WINDOWS\b???.exe
************************ Recherche les dossiers présents
... D:\Program Files\Spcron\
... D:\Program Files\Svconr\
... D:\Program Files\outerinfo\
... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\
... D:\Program Files\ISM\
... D:\Program Files\QdrPack\
************************ Suppression des fichiers
.. OK ... D:\DOCUME~1\Windows\APPLIC~1\SpeedRunner\SRUninstall.exe
.. OK ... D:\Documents and Settings\Windows\??????.exe
.. OK ... D:\Documents and Settings\Windows\????????.exe
.. OK ... D:\WINDOWS\b???.exe
.. OK ... D:\WINDOWS\system32\real.txt
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[D:\DOCUME~1\Windows\LOCALS~1\Temp\Naruto_404_Binktopia_.zip] 06EB67E7A4C688F888FE687AF753ECF2
[D:\DOCUME~1\Windows\LOCALS~1\Temp\UpdateJavaCore.zip] AB0C874853E5AF3E431E700581D8CB66
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] D:\DOCUME~1\Windows\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18062008_14200601.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = D:\WINDOWS\system32\userinit.exe,D:\WINDOWS\system32\%.exe
Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2008 à 14:56
18 juin 2008 à 14:56
une partie virée mais il en reste .................
Bonjour,
j'ai des publicités intempestives depuis qq jours et j'ai beau avoir plusieurs antivirus (ccleaner, adaware avgantispyware) rien n'y fait.
Voici mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:24, on 18/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vidal\Communs\Vidal.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\documents and settings\emilie & pierre-yves\local settings\application data\egkmaqy.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www8.hp.com/fr/fr/home.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vdlDeamon] C:\Program Files\Vidal\Communs\Vidal.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [egkmaqy] c:\documents and settings\emilie & pierre-yves\local settings\application data\egkmaqy.exe egkmaqy
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Emilie & Pierre-Yves\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\Player\__CDS2.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
j'ai des publicités intempestives depuis qq jours et j'ai beau avoir plusieurs antivirus (ccleaner, adaware avgantispyware) rien n'y fait.
Voici mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:24, on 18/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vidal\Communs\Vidal.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\documents and settings\emilie & pierre-yves\local settings\application data\egkmaqy.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www8.hp.com/fr/fr/home.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vdlDeamon] C:\Program Files\Vidal\Communs\Vidal.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [egkmaqy] c:\documents and settings\emilie & pierre-yves\local settings\application data\egkmaqy.exe egkmaqy
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Emilie & Pierre-Yves\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\Player\__CDS2.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 14:58
18 juin 2008 à 14:58
Rapport avec SDFix
[b]SDFix: Version 1.194 [/b]
Run by Windows on 18/06/2008 at 14:36
Microsoft Windows XP [version 5.1.2600]
Running From: D:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
D:\WINDOWS\system32\%%%.exe - Deleted
D:\DOCUME~1\WINDOWS\APPLIC~1\MICROS~1\WINDOWS\SUIGPK.EXE - Deleted
D:\PROGRA~1\WINDOW~2\LAGURI~1.DLL - Deleted
D:\PROGRA~1\MSN\DIQATU~2.DLL - Deleted
D:\PROGRA~1\MSN\DIQATU~1.DLL - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\config.cfg - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\config.MSNFix - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SpeedRunner.exe - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SRUninstall.exe - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SRUninstall.MSNFix - Deleted
D:\Program Files\GetModule\dicik.gz - Deleted
D:\Program Files\GetModule\GetModule18.exe - Deleted
D:\Program Files\GetModule\GetModule19.exe - Deleted
D:\Program Files\GetModule\kwdik.gz - Deleted
D:\Program Files\GetModule\pckik.dat - Deleted
D:\Program Files\GetPack\dictame.gz - Deleted
D:\Program Files\GetPack\GetPack18.exe - Deleted
D:\Program Files\GetPack\GetPack19.exe - Deleted
D:\Program Files\GetPack\trgtame.gz - Deleted
D:\Program Files\iCheck\Uninstall.exe - Deleted
D:\Program Files\ISM\ism.exe - Deleted
D:\Program Files\ISM\Uninstall.exe - Deleted
D:\Program Files\mjc\mjc.exe - Deleted
D:\Program Files\QdrPack\bostrupd.exe - Deleted
D:\Program Files\QdrPack\dictbs.gz - Deleted
D:\Program Files\QdrPack\dictys.gz - Deleted
D:\Program Files\QdrPack\QdrPack16.exe - Deleted
D:\Program Files\QdrPack\QdrPack17.exe - Deleted
D:\Program Files\QdrPack\trgtys.gz - Deleted
D:\Program Files\Spcron\Spc.dll - Deleted
D:\Program Files\Spcron\Spc.dll.lzma - Deleted
D:\Program Files\zango\bin\10.3.37.0\HostOE.dll - Deleted
D:\Program Files\zango\bin\10.3.37.0\ZangoSAHook.dll - Deleted
D:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe - Deleted
D:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa118.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa119.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa219.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\ismtpa17.exe - Deleted
D:\Program Files\.autoreg - Deleted
D:\Documents and Settings\Windows\real.txt - Deleted
D:\WINDOWS\tk58.exe - Deleted
Folder D:\Documents and Settings\Windows\Application Data\SpeedRunner - Removed
Folder D:\Program Files\GetModule - Removed
Folder D:\Program Files\GetPack - Removed
Folder D:\Program Files\iCheck - Removed
Folder D:\Program Files\ISM - Removed
Folder D:\Program Files\mjc - Removed
Folder D:\Program Files\QdrPack - Removed
Folder D:\Program Files\Spcron - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 14:51:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Messenger\\msmsgs.exe"="D:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"D:\\Program Files\\Free Download Manager\\fdm.exe"="D:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"D:\\Program Files\\Morpheus\\Morpheus.exe"="D:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:Morpheus"
"D:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe"="D:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe:*:Enabled:Dofus Client"
"D:\\WINDOWS\\system32\\java.exe"="D:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="D:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"E:\\eMule\\emule.exe"="E:\\eMule\\emule.exe:*:Enabled:eMule"
"D:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="D:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"D:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="D:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"D:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="D:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"D:\\Documents and Settings\\Windows\\dqofvv.exe"="D:\\Documents and Settings\\Windows\\dqofvv.exe:*:Enabled:Nvidia"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - D:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 21 Jan 2008 13,479 A..H. --- "D:\tpe\ªª\[Coolgrafik.com]_No_Clocks_1_0.zip"
Thu 29 May 2008 230,400 ..SHR --- "D:\WINDOWS\system32\??sks\d?xplore.exe"
Sat 29 Sep 2007 0 A.SH. --- "D:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 13 Apr 2008 68,608 ..SHR --- "D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe"
Wed 7 May 2008 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT41.tmp"
Sun 20 Jan 2008 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT27.tmp"
Thu 12 Jun 2008 277 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic109.tmp"
Thu 12 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10A.tmp"
Wed 28 May 2008 233 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10D.tmp"
Thu 12 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10E.tmp"
Thu 12 Jun 2008 374 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic110.tmp"
Wed 28 May 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic113.tmp"
Sun 25 May 2008 149 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1613.tmp"
Sun 8 Jun 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic18C.tmp"
Fri 6 Jun 2008 158 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic192.tmp"
Fri 6 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic199.tmp"
Sat 7 Jun 2008 727 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19A.tmp"
Fri 6 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19B.tmp"
Sat 7 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19E.tmp"
Sat 7 Jun 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1A2.tmp"
Sun 8 Jun 2008 124 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1AD.tmp"
Sat 7 Jun 2008 551 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1F0.tmp"
Sun 15 Jun 2008 221 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic223.tmp"
Sat 31 May 2008 668 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic25A.tmp"
Tue 17 Jun 2008 622 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic50F.tmp"
Tue 17 Jun 2008 281 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic52F.tmp"
Tue 17 Jun 2008 281 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic5C0.tmp"
Thu 29 May 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic75A.tmp"
Thu 5 Jun 2008 272 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic76.tmp"
Thu 5 Jun 2008 771 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic7B.tmp"
Thu 5 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic95.tmp"
Thu 5 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic97.tmp"
Thu 29 May 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticB11.tmp"
Fri 6 Jun 2008 149 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticB7.tmp"
Sun 25 May 2008 237 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticCD3.tmp"
[b]Finished![/b]
[b]SDFix: Version 1.194 [/b]
Run by Windows on 18/06/2008 at 14:36
Microsoft Windows XP [version 5.1.2600]
Running From: D:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
D:\WINDOWS\system32\%%%.exe - Deleted
D:\DOCUME~1\WINDOWS\APPLIC~1\MICROS~1\WINDOWS\SUIGPK.EXE - Deleted
D:\PROGRA~1\WINDOW~2\LAGURI~1.DLL - Deleted
D:\PROGRA~1\MSN\DIQATU~2.DLL - Deleted
D:\PROGRA~1\MSN\DIQATU~1.DLL - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\config.cfg - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\config.MSNFix - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SpeedRunner.exe - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SRUninstall.exe - Deleted
D:\Documents and Settings\Windows\Application Data\SpeedRunner\SRUninstall.MSNFix - Deleted
D:\Program Files\GetModule\dicik.gz - Deleted
D:\Program Files\GetModule\GetModule18.exe - Deleted
D:\Program Files\GetModule\GetModule19.exe - Deleted
D:\Program Files\GetModule\kwdik.gz - Deleted
D:\Program Files\GetModule\pckik.dat - Deleted
D:\Program Files\GetPack\dictame.gz - Deleted
D:\Program Files\GetPack\GetPack18.exe - Deleted
D:\Program Files\GetPack\GetPack19.exe - Deleted
D:\Program Files\GetPack\trgtame.gz - Deleted
D:\Program Files\iCheck\Uninstall.exe - Deleted
D:\Program Files\ISM\ism.exe - Deleted
D:\Program Files\ISM\Uninstall.exe - Deleted
D:\Program Files\mjc\mjc.exe - Deleted
D:\Program Files\QdrPack\bostrupd.exe - Deleted
D:\Program Files\QdrPack\dictbs.gz - Deleted
D:\Program Files\QdrPack\dictys.gz - Deleted
D:\Program Files\QdrPack\QdrPack16.exe - Deleted
D:\Program Files\QdrPack\QdrPack17.exe - Deleted
D:\Program Files\QdrPack\trgtys.gz - Deleted
D:\Program Files\Spcron\Spc.dll - Deleted
D:\Program Files\Spcron\Spc.dll.lzma - Deleted
D:\Program Files\zango\bin\10.3.37.0\HostOE.dll - Deleted
D:\Program Files\zango\bin\10.3.37.0\ZangoSAHook.dll - Deleted
D:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe - Deleted
D:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa118.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa119.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\gettpa219.exe - Deleted
D:\DOCUME~1\Windows\LOCALS~1\Temp\ismtpa17.exe - Deleted
D:\Program Files\.autoreg - Deleted
D:\Documents and Settings\Windows\real.txt - Deleted
D:\WINDOWS\tk58.exe - Deleted
Folder D:\Documents and Settings\Windows\Application Data\SpeedRunner - Removed
Folder D:\Program Files\GetModule - Removed
Folder D:\Program Files\GetPack - Removed
Folder D:\Program Files\iCheck - Removed
Folder D:\Program Files\ISM - Removed
Folder D:\Program Files\mjc - Removed
Folder D:\Program Files\QdrPack - Removed
Folder D:\Program Files\Spcron - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 14:51:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Messenger\\msmsgs.exe"="D:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"D:\\Program Files\\Free Download Manager\\fdm.exe"="D:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"D:\\Program Files\\Morpheus\\Morpheus.exe"="D:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:Morpheus"
"D:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe"="D:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe:*:Enabled:Dofus Client"
"D:\\WINDOWS\\system32\\java.exe"="D:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="D:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"E:\\eMule\\emule.exe"="E:\\eMule\\emule.exe:*:Enabled:eMule"
"D:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="D:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"D:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="D:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"D:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="D:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"D:\\Documents and Settings\\Windows\\dqofvv.exe"="D:\\Documents and Settings\\Windows\\dqofvv.exe:*:Enabled:Nvidia"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - D:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 21 Jan 2008 13,479 A..H. --- "D:\tpe\ªª\[Coolgrafik.com]_No_Clocks_1_0.zip"
Thu 29 May 2008 230,400 ..SHR --- "D:\WINDOWS\system32\??sks\d?xplore.exe"
Sat 29 Sep 2007 0 A.SH. --- "D:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 13 Apr 2008 68,608 ..SHR --- "D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe"
Wed 7 May 2008 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT41.tmp"
Sun 20 Jan 2008 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT27.tmp"
Thu 12 Jun 2008 277 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic109.tmp"
Thu 12 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10A.tmp"
Wed 28 May 2008 233 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10D.tmp"
Thu 12 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic10E.tmp"
Thu 12 Jun 2008 374 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic110.tmp"
Wed 28 May 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic113.tmp"
Sun 25 May 2008 149 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1613.tmp"
Sun 8 Jun 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic18C.tmp"
Fri 6 Jun 2008 158 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic192.tmp"
Fri 6 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic199.tmp"
Sat 7 Jun 2008 727 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19A.tmp"
Fri 6 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19B.tmp"
Sat 7 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic19E.tmp"
Sat 7 Jun 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1A2.tmp"
Sun 8 Jun 2008 124 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1AD.tmp"
Sat 7 Jun 2008 551 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic1F0.tmp"
Sun 15 Jun 2008 221 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic223.tmp"
Sat 31 May 2008 668 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic25A.tmp"
Tue 17 Jun 2008 622 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic50F.tmp"
Tue 17 Jun 2008 281 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic52F.tmp"
Tue 17 Jun 2008 281 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic5C0.tmp"
Thu 29 May 2008 550 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic75A.tmp"
Thu 5 Jun 2008 272 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic76.tmp"
Thu 5 Jun 2008 771 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic7B.tmp"
Thu 5 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic95.tmp"
Thu 5 Jun 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\tic97.tmp"
Thu 29 May 2008 223 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticB11.tmp"
Fri 6 Jun 2008 149 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticB7.tmp"
Sun 25 May 2008 237 A..H. --- "D:\Documents and Settings\Windows\Local Settings\Temp\Free Download Manager\ticCD3.tmp"
[b]Finished![/b]
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2008 à 15:37
18 juin 2008 à 15:37
le nettoyage se poursuit....
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 16:53
18 juin 2008 à 16:53
waoh
il est long celui là !
Malwarebytes' Anti-Malware 1.17
Version de la base de données: 867
16:49:50 18/06/2008
mbam-log-6-18-2008 (16-49-50).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 82164
Temps écoulé: 18 minute(s), 17 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 289
Processus mémoire infecté(s):
D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe (Adware.ClickSpring) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
D:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ac17bf32-75de-760f-f93d-0aa2e19c4992} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ac17bf32-75de-760f-f93d-0aa2e19c4992} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Auti (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Program Files\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Zango\bin\10.3.37.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Svconr (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components\FF.MSNFix (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\Program Files\Svconr\Svconr.MSNFix (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0047934.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0048934.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0048940.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP190\A0049052.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP190\A0049083.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049133.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049145.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050154.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050160.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP193\A0051249.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP193\A0051250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052256.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052268.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052276.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052547.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052548.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052549.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052550.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052551.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052552.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052553.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052554.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052568.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052591.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0054598.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0055599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0056600.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0056611.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0057610.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0058622.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060310.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060320.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060321.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060322.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060323.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0062347.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0062352.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0064343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0065343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067352.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067353.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067364.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0070373.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0071478.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074527.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074528.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074529.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074530.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074531.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0075553.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0076550.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0077574.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0077575.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078589.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078590.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078591.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078592.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078593.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078594.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078595.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078596.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078597.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078598.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0080610.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0080651.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081665.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081666.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081669.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081670.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0084705.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0084706.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0088724.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090735.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090736.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090741.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090742.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090743.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090744.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090745.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096737.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096743.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096744.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096745.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096746.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096747.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096750.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102811.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102812.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102813.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0108850.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111863.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111864.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111865.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111866.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111867.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111868.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111869.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0116885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117894.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117895.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117896.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117898.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117901.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117902.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117903.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121926.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121927.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121928.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122929.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122930.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122931.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122932.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123962.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123963.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123965.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0126954.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129984.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129985.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129987.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129988.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129989.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129990.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129991.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129992.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129994.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131001.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131002.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131018.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131020.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131023.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131024.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131025.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131026.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131027.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140063.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140064.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140065.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0141085.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0143377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148405.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148407.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148408.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148410.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148411.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148415.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148416.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148417.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148418.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148419.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148420.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151416.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151417.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151418.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151419.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151420.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151421.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151422.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0153415.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0153416.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0156414.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0156415.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0158446.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166478.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166479.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166480.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166481.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166482.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166483.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166485.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166489.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166492.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168531.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168532.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168533.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168534.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168535.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168536.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168537.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP216\A0170550.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP216\A0170551.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP218\A0176575.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP218\A0176585.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP220\A0177780.dll (Adware.Shoper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180799.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180800.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180801.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180802.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180803.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180804.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180805.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180806.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180807.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185816.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185817.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185818.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185819.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186815.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186816.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186817.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186818.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186819.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186820.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0187830.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187839.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187840.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187842.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187844.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187845.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187848.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187849.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187856.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187858.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187859.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187860.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187861.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187862.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187863.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187864.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187869.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187871.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187872.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187873.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187874.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187875.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187876.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187877.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187878.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187882.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187892.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187894.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187897.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187903.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187904.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187905.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187907.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187908.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187909.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187911.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187914.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187916.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187917.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187918.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187919.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187920.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187923.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187924.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187929.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187931.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187932.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187933.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187935.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187937.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187941.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187942.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187943.dll (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187944.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187945.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187946.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187950.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187951.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187952.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187953.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187954.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187956.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\WINDOWS\b128.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\WINDOWS\b153.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\b156.MSNFix (Adware.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\mrofinu1423.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\WINDOWS\POTA777444.exe (Adware.TTC) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\azfiais.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\kegham.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\Terms.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\chrome.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\install.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components\OuterinfoAds.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
il est long celui là !
Malwarebytes' Anti-Malware 1.17
Version de la base de données: 867
16:49:50 18/06/2008
mbam-log-6-18-2008 (16-49-50).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 82164
Temps écoulé: 18 minute(s), 17 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 289
Processus mémoire infecté(s):
D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe (Adware.ClickSpring) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
D:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ac17bf32-75de-760f-f93d-0aa2e19c4992} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ac17bf32-75de-760f-f93d-0aa2e19c4992} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Auti (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Program Files\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Zango\bin\10.3.37.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Svconr (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\Documents and Settings\Windows\Mes documents\?asks\svchost.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components\FF.MSNFix (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\Program Files\Svconr\Svconr.MSNFix (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0047934.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0048934.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP189\A0048940.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP190\A0049052.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP190\A0049083.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049133.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0049145.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050154.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP192\A0050160.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP193\A0051249.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP193\A0051250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052256.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052268.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP197\A0052276.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052547.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052548.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052549.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052550.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052551.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052552.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052553.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052554.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052568.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052591.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0052599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0054598.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP198\A0055599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0056600.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0056611.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP199\A0057610.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0058622.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060310.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060320.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060321.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060322.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP200\A0060323.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0062347.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0062352.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0064343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP201\A0065343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067352.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067353.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP202\A0067364.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0070373.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0071478.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074527.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074528.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074529.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074530.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0074531.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0075553.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP203\A0076550.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0077574.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0077575.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078589.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078590.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078591.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078592.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078593.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078594.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078595.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078596.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078597.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078598.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP204\A0078599.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0080610.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0080651.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081665.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081666.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081669.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0081670.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0084705.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0084706.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0088724.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090735.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090736.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090741.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090742.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090743.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090744.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP205\A0090745.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096737.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096743.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096744.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096745.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096746.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096747.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0096750.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102811.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102812.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0102813.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0108850.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111863.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111864.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111865.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111866.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111867.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111868.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111869.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0111870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0116885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117894.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117895.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117896.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117898.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117901.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117902.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP206\A0117903.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121926.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121927.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0121928.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122929.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122930.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122931.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP207\A0122932.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123962.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123963.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP210\A0123965.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0126954.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129984.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129985.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129987.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129988.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129989.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129990.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129991.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129992.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0129994.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131001.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131002.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131018.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131020.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131023.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131024.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131025.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131026.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP211\A0131027.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140063.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140064.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0140065.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP213\A0141085.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0143377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148405.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148407.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148408.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148410.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148411.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148415.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148416.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148417.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148418.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148419.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0148420.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151416.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151417.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151418.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151419.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151420.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151421.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0151422.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0153415.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0153416.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0156414.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0156415.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP214\A0158446.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166478.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166479.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166480.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166481.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166482.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166483.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166485.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166489.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0166492.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168531.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168532.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168533.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168534.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168535.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168536.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP215\A0168537.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP216\A0170550.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP216\A0170551.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP218\A0176575.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP218\A0176585.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP220\A0177780.dll (Adware.Shoper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180799.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180800.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180801.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180802.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180803.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180804.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180805.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180806.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP222\A0180807.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185816.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185817.exe (Trojan.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185818.exe (Adware.Insider) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP223\A0185819.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186815.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186816.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186817.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186818.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186819.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0186820.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP224\A0187830.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187839.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187840.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187842.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187844.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187845.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187848.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187849.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187856.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187858.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187859.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187860.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187861.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187862.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187863.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187864.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187869.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187871.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187872.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187873.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187874.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187875.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187876.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187877.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187878.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187882.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187892.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187894.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187897.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187903.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187904.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187905.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187907.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187908.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187909.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187911.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187914.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187916.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187917.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187918.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187919.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187920.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187923.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187924.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187929.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187931.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187932.dll (Adware.TTC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187933.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187935.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187937.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187941.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187942.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187943.dll (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187944.exe (Adware.MJC) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187945.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187946.exe (Adware.ISM) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187950.dll (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187951.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187952.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187953.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187954.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{9723EAD3-3FC5-4E9A-88BE-9BDE469CB995}\RP225\A0187956.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\WINDOWS\b128.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\WINDOWS\b153.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\b156.MSNFix (Adware.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\mrofinu1423.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\WINDOWS\POTA777444.exe (Adware.TTC) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\azfiais.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\kegham.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\Terms.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\chrome.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\install.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
D:\Program Files\Outerinfo\FF\components\OuterinfoAds.MSNFix (Adware.Outerinfo) -> Quarantined and deleted successfully.
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 17:20
18 juin 2008 à 17:20
Ah oui
Auparavant,
j'avais deja essayer de mettre a jour internet explorer mais j'avais pas réussi :'(
Mon frere m'avait dit que mon pc ne peut pas fair de mise a jour internet explorer !
et bien je saute une étape >_>
ComboFix 08-06-16.5 - Windows 2008-06-18 17:05:08.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.104 [GMT 2:00]
Endroit: D:\Documents and Settings\Windows\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\Windows\Local Settings\Temporary Internet Files\bestwiner.stt
D:\Documents and Settings\Windows\Local Settings\Temporary Internet Files\CPV.stt
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor\Check Now.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor\Uninstall.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
D:\Documents and Settings\Windows\Mes documents\ASKS~1
D:\Documents and Settings\Windows\Mes documents\ASKS~1\?asks\
D:\Documents and Settings\Windows\Mes documents\ASKS~1\svchost.exe
D:\Documents and Settings\Windows\Mes documents\TSKS~1
D:\WINDOWS\system32\sks~1
D:\WINDOWS\system32\sks~1\d?xplore.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))))))
.
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-10 19:02 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-18 14:59 . 2008-06-10 19:02 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-06-18 14:32 . 2008-06-18 14:32 <REP> d-------- D:\WINDOWS\ERUNT
2008-06-18 14:28 . 2008-06-18 14:53 <REP> d-------- D:\SDFix
2008-06-13 11:31 . 2008-02-16 13:35 237,568 --a------ D:\Program Files\Uninstall Morpheus Toolbar.dll
2008-06-12 16:45 . 2008-06-12 16:47 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-06-07 13:38 . 2008-06-07 13:38 <REP> d-------- D:\Application Data
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\ShoppingReport
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Application Data
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-18 15:06 --------- d-----w D:\Documents and Settings\Windows\Application Data\Free Download Manager
2008-06-14 09:12 --------- d-----w D:\Program Files\Free Download Manager
2008-06-13 09:32 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-06-13 09:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-05-30 21:33 --------- d-----w D:\Program Files\Windows Live Safety Center
2008-05-22 16:12 --------- d-----w D:\Documents and Settings\Windows\Application Data\uTorrent
2008-05-17 07:31 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-05-17 07:29 --------- d-----w D:\Program Files\Veoh Networks
2008-05-17 07:21 --------- d-----w D:\Program Files\DivX
2008-05-17 07:20 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll
2008-04-17 11:03 370,176 ----a-w D:\WINDOWS\system32\SETDA.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SETBD.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SET98.tmp
2008-04-15 11:17 64,949 ----a-w D:\WINDOWS\BricoPackUninst.cmd
2008-04-15 11:17 6,118 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-15 10:04 2,138 ----a-w D:\WINDOWS\system32\tmp.reg
2008-04-12 22:04 9,296 ----a-w D:\WINDOWS\system32\yukqfw.exe
2008-04-10 15:24 561 ---ha-w D:\os357577.bin
2008-04-10 14:55 675,328 ----a-w D:\WINDOWS\isRS-000.tmp
2008-04-10 05:35 9,296 ----a-w D:\WINDOWS\system32\djsyrt.exe
2008-04-08 20:37 9,296 ----a-w D:\WINDOWS\system32\vxcrni.exe
2008-04-06 19:19 9,296 ----a-w D:\WINDOWS\system32\qcosrn.exe
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
D:\Program Files\MSN\diqatubem777444.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C46B50DE-7FAE-4BB6-E9B6-78487DC8F0A4}]
D:\Program Files\WindowsUpdate\lagurigyz.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6424E54-896C-4F7E-B1EB-1E8BF9B349BB}]
D:\Program Files\MSN\diqatubem821058.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"Free Download Manager"="D:\Program Files\Free Download Manager\fdm.exe" [2007-09-18 23:35 2445359]
"Free Upload Manager"="D:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="D:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 19:02 40960]
"Rvjk"="D:\WINDOWS\system32\??sks\d?xplore.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvidia"="D:\Documents and Settings\Windows\dqofvv.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
"msnmsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-21 17:20:39 113664]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\Free Download Manager\\fdm.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 17:06:42
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-18 17:08:58
ComboFix-quarantined-files.txt 2008-06-18 15:08:29
Pre-Run: 10,089,623,552 octets libres
Post-Run: 10,111,381,504 octets libres
117 --- E O F --- 2008-06-14 10:30:24
Auparavant,
j'avais deja essayer de mettre a jour internet explorer mais j'avais pas réussi :'(
Mon frere m'avait dit que mon pc ne peut pas fair de mise a jour internet explorer !
et bien je saute une étape >_>
ComboFix 08-06-16.5 - Windows 2008-06-18 17:05:08.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.104 [GMT 2:00]
Endroit: D:\Documents and Settings\Windows\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\Windows\Local Settings\Temporary Internet Files\bestwiner.stt
D:\Documents and Settings\Windows\Local Settings\Temporary Internet Files\CPV.stt
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor\Check Now.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Internet Speed Monitor\Uninstall.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
D:\Documents and Settings\Windows\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
D:\Documents and Settings\Windows\Mes documents\ASKS~1
D:\Documents and Settings\Windows\Mes documents\ASKS~1\?asks\
D:\Documents and Settings\Windows\Mes documents\ASKS~1\svchost.exe
D:\Documents and Settings\Windows\Mes documents\TSKS~1
D:\WINDOWS\system32\sks~1
D:\WINDOWS\system32\sks~1\d?xplore.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))))))
.
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-10 19:02 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-18 14:59 . 2008-06-10 19:02 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-06-18 14:32 . 2008-06-18 14:32 <REP> d-------- D:\WINDOWS\ERUNT
2008-06-18 14:28 . 2008-06-18 14:53 <REP> d-------- D:\SDFix
2008-06-13 11:31 . 2008-02-16 13:35 237,568 --a------ D:\Program Files\Uninstall Morpheus Toolbar.dll
2008-06-12 16:45 . 2008-06-12 16:47 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-06-07 13:38 . 2008-06-07 13:38 <REP> d-------- D:\Application Data
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\ShoppingReport
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Application Data
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-18 15:06 --------- d-----w D:\Documents and Settings\Windows\Application Data\Free Download Manager
2008-06-14 09:12 --------- d-----w D:\Program Files\Free Download Manager
2008-06-13 09:32 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-06-13 09:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-05-30 21:33 --------- d-----w D:\Program Files\Windows Live Safety Center
2008-05-22 16:12 --------- d-----w D:\Documents and Settings\Windows\Application Data\uTorrent
2008-05-17 07:31 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-05-17 07:29 --------- d-----w D:\Program Files\Veoh Networks
2008-05-17 07:21 --------- d-----w D:\Program Files\DivX
2008-05-17 07:20 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll
2008-04-17 11:03 370,176 ----a-w D:\WINDOWS\system32\SETDA.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SETBD.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SET98.tmp
2008-04-15 11:17 64,949 ----a-w D:\WINDOWS\BricoPackUninst.cmd
2008-04-15 11:17 6,118 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-15 10:04 2,138 ----a-w D:\WINDOWS\system32\tmp.reg
2008-04-12 22:04 9,296 ----a-w D:\WINDOWS\system32\yukqfw.exe
2008-04-10 15:24 561 ---ha-w D:\os357577.bin
2008-04-10 14:55 675,328 ----a-w D:\WINDOWS\isRS-000.tmp
2008-04-10 05:35 9,296 ----a-w D:\WINDOWS\system32\djsyrt.exe
2008-04-08 20:37 9,296 ----a-w D:\WINDOWS\system32\vxcrni.exe
2008-04-06 19:19 9,296 ----a-w D:\WINDOWS\system32\qcosrn.exe
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
D:\Program Files\MSN\diqatubem777444.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C46B50DE-7FAE-4BB6-E9B6-78487DC8F0A4}]
D:\Program Files\WindowsUpdate\lagurigyz.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6424E54-896C-4F7E-B1EB-1E8BF9B349BB}]
D:\Program Files\MSN\diqatubem821058.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"Free Download Manager"="D:\Program Files\Free Download Manager\fdm.exe" [2007-09-18 23:35 2445359]
"Free Upload Manager"="D:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="D:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 19:02 40960]
"Rvjk"="D:\WINDOWS\system32\??sks\d?xplore.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvidia"="D:\Documents and Settings\Windows\dqofvv.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
"msnmsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-21 17:20:39 113664]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\Free Download Manager\\fdm.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 17:06:42
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-18 17:08:58
ComboFix-quarantined-files.txt 2008-06-18 15:08:29
Pre-Run: 10,089,623,552 octets libres
Post-Run: 10,111,381,504 octets libres
117 --- E O F --- 2008-06-14 10:30:24
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2008 à 17:58
18 juin 2008 à 17:58
installe un antivirus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
tu peux mettre a jour internet explorer sauf si windows que tu as n'es pas legal
____________________
si tu ne le mets pas a jour ne surf plus avec mais avec firefox:
http://www.01net.com/telecharger/windows/Internet/navigateur/fiches/42003.html
____________________
Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
D:\Program Files\MSN\diqatubem777444.dll
D:\Program Files\MSN\diqatubem821058.dll
D:\WINDOWS\system32\??sks\d?xplore.exe
D:\Program Files\WindowsUpdate\lagurigyz.dll
Registry::
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C46B50DE-7FAE-4BB6-E9B6-78487DC8F0A4}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6424E54-896C-4F7E-B1EB-1E8BF9B349BB}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
40960]
"Rvjk"=-
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Remets aussi un rapport Hijackthis
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
__________________
dis tes soucis
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
tu peux mettre a jour internet explorer sauf si windows que tu as n'es pas legal
____________________
si tu ne le mets pas a jour ne surf plus avec mais avec firefox:
http://www.01net.com/telecharger/windows/Internet/navigateur/fiches/42003.html
____________________
Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
D:\Program Files\MSN\diqatubem777444.dll
D:\Program Files\MSN\diqatubem821058.dll
D:\WINDOWS\system32\??sks\d?xplore.exe
D:\Program Files\WindowsUpdate\lagurigyz.dll
Registry::
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C46B50DE-7FAE-4BB6-E9B6-78487DC8F0A4}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6424E54-896C-4F7E-B1EB-1E8BF9B349BB}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
40960]
"Rvjk"=-
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Remets aussi un rapport Hijackthis
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
__________________
dis tes soucis
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 19:02
18 juin 2008 à 19:02
Voila Voila
ComboFix 08-06-16.5 - Windows 2008-06-18 18:49:32.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.89 [GMT 2:00]
Endroit: D:\Documents and Settings\Windows\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\Windows\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
D:\Program Files\MSN\diqatubem777444.dll
D:\Program Files\MSN\diqatubem821058.dll
D:\Program Files\WindowsUpdate\lagurigyz.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))))))
.
2008-06-18 17:16 . 2008-06-18 17:16 <REP> d-------- D:\Program Files\Avira
2008-06-18 17:16 . 2008-06-18 17:16 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Avira
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-10 19:02 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-18 14:59 . 2008-06-10 19:02 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-06-18 14:32 . 2008-06-18 14:32 <REP> d-------- D:\WINDOWS\ERUNT
2008-06-18 14:28 . 2008-06-18 14:53 <REP> d-------- D:\SDFix
2008-06-13 11:31 . 2008-02-16 13:35 237,568 --a------ D:\Program Files\Uninstall Morpheus Toolbar.dll
2008-06-12 16:45 . 2008-06-12 16:47 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-06-07 13:38 . 2008-06-07 13:38 <REP> d-------- D:\Application Data
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\ShoppingReport
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Application Data
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-18 16:52 --------- d-----w D:\Documents and Settings\Windows\Application Data\Free Download Manager
2008-06-14 09:12 --------- d-----w D:\Program Files\Free Download Manager
2008-06-13 09:32 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-06-13 09:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-05-30 21:33 --------- d-----w D:\Program Files\Windows Live Safety Center
2008-05-22 16:12 --------- d-----w D:\Documents and Settings\Windows\Application Data\uTorrent
2008-05-17 07:31 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-05-17 07:29 --------- d-----w D:\Program Files\Veoh Networks
2008-05-17 07:21 --------- d-----w D:\Program Files\DivX
2008-05-17 07:20 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll
2008-04-17 11:03 370,176 ----a-w D:\WINDOWS\system32\SETDA.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SETBD.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SET98.tmp
2008-04-15 11:17 64,949 ----a-w D:\WINDOWS\BricoPackUninst.cmd
2008-04-15 11:17 6,118 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-15 10:04 2,138 ----a-w D:\WINDOWS\system32\tmp.reg
2008-04-10 15:24 561 ---ha-w D:\os357577.bin
2008-04-10 14:55 675,328 ----a-w D:\WINDOWS\isRS-000.tmp
2008-04-10 05:35 9,296 ----a-w D:\WINDOWS\system32\djsyrt.exe
2008-04-08 20:37 9,296 ----a-w D:\WINDOWS\system32\vxcrni.exe
2008-04-06 19:19 9,296 ----a-w D:\WINDOWS\system32\qcosrn.exe
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-18_17.08.12,84 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-18 12:50:04 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-06-18 15:09:38 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-01-21 16:12:56 41,792 ----a-w D:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 16:11:28 22,336 ----a-w D:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-04 11:28:53 79,424 ----a-w D:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 08:34:22 28,352 ----a-w D:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
D:\Program Files\MSN\diqatubem777444.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"Free Download Manager"="D:\Program Files\Free Download Manager\fdm.exe" [2007-09-18 23:35 2445359]
"Free Upload Manager"="D:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="D:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 19:02 40960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvidia"="D:\Documents and Settings\Windows\dqofvv.exe" [ ]
"avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
"msnmsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-21 17:20:39 113664]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\Free Download Manager\\fdm.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
*Newly Created Service* - SSMDRV
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 18:51:18
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-18 18:54:44
ComboFix-quarantined-files.txt 2008-06-18 16:54:23
ComboFix2.txt 2008-06-18 15:08:58
Pre-Run: 10,399,109,120 octets libres
Post-Run: 10,391,453,696 octets libres
117 --- E O F --- 2008-06-14 10:30:24
_______________________________________________________________________________
_______________________________________________________________________________
_______________________________________________________________________________
Puis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:26, on 18/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\Free Download Manager\fum\fum.exe
D:\Program Files\Free Download Manager\FUM\fumoei.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Windows\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {3B69DD7E-5C0B-4003-BA11-9CA298AFCF19} - D:\Program Files\MSN\diqatubem777444.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [Nvidia] D:\Documents and Settings\Windows\dqofvv.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "D:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "D:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] D:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
ComboFix 08-06-16.5 - Windows 2008-06-18 18:49:32.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.89 [GMT 2:00]
Endroit: D:\Documents and Settings\Windows\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\Windows\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
D:\Program Files\MSN\diqatubem777444.dll
D:\Program Files\MSN\diqatubem821058.dll
D:\Program Files\WindowsUpdate\lagurigyz.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))))))
.
2008-06-18 17:16 . 2008-06-18 17:16 <REP> d-------- D:\Program Files\Avira
2008-06-18 17:16 . 2008-06-18 17:16 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Avira
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-18 14:59 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-18 14:59 . 2008-06-10 19:02 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-18 14:59 . 2008-06-10 19:02 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-06-18 14:32 . 2008-06-18 14:32 <REP> d-------- D:\WINDOWS\ERUNT
2008-06-18 14:28 . 2008-06-18 14:53 <REP> d-------- D:\SDFix
2008-06-13 11:31 . 2008-02-16 13:35 237,568 --a------ D:\Program Files\Uninstall Morpheus Toolbar.dll
2008-06-12 16:45 . 2008-06-12 16:47 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-06-07 13:38 . 2008-06-07 13:38 <REP> d-------- D:\Application Data
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\ShoppingReport
2008-06-01 13:02 . 2008-06-01 13:02 <REP> d-------- D:\Documents and Settings\Windows\Application Data\Application Data
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-18 16:52 --------- d-----w D:\Documents and Settings\Windows\Application Data\Free Download Manager
2008-06-14 09:12 --------- d-----w D:\Program Files\Free Download Manager
2008-06-13 09:32 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-06-13 09:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-05-30 21:33 --------- d-----w D:\Program Files\Windows Live Safety Center
2008-05-22 16:12 --------- d-----w D:\Documents and Settings\Windows\Application Data\uTorrent
2008-05-17 07:31 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-05-17 07:29 --------- d-----w D:\Program Files\Veoh Networks
2008-05-17 07:21 --------- d-----w D:\Program Files\DivX
2008-05-17 07:20 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll
2008-04-17 11:03 370,176 ----a-w D:\WINDOWS\system32\SETDA.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SETBD.tmp
2008-04-17 11:03 370,176 ------w D:\WINDOWS\system32\SET98.tmp
2008-04-15 11:17 64,949 ----a-w D:\WINDOWS\BricoPackUninst.cmd
2008-04-15 11:17 6,118 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-15 10:04 2,138 ----a-w D:\WINDOWS\system32\tmp.reg
2008-04-10 15:24 561 ---ha-w D:\os357577.bin
2008-04-10 14:55 675,328 ----a-w D:\WINDOWS\isRS-000.tmp
2008-04-10 05:35 9,296 ----a-w D:\WINDOWS\system32\djsyrt.exe
2008-04-08 20:37 9,296 ----a-w D:\WINDOWS\system32\vxcrni.exe
2008-04-06 19:19 9,296 ----a-w D:\WINDOWS\system32\qcosrn.exe
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-18_17.08.12,84 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-18 12:50:04 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-06-18 15:09:38 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-01-21 16:12:56 41,792 ----a-w D:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 16:11:28 22,336 ----a-w D:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-04 11:28:53 79,424 ----a-w D:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 08:34:22 28,352 ----a-w D:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B69DD7E-5C0B-4003-BA11-9CA298AFCF19}]
D:\Program Files\MSN\diqatubem777444.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"Free Download Manager"="D:\Program Files\Free Download Manager\fdm.exe" [2007-09-18 23:35 2445359]
"Free Upload Manager"="D:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="D:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 19:02 40960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvidia"="D:\Documents and Settings\Windows\dqofvv.exe" [ ]
"avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
"msnmsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-21 17:20:39 113664]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\Free Download Manager\\fdm.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
*Newly Created Service* - SSMDRV
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 18:51:18
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-18 18:54:44
ComboFix-quarantined-files.txt 2008-06-18 16:54:23
ComboFix2.txt 2008-06-18 15:08:58
Pre-Run: 10,399,109,120 octets libres
Post-Run: 10,391,453,696 octets libres
117 --- E O F --- 2008-06-14 10:30:24
_______________________________________________________________________________
_______________________________________________________________________________
_______________________________________________________________________________
Puis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:26, on 18/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\Free Download Manager\fum\fum.exe
D:\Program Files\Free Download Manager\FUM\fumoei.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Windows\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {3B69DD7E-5C0B-4003-BA11-9CA298AFCF19} - D:\Program Files\MSN\diqatubem777444.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [Nvidia] D:\Documents and Settings\Windows\dqofvv.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "D:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "D:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] D:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2008 à 20:18
18 juin 2008 à 20:18
relance hijackthis fais do a system scan only et selectionne ces lignes et fais fix cheked
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {3B69DD7E-5C0B-4003-BA11-9CA298AFCF19} - D:\Program Files\MSN\diqatubem777444.dll (file missing)
O4 - HKLM\..\Run: [Nvidia] D:\Documents and Settings\Windows\dqofvv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
_______________
colle un rapport avec ANTIVIR et dis moi tes souci actuels
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {3B69DD7E-5C0B-4003-BA11-9CA298AFCF19} - D:\Program Files\MSN\diqatubem777444.dll (file missing)
O4 - HKLM\..\Run: [Nvidia] D:\Documents and Settings\Windows\dqofvv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
_______________
colle un rapport avec ANTIVIR et dis moi tes souci actuels
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
18 juin 2008 à 21:34
18 juin 2008 à 21:34
Merci beaucoup jlpjlp !
Je n'ai plus de publicités qui s'affichent !
mais d'apres le rapport avec Antivir, j'ai pleins d'infections
le mieux est la mise en quarantaine ou supprimer ?
Avira AntiVir Personal
Report file date: mercredi 18 juin 2008 21:01
Scanning for 1346606 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows
Computer name: BINH
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 15:20:46
ANTIVIR3.VDF : 7.0.4.218 203264 Bytes 18/06/2008 15:20:47
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 18/06/2008 15:20:53
AESCN.DLL : 8.1.0.21 119156 Bytes 18/06/2008 15:20:53
AERDL.DLL : 8.1.0.20 418165 Bytes 18/06/2008 15:20:52
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/06/2008 15:20:51
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/06/2008 15:20:51
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 18/06/2008 15:20:50
AEHELP.DLL : 8.1.0.15 115063 Bytes 18/06/2008 15:20:49
AEGEN.DLL : 8.1.0.28 307572 Bytes 18/06/2008 15:20:49
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/06/2008 15:20:48
AECORE.DLL : 8.1.0.31 168310 Bytes 18/06/2008 15:20:47
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: d:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 18 juin 2008 21:01
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'fumoei.exe' - '1' Module(s) have been scanned
Scan process 'fum.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\' <Ne pas utiliser>
C:\svcipa.exe
[DETECTION] Is the Trojan horse TR/Starter.AEY
[NOTE] The file was moved to '48bc5c1c.qua'!
Begin scan in 'D:\' <Systeme>
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\Documents and Settings\Windows\dqofvv.MSNFix
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c85c80.qua'!
D:\Documents and Settings\Windows\ydmvwp.MSNFix
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c65c77.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.16367
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c71.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26256
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c74.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26388
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c77.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26475
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c78.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.27070
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d31.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.35431
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c79.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50477
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7a.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.61386
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7b.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.76335
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7d.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78324
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d36.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.82557
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7f.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88169
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7e.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89078
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d37.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.91883
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85dc8.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.92917
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c81.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93132
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85dca.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96894
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c80.qua'!
D:\Documents and Settings\Windows\Bureau\Upload_Me.zip
[0] Archive type: ZIP
--> DOCUME~1/Windows/Bureau/Upload_Me/b128.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ezc.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b152.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.tkz
--> DOCUME~1/Windows/Bureau/Upload_Me/b155.exe
[DETECTION] Is the Trojan horse TR/BHO.bkm.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b157.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.jih.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b999.exe
[DETECTION] Is the Trojan horse TR/Agent.CZF
--> DOCUME~1/Windows/Bureau/Upload_Me/catchme.zip
[1] Archive type: ZIP
--> %0e+000xe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/dqofvv.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/mrofinu1423.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/Svconr.exe
[DETECTION] Is the Trojan horse TR/Proxy.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/Yazzle1560OinUninstaller.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
--> DOCUME~1/Windows/Bureau/Upload_Me/ydmvwp.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c55cb0.qua'!
D:\Documents and Settings\Windows\Bureau\msnfix\MSNFix\18062008_14200601.zip
[0] Archive type: ZIP
--> backup/b128.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ezc.1
--> backup/b152.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.tkz
--> backup/b155.exe
[DETECTION] Is the Trojan horse TR/BHO.bkm.1
--> backup/b157.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.jih.1
--> backup/b999.exe
[DETECTION] Is the Trojan horse TR/Agent.CZF
--> backup/dqofvv.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mrofinu1423.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/Svconr.exe
[DETECTION] Is the Trojan horse TR/Proxy.Gen
--> backup/Yazzle1560OinUninstaller.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
--> backup/ydmvwp.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48895c81.qua'!
D:\Program Files\WindowsUpdate\proprygezix.html
[DETECTION] Contains suspicious code HEUR/HTML.Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '48c85e5a.qua'!
D:\QooBox\Quarantine\D\Documents and Settings\Windows\Mes documents\ASKS~1\svchost.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
[NOTE] The file was moved to '48bc5e63.qua'!
D:\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/%%%.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backups/lagurigyz.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
--> backups/SpeedRunner.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.pbq
--> backups/suigpk.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.qqn
--> backups/tk58.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
--> backups/Yazzle1560OinAdmin.exe
--> Object
[2] Archive type: RSRC
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.Purity.BV.7
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
--> backups/Yazzle1560OinUninstaller.MSNFix
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
[NOTE] The file was moved to '48bc5e52.qua'!
D:\WINDOWS\system32\djsyrt.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48cc5fd4.qua'!
D:\WINDOWS\system32\iy876F08.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48915feb.qua'!
D:\WINDOWS\system32\qcosrn.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c85feb.qua'!
D:\WINDOWS\system32\vxcrni.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48bc600b.qua'!
Begin scan in 'E:\' <DATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: mercredi 18 juin 2008 21:20
Used time: 19:03 min
The scan has been done completely.
3399 Scanning directories
127574 Files were scanned
54 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
29 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
127520 Files not concerned
996 Archives were scanned
1 Warnings
29 Notes
Je n'ai plus de publicités qui s'affichent !
mais d'apres le rapport avec Antivir, j'ai pleins d'infections
le mieux est la mise en quarantaine ou supprimer ?
Avira AntiVir Personal
Report file date: mercredi 18 juin 2008 21:01
Scanning for 1346606 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows
Computer name: BINH
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 15:20:46
ANTIVIR3.VDF : 7.0.4.218 203264 Bytes 18/06/2008 15:20:47
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 18/06/2008 15:20:53
AESCN.DLL : 8.1.0.21 119156 Bytes 18/06/2008 15:20:53
AERDL.DLL : 8.1.0.20 418165 Bytes 18/06/2008 15:20:52
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/06/2008 15:20:51
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/06/2008 15:20:51
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 18/06/2008 15:20:50
AEHELP.DLL : 8.1.0.15 115063 Bytes 18/06/2008 15:20:49
AEGEN.DLL : 8.1.0.28 307572 Bytes 18/06/2008 15:20:49
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/06/2008 15:20:48
AECORE.DLL : 8.1.0.31 168310 Bytes 18/06/2008 15:20:47
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: d:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 18 juin 2008 21:01
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'fumoei.exe' - '1' Module(s) have been scanned
Scan process 'fum.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\' <Ne pas utiliser>
C:\svcipa.exe
[DETECTION] Is the Trojan horse TR/Starter.AEY
[NOTE] The file was moved to '48bc5c1c.qua'!
Begin scan in 'D:\' <Systeme>
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\Documents and Settings\Windows\dqofvv.MSNFix
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c85c80.qua'!
D:\Documents and Settings\Windows\ydmvwp.MSNFix
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c65c77.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.16367
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c71.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26256
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c74.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26388
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c77.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26475
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c78.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.27070
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d31.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.35431
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c79.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50477
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7a.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.61386
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7b.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.76335
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7d.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78324
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d36.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.82557
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7f.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88169
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c7e.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89078
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85d37.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.91883
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85dc8.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.92917
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c81.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93132
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '49e85dca.qua'!
D:\Documents and Settings\Windows\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96894
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '489a5c80.qua'!
D:\Documents and Settings\Windows\Bureau\Upload_Me.zip
[0] Archive type: ZIP
--> DOCUME~1/Windows/Bureau/Upload_Me/b128.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ezc.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b152.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.tkz
--> DOCUME~1/Windows/Bureau/Upload_Me/b155.exe
[DETECTION] Is the Trojan horse TR/BHO.bkm.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b157.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.jih.1
--> DOCUME~1/Windows/Bureau/Upload_Me/b999.exe
[DETECTION] Is the Trojan horse TR/Agent.CZF
--> DOCUME~1/Windows/Bureau/Upload_Me/catchme.zip
[1] Archive type: ZIP
--> %0e+000xe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/dqofvv.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/mrofinu1423.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/Svconr.exe
[DETECTION] Is the Trojan horse TR/Proxy.Gen
--> DOCUME~1/Windows/Bureau/Upload_Me/Yazzle1560OinUninstaller.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
--> DOCUME~1/Windows/Bureau/Upload_Me/ydmvwp.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c55cb0.qua'!
D:\Documents and Settings\Windows\Bureau\msnfix\MSNFix\18062008_14200601.zip
[0] Archive type: ZIP
--> backup/b128.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ezc.1
--> backup/b152.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.tkz
--> backup/b155.exe
[DETECTION] Is the Trojan horse TR/BHO.bkm.1
--> backup/b157.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.jih.1
--> backup/b999.exe
[DETECTION] Is the Trojan horse TR/Agent.CZF
--> backup/dqofvv.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mrofinu1423.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/Svconr.exe
[DETECTION] Is the Trojan horse TR/Proxy.Gen
--> backup/Yazzle1560OinUninstaller.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
--> backup/ydmvwp.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48895c81.qua'!
D:\Program Files\WindowsUpdate\proprygezix.html
[DETECTION] Contains suspicious code HEUR/HTML.Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '48c85e5a.qua'!
D:\QooBox\Quarantine\D\Documents and Settings\Windows\Mes documents\ASKS~1\svchost.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
[NOTE] The file was moved to '48bc5e63.qua'!
D:\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/%%%.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backups/lagurigyz.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
--> backups/SpeedRunner.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.pbq
--> backups/suigpk.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.qqn
--> backups/tk58.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
--> backups/Yazzle1560OinAdmin.exe
--> Object
[2] Archive type: RSRC
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.Purity.BV.7
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
--> backups/Yazzle1560OinUninstaller.MSNFix
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
[NOTE] The file was moved to '48bc5e52.qua'!
D:\WINDOWS\system32\djsyrt.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48cc5fd4.qua'!
D:\WINDOWS\system32\iy876F08.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48915feb.qua'!
D:\WINDOWS\system32\qcosrn.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48c85feb.qua'!
D:\WINDOWS\system32\vxcrni.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48bc600b.qua'!
Begin scan in 'E:\' <DATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: mercredi 18 juin 2008 21:20
Used time: 19:03 min
The scan has been done completely.
3399 Scanning directories
127574 Files were scanned
54 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
29 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
127520 Files not concerned
996 Archives were scanned
1 Warnings
29 Notes
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 juin 2008 à 13:17
19 juin 2008 à 13:17
vire le dossier backups en allant dans poste de travail puis
D:\SDFix\backups\
__________________
vire ce qui est dans le dossier quarantine
D:\QooBox\Quarantine\
___________________
vire ce qui est en quarantaine dans antivir et malwarebyte's
____________________
lance tools cleaner et nettoie avec
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
_____________________
colle un nouveau rapport antivir
retelecharge hijakchits et colle moi un nouveau rapport
D:\SDFix\backups\
__________________
vire ce qui est dans le dossier quarantine
D:\QooBox\Quarantine\
___________________
vire ce qui est en quarantaine dans antivir et malwarebyte's
____________________
lance tools cleaner et nettoie avec
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
_____________________
colle un nouveau rapport antivir
retelecharge hijakchits et colle moi un nouveau rapport
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
20 juin 2008 à 14:05
20 juin 2008 à 14:05
Rapport hijakchits :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:06, on 20/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\Free Download Manager\fum\fum.exe
D:\Program Files\Free Download Manager\FUM\fumoei.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
D:\Documents and Settings\Windows\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "D:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "D:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] D:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:06, on 20/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\Free Download Manager\fum\fum.exe
D:\Program Files\Free Download Manager\FUM\fumoei.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
D:\Documents and Settings\Windows\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "D:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "D:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] D:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 juin 2008 à 15:10
20 juin 2008 à 15:10
ok rien dans hijackthis. Encore des problèmes? Garde antivir et malwarebytes pour te protéger . Navigue avec firefox .
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
20 juin 2008 à 16:05
20 juin 2008 à 16:05
oh j'oublias le rapport de antivir
Avira AntiVir Personal
Report file date: vendredi 20 juin 2008 14:06
Scanning for 1346606 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows
Computer name: BINH
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 15:20:46
ANTIVIR3.VDF : 7.0.4.218 203264 Bytes 18/06/2008 15:20:47
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 18/06/2008 15:20:53
AESCN.DLL : 8.1.0.21 119156 Bytes 18/06/2008 15:20:53
AERDL.DLL : 8.1.0.20 418165 Bytes 18/06/2008 15:20:52
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/06/2008 15:20:51
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/06/2008 15:20:51
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 18/06/2008 15:20:50
AEHELP.DLL : 8.1.0.15 115063 Bytes 18/06/2008 15:20:49
AEGEN.DLL : 8.1.0.28 307572 Bytes 18/06/2008 15:20:49
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/06/2008 15:20:48
AECORE.DLL : 8.1.0.31 168310 Bytes 18/06/2008 15:20:47
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: d:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 20 juin 2008 14:06
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'fumoei.exe' - '1' Module(s) have been scanned
Scan process 'fum.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\' <Ne pas utiliser>
Begin scan in 'D:\' <Systeme>
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <DATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: vendredi 20 juin 2008 14:31
Used time: 25:50 min
The scan has been done completely.
3483 Scanning directories
128922 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
128922 Files not concerned
991 Archives were scanned
1 Warnings
0 Notes
Avira AntiVir Personal
Report file date: vendredi 20 juin 2008 14:06
Scanning for 1346606 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows
Computer name: BINH
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 15:20:46
ANTIVIR3.VDF : 7.0.4.218 203264 Bytes 18/06/2008 15:20:47
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 18/06/2008 15:20:53
AESCN.DLL : 8.1.0.21 119156 Bytes 18/06/2008 15:20:53
AERDL.DLL : 8.1.0.20 418165 Bytes 18/06/2008 15:20:52
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/06/2008 15:20:51
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/06/2008 15:20:51
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 18/06/2008 15:20:50
AEHELP.DLL : 8.1.0.15 115063 Bytes 18/06/2008 15:20:49
AEGEN.DLL : 8.1.0.28 307572 Bytes 18/06/2008 15:20:49
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/06/2008 15:20:48
AECORE.DLL : 8.1.0.31 168310 Bytes 18/06/2008 15:20:47
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: d:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 20 juin 2008 14:06
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'fumoei.exe' - '1' Module(s) have been scanned
Scan process 'fum.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\' <Ne pas utiliser>
Begin scan in 'D:\' <Systeme>
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <DATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: vendredi 20 juin 2008 14:31
Used time: 25:50 min
The scan has been done completely.
3483 Scanning directories
128922 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
128922 Files not concerned
991 Archives were scanned
1 Warnings
0 Notes
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
20 juin 2008 à 16:08
20 juin 2008 à 16:08
Oui apparemment, y'a plus de probleme
Maintenant J'peux naviguer tranquillement sans publicités
Merci pour ton Aide jlpjlp !
Maintenant J'peux naviguer tranquillement sans publicités
Merci pour ton Aide jlpjlp !
dan24
Messages postés
11
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
2 juillet 2008
2 juil. 2008 à 12:17
2 juil. 2008 à 12:17
Merrciii beaucoup Jlpjlp ;)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
2 juil. 2008 à 12:20
2 juil. 2008 à 12:20
de rien!
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2008 à 16:55
18 juin 2008 à 16:55
ok
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
_______________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
__________________
installe un antivirus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
recolle un hijakchits et dis tes soucis
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
_______________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
__________________
installe un antivirus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
__________________
recolle un hijakchits et dis tes soucis
18 juin 2008 à 14:37
j'en reste muet,depuit mai 2007 tu a une moyenne de 400 interventions par semaine;il ne suffit pas d'avoir des connaissances faut-il avoir le coeur d'aider les autre.CHAPEAU BAS jlp jlp.
18 juin 2008 à 14:41