Ordi avec plein depub
phi60420
Messages postés
169
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour, mon ordinateur est infecté de pub ilest impossible defaire une recherche sur internet de plus il se déconnecte tuot seul quand je suis sur un site meme le fond d'ecran est un site
A voir également:
- Ordi avec plein depub
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Ecran ordi a l'envers - Guide
- Mon ordi ne reconnait pas ma clé usb - Guide
13 réponses
Bonjour Jlpjlp
Il y a du doublon dans l'air ...
http://www.commentcamarche.net/forum/affich 6877472 ordi plein de pub#20
...
Il y a du doublon dans l'air ...
http://www.commentcamarche.net/forum/affich 6877472 ordi plein de pub#20
...
slt,
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
______________
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
______________
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Logfile of HijackThis v1.99.1
Scan saved at 13:42:21, on 13/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\FBM Software\ZeroSpyware\FileDeleter.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\System32\rmctrl.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\mrofinu1423.exe
C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
C:\windows\system32\swyeqoemyg.exe
C:\Documents and Settings\@\pltklx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\WINDOWS\PPATCH~1\logonui.exe
C:\WINDOWS\??stem\n?pdb.exe
C:\Program Files\Zango\bin\10.3.36.0\Weather.exe
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Eroca\Eroca.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Svconr\Svconr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PAE.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Zango\bin\10.3.36.0\Srv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://g.advisurf.com/web
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=12040486&id=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.shopnav.com/sidesearch.cgi?uid=12039442&id=0
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: (no name) - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\@\LOCALS~1\Temp\services.exe
O2 - BHO: Band Class - {00027925-0017-4faf-9539-90E4AC0B9EC5} - C:\WINDOWS\eltt.dll (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {0755AEB9-CD5C-85D8-E73C-969940E7FCDC} - C:\WINDOWS\System32\cdmdownld\yobqywhuos.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {32341E7E-C319-46DE-91D0-E30BB1A3CABA} - C:\WINDOWS\system32\nnnljgGV.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEListener Class - {911A1534-8E65-448E-92AE-E22D49F870C4} - C:\PAE_BHO.dll
O2 - BHO: {cddde670-9730-6b59-9954-b11ee0e457e9} - {9e754e0e-e11b-4599-95b6-0379076edddc} - C:\WINDOWS\system32\ojciipto.dll
O2 - BHO: (no name) - {A062C93C-528E-685A-F739-7EA2E4EE49C6} - C:\WINDOWS\system32\ocubr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {C97C594F-DD3D-4FE1-A7F9-930FCA8945AE} - C:\WINDOWS\system32\vtUkkjih.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [smanp] C:\DOCUME~1\@\LOCALS~1\Temp\app1F40.tmp
O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\@\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD325762E901F3D2933202228B284662E901F3D1DC7E4638E8323A15806F97BDE4417E6FD967002BA754E2C681210C67D36D
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
O4 - HKLM\..\Run: [iamwiqimi] c:\windows\system32\iamwiqimi.exe iamwiqimi
O4 - HKLM\..\Run: [Nvidia] C:\Documents and Settings\@\pltklx.exe
O4 - HKLM\..\Run: [0ca0821b] rundll32.exe "C:\WINDOWS\system32\pcevfror.dll",b
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZSScheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo RX560 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPE.EXE /FU "C:\WINDOWS\TEMP\E_S266.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\Run: [NoDNS] C:\Program Files\\NoDNS\\NoDNS.exe
O4 - HKCU\..\Run: [Aesi] "C:\WINDOWS\PPATCH~1\logonui.exe" -vt yazb
O4 - HKCU\..\Run: [Pysibamc] C:\WINDOWS\??stem\n?pdb.exe
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [A00F39E2D9F.exe] C:\DOCUME~1\@\LOCALS~1\Temp\_A00F39E2D9F.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKCU\..\Run: [GetPack18] "C:\Program Files\GetPack\GetPack18.exe"
O4 - HKCU\..\Run: [GetModule18] "C:\Program Files\GetModule\GetModule18.exe"
O4 - HKCU\..\Run: [QdrPack17] "C:\Program Files\QdrPack\QdrPack17.exe"
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\hit80 Web hottest videos personal player.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk181YYFR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?70696ede427d4ba48f69a98de8f48e7e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?70696ede427d4ba48f69a98de8f48e7e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\MemoWeb 4\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\MemoWeb 4\IEBtn\Launcher (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.6.5.22/checkeredflag/checkeredflag-fr_FR.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.6.5.31/mahjong/mahjong-fr_FR.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.6.5.31/flinger/flinger-fr_FR.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.6.5.22/popfu/popfu-fr_FR.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.6.5.22/squelchies/squelchies-fr_FR.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.5.22/worldclass/worldclass-fr_FR.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
O16 - DPF: {0D1011B3-89C8-4F8E-8693-BB970E2E81E0} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.fr.aol.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: nnnljgGV - C:\WINDOWS\SYSTEM32\nnnljgGV.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: __c007689 - C:\WINDOWS\system32\__c007689.dat
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ZeroSpyware FileDeleter (FileDeleter) - FBMSoftware - C:\Program Files\FBM Software\ZeroSpyware\FileDeleter.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Scan saved at 13:42:21, on 13/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\FBM Software\ZeroSpyware\FileDeleter.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\System32\rmctrl.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\mrofinu1423.exe
C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
C:\windows\system32\swyeqoemyg.exe
C:\Documents and Settings\@\pltklx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\WINDOWS\PPATCH~1\logonui.exe
C:\WINDOWS\??stem\n?pdb.exe
C:\Program Files\Zango\bin\10.3.36.0\Weather.exe
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Eroca\Eroca.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Svconr\Svconr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PAE.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Zango\bin\10.3.36.0\Srv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://g.advisurf.com/web
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=12040486&id=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.shopnav.com/sidesearch.cgi?uid=12039442&id=0
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: (no name) - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\@\LOCALS~1\Temp\services.exe
O2 - BHO: Band Class - {00027925-0017-4faf-9539-90E4AC0B9EC5} - C:\WINDOWS\eltt.dll (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {0755AEB9-CD5C-85D8-E73C-969940E7FCDC} - C:\WINDOWS\System32\cdmdownld\yobqywhuos.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {32341E7E-C319-46DE-91D0-E30BB1A3CABA} - C:\WINDOWS\system32\nnnljgGV.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEListener Class - {911A1534-8E65-448E-92AE-E22D49F870C4} - C:\PAE_BHO.dll
O2 - BHO: {cddde670-9730-6b59-9954-b11ee0e457e9} - {9e754e0e-e11b-4599-95b6-0379076edddc} - C:\WINDOWS\system32\ojciipto.dll
O2 - BHO: (no name) - {A062C93C-528E-685A-F739-7EA2E4EE49C6} - C:\WINDOWS\system32\ocubr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {C97C594F-DD3D-4FE1-A7F9-930FCA8945AE} - C:\WINDOWS\system32\vtUkkjih.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [smanp] C:\DOCUME~1\@\LOCALS~1\Temp\app1F40.tmp
O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\@\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD325762E901F3D2933202228B284662E901F3D1DC7E4638E8323A15806F97BDE4417E6FD967002BA754E2C681210C67D36D
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
O4 - HKLM\..\Run: [iamwiqimi] c:\windows\system32\iamwiqimi.exe iamwiqimi
O4 - HKLM\..\Run: [Nvidia] C:\Documents and Settings\@\pltklx.exe
O4 - HKLM\..\Run: [0ca0821b] rundll32.exe "C:\WINDOWS\system32\pcevfror.dll",b
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZSScheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo RX560 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPE.EXE /FU "C:\WINDOWS\TEMP\E_S266.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\Run: [NoDNS] C:\Program Files\\NoDNS\\NoDNS.exe
O4 - HKCU\..\Run: [Aesi] "C:\WINDOWS\PPATCH~1\logonui.exe" -vt yazb
O4 - HKCU\..\Run: [Pysibamc] C:\WINDOWS\??stem\n?pdb.exe
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [A00F39E2D9F.exe] C:\DOCUME~1\@\LOCALS~1\Temp\_A00F39E2D9F.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKCU\..\Run: [GetPack18] "C:\Program Files\GetPack\GetPack18.exe"
O4 - HKCU\..\Run: [GetModule18] "C:\Program Files\GetModule\GetModule18.exe"
O4 - HKCU\..\Run: [QdrPack17] "C:\Program Files\QdrPack\QdrPack17.exe"
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\hit80 Web hottest videos personal player.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk181YYFR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?70696ede427d4ba48f69a98de8f48e7e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?70696ede427d4ba48f69a98de8f48e7e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\MemoWeb 4\IEBtn\Launcher (file missing)
O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\MemoWeb 4\IEBtn\Launcher (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.6.5.22/checkeredflag/checkeredflag-fr_FR.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.6.5.31/mahjong/mahjong-fr_FR.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.6.5.31/flinger/flinger-fr_FR.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.6.5.22/popfu/popfu-fr_FR.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.6.5.22/squelchies/squelchies-fr_FR.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.5.22/worldclass/worldclass-fr_FR.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
O16 - DPF: {0D1011B3-89C8-4F8E-8693-BB970E2E81E0} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.fr.aol.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: nnnljgGV - C:\WINDOWS\SYSTEM32\nnnljgGV.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: __c007689 - C:\WINDOWS\system32\__c007689.dat
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ZeroSpyware FileDeleter (FileDeleter) - FBMSoftware - C:\Program Files\FBM Software\ZeroSpyware\FileDeleter.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ok tu es gavé!!!!!!!!!!!!!!!!!!!!!!!
il y a du boulot!!!!!!!!!!!!!!!!
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
il y a du boulot!!!!!!!!!!!!!!!!
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tu colle le rapport navilog obtenu en ayant fais l'otpion 1
Search Navipromo version 3.5.8 commencé le 13/06/2008 à 13:54:26,32
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "@"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
Instant Access
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\Instant Access trouvé !
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\WINDOWS\system32\swyeqoemyg.dat
C:\WINDOWS\system32\swyeqoemyg.exe
C:\WINDOWS\system32\swyeqoemyg_nav.dat
C:\WINDOWS\system32\swyeqoemyg_navps.dat
C:\WINDOWS\system32\swyeqoemyg_navup.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
Fichiers trouvés :
iamwiqimi.exe trouvé !
iamwiqimi.dat trouvé !
iamwiqimi_nav.dat trouvé !
iamwiqimi_navps.dat trouvé !
Fichiers suspects :
nsinet.exe trouvé !
* Recherche dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\Downloaded Program Files\IaLdr32.inf trouvé !
C:\WINDOWS\system32\egaccess4_1060.dll trouvé !
C:\WINDOWS\system32\egaccess4_1061.dll trouvé !
C:\WINDOWS\system32\egaccess4_1062.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1072.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1074.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1072.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1074.dll trouvé !
C:\WINDOWS\system32\EGDHTML_1026.dll trouvé !
C:\WINDOWS\system32\EGDHTML_1026.dll trouvé !
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
C:\WINDOWS\system32\mwsrvacc.exe trouvé !
C:\WINDOWS\system32\prosvsys.exe trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
C:\WINDOWS\system32\nsinet.exe trouvé !
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
iamwiqimi.dat trouvé !
iamwiqimi_nav.dat trouvé !
iamwiqimi_navps.dat trouvé !
linkprd.exe trouvé !
mwsrvacc.exe trouvé !
prosvsys.exe trouvé !
swyeqoemyg.dat trouvé !
swyeqoemyg_nav.dat trouvé !
swyeqoemyg_navps.dat trouvé !
ujviwghx_navtmp.dat trouvé !
* Dans "C:\Documents and Settings\@\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
C:\WINDOWS\system32\hijkkUtv.ini2 trouvé ! infection Vundo possible non traitée par cet outil !
*** Analyse terminée le 13/06/2008 à 14:16:56,59 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "@"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
Instant Access
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\Instant Access trouvé !
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\@\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\WINDOWS\system32\swyeqoemyg.dat
C:\WINDOWS\system32\swyeqoemyg.exe
C:\WINDOWS\system32\swyeqoemyg_nav.dat
C:\WINDOWS\system32\swyeqoemyg_navps.dat
C:\WINDOWS\system32\swyeqoemyg_navup.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
Fichiers trouvés :
iamwiqimi.exe trouvé !
iamwiqimi.dat trouvé !
iamwiqimi_nav.dat trouvé !
iamwiqimi_navps.dat trouvé !
Fichiers suspects :
nsinet.exe trouvé !
* Recherche dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\Downloaded Program Files\IaLdr32.inf trouvé !
C:\WINDOWS\system32\egaccess4_1060.dll trouvé !
C:\WINDOWS\system32\egaccess4_1061.dll trouvé !
C:\WINDOWS\system32\egaccess4_1062.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1072.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1074.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1072.dll trouvé !
C:\WINDOWS\system32\EGDACCESS_1074.dll trouvé !
C:\WINDOWS\system32\EGDHTML_1026.dll trouvé !
C:\WINDOWS\system32\EGDHTML_1026.dll trouvé !
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
C:\WINDOWS\system32\mwsrvacc.exe trouvé !
C:\WINDOWS\system32\prosvsys.exe trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
C:\WINDOWS\system32\nsinet.exe trouvé !
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
iamwiqimi.dat trouvé !
iamwiqimi_nav.dat trouvé !
iamwiqimi_navps.dat trouvé !
linkprd.exe trouvé !
mwsrvacc.exe trouvé !
prosvsys.exe trouvé !
swyeqoemyg.dat trouvé !
swyeqoemyg_nav.dat trouvé !
swyeqoemyg_navps.dat trouvé !
ujviwghx_navtmp.dat trouvé !
* Dans "C:\Documents and Settings\@\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
C:\WINDOWS\system32\hijkkUtv.ini2 trouvé ! infection Vundo possible non traitée par cet outil !
*** Analyse terminée le 13/06/2008 à 14:16:56,59 ***
ok
tu as du boulot!!!!! il faut tout faire!
Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr pour faire evoluer msnfix
______________
virtumondebegone (colle le rapport)
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
____________
= Lance navilog1
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît
= colle le contenu du rapport de navilog (qui est en option2)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.
_______________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
__________________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakhcits et dis tes soucis
tu as du boulot!!!!! il faut tout faire!
Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr pour faire evoluer msnfix
______________
virtumondebegone (colle le rapport)
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
____________
= Lance navilog1
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît
= colle le contenu du rapport de navilog (qui est en option2)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.
_______________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
__________________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakhcits et dis tes soucis
a la place de msnfix fais ceci:
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
_________
puis fais le reste déjà donné
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
_________
puis fais le reste déjà donné
Malwarebytes' Anti-Malware 1.17
Version de la base de données: 854
20:34:15 14/06/2008
mbam-log-6-14-2008 (20-34-14).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 152280
Temps écoulé: 1 hour(s), 39 minute(s), 22 second(s)
Processus mémoire infecté(s): 11
Module(s) mémoire infecté(s): 9
Clé(s) du Registre infectée(s): 140
Valeur(s) du Registre infectée(s): 31
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 66
Fichier(s) infecté(s): 362
Processus mémoire infecté(s):
C:\WINDOWS\mrofinu1423.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Program Files\NoDNS\NoDNS.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\??pPatch\logonui.exe (Adware.ClickSpring) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe (Trojan.Vundo) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Program Files\Eroca\Eroca.exe (Adware.Agent) -> Unloaded process successfully.
C:\Program Files\Svconr\Svconr.exe (Adware.Agent) -> Unloaded process successfully.
C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe (Adware.180Solutions) -> Unloaded process successfully.
C:\Program Files\Zango\bin\10.3.36.0\Weather.exe (Adware.180Solutions) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\aaroeaht.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\vtUkkjih.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\ocubr.dll (Adware.ClickSpring) -> Unloaded module successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWebSearch) -> Unloaded module successfully.
C:\Program Files\PeDevice\PeDev.dll (Adware.Popups) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\HostOE.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\WeSkin.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\ZangoSAHook.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\WINDOWS\system32\__c007689.dat (Trojan.Agent) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dfd8f1b5-7b88-409a-8256-3c77c48f222e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{dfd8f1b5-7b88-409a-8256-3c77c48f222e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a062c93c-528e-685a-f739-7ea2e4ee49c6} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a062c93c-528e-685a-f739-7ea2e4ee49c6} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6cd-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d2-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d3-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d5-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d7-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0db-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mp.mediapops (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mp.mediapops.1 (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pae_bho.pedev_ielistener (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e47627b-d89e-442b-82a6-f2fab368621b} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1412445-4ff8-410e-8d24-f2cf86b171a4} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e1412445-4ff8-410e-8d24-f2cf86b171a4} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pae_bho.pedev_ielistener.1 (Adware.Popups) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wintouch (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71f731b3-008b-4052-9ea4-4145acce40c3} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ism (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c007689 (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spcron (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Svconr (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISM (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Deskbar.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\WinPGI.DLL (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\zango (Adware.180Solutions) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0ca0821b (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpeedRunner (Adware.SpeedRunner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SfKg6wIP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinTouch (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SfKg6w (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Eroca (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Svconr (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Aesi (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WebSUpdater (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{32341e7e-c319-46de-91d0-e30bb1a3caba} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoOE (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WeatherDPA (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoSA (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SDR6V_Check (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinUpdater (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QdrPack17 (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run\A00F39E2D9F.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.3.36.0 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Flash Media (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukkjih -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukkjih -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Heuristics.Reserved.Word.Exploit) -> Data: c:\docume~1\@\locals~1\temp\services.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\@\LOCALS~1\Temp\services.exe) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Zango (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0 (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Inet_Get_2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\@ (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\Application Data (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\Documents and Settings (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\@ (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\Application Data (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\Documents and Settings (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Program Files\PeDevice (Adware.Popups) -> Delete on reboot.
C:\Program Files\PeDevice\tmp (Adware.Popups) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\dsktp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\temp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\ISM (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar\Cache (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\Application Data (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\cs (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\Twain (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Svconr (Trojan.Agent) -> Delete on reboot.
C:\Program Files\Spcron (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Eroca (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\aaroeaht.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\thaeoraa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlylyene.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eneylyld.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuccekog.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gokeccuf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcevfror.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rorfvecp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sfwvlvbf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbvlvwfs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUkkjih.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hijkkUtv.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hijkkUtv.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocubr.dll (Adware.ClickSpring) -> Delete on reboot.
C:\WINDOWS\mrofinu1423.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\NoDNS.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\??pPatch\logonui.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Eroca\Eroca.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Svconr\Svconr.exe (Adware.Agent) -> Delete on reboot.
C:\Program Files\winvi\wupda.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\PeDevice\PeDev.dll (Adware.Popups) -> Delete on reboot.
C:\updaterInstall_108.exe (Trojan.KeenValue) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\kujhzr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\nlfdjg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WTUninstaller.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Local Settings\Temporary Internet Files\Content.IE5\AX19DALM\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Local Settings\Temporary Internet Files\Content.IE5\TRXN4P0K\afj[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV8.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\Program Files\dbar\deskbar.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\ISM\ism.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\Messenger\qisyveho777444.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Program Files\Messenger\qisyveho821058.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack\QdrPack16.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron\Spc.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron\Spcron_old.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475695.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475726.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475727.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475729.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0477828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0477830.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478817.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478818.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478819.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478820.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1006\A0487963.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490055.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490061.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490062.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1010\A0493194.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1012\A0498209.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501306.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501307.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501308.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501309.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501310.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509463.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509464.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509465.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0509490.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0513519.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0515577.dll (Dialer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384289.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384290.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384291.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384292.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384293.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384294.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384295.exe (Trojan.Matcash) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP918\A0384296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384374.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384381.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384384.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384413.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384416.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384417.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP922\A0387380.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP922\A0387382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387417.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387418.exe (Trojan.Matcash) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387419.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0388381.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0388382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP924\A0389380.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP924\A0389409.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP926\A0390382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP926\A0391382.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP927\A0391411.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP927\A0391414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP928\A0391479.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP928\A0391488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392519.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392521.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392528.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393527.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393528.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393530.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0394522.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395542.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395543.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395544.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395565.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395569.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0396522.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP934\A0396549.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP934\A0396550.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396585.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396586.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396587.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396588.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396590.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396609.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396610.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396614.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396618.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396641.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP940\A0400725.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP940\A0400726.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP943\A0403728.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP943\A0403729.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0403870.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0403874.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0404870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP946\A0404885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP948\A0407885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP948\A0407886.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP949\A0408870.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP949\A0408871.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP950\A0409889.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP951\A0409970.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP951\A0409971.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP953\A0414055.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP955\A0418126.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420305.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420306.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420311.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP958\A0425314.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP959\A0426388.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427532.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427533.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427534.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP962\A0428591.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP963\A0430584.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431666.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431667.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431671.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431672.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431673.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431674.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP965\A0435718.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP967\A0437739.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP968\A0438736.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP971\A0440897.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP973\A0441053.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441094.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441095.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441110.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441124.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP975\A0442133.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP975\A0442150.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP980\A0444392.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP980\A0444393.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP981\A0444487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP983\A0448562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454849.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454850.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454851.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454852.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454853.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455836.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455837.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455838.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455858.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0456891.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP990\A0458088.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP991\A0462147.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP993\A0464203.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0465194.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0465195.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466191.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466195.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466206.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP995\A0468273.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP998\A0471428.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP998\A0471429.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP999\A0473516.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\17PHolmes1423.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b128.exe (Trojan.Downloader) -> Quarantined and deleted
Version de la base de données: 854
20:34:15 14/06/2008
mbam-log-6-14-2008 (20-34-14).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 152280
Temps écoulé: 1 hour(s), 39 minute(s), 22 second(s)
Processus mémoire infecté(s): 11
Module(s) mémoire infecté(s): 9
Clé(s) du Registre infectée(s): 140
Valeur(s) du Registre infectée(s): 31
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 66
Fichier(s) infecté(s): 362
Processus mémoire infecté(s):
C:\WINDOWS\mrofinu1423.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Program Files\NoDNS\NoDNS.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\??pPatch\logonui.exe (Adware.ClickSpring) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe (Trojan.Vundo) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Program Files\Eroca\Eroca.exe (Adware.Agent) -> Unloaded process successfully.
C:\Program Files\Svconr\Svconr.exe (Adware.Agent) -> Unloaded process successfully.
C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe (Adware.180Solutions) -> Unloaded process successfully.
C:\Program Files\Zango\bin\10.3.36.0\Weather.exe (Adware.180Solutions) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\aaroeaht.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\vtUkkjih.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\ocubr.dll (Adware.ClickSpring) -> Unloaded module successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWebSearch) -> Unloaded module successfully.
C:\Program Files\PeDevice\PeDev.dll (Adware.Popups) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\HostOE.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\WeSkin.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\Program Files\Zango\bin\10.3.36.0\ZangoSAHook.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\WINDOWS\system32\__c007689.dat (Trojan.Agent) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dfd8f1b5-7b88-409a-8256-3c77c48f222e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{dfd8f1b5-7b88-409a-8256-3c77c48f222e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a062c93c-528e-685a-f739-7ea2e4ee49c6} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a062c93c-528e-685a-f739-7ea2e4ee49c6} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6cd-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d2-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d3-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d5-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d7-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0db-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mp.mediapops (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mp.mediapops.1 (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pae_bho.pedev_ielistener (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e47627b-d89e-442b-82a6-f2fab368621b} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1412445-4ff8-410e-8d24-f2cf86b171a4} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e1412445-4ff8-410e-8d24-f2cf86b171a4} (Adware.Popups) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pae_bho.pedev_ielistener.1 (Adware.Popups) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wintouch (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71f731b3-008b-4052-9ea4-4145acce40c3} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ism (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c007689 (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spcron (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Svconr (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISM (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Deskbar.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\WinPGI.DLL (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\zango (Adware.180Solutions) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0ca0821b (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpeedRunner (Adware.SpeedRunner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SfKg6wIP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinTouch (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SfKg6w (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Eroca (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Svconr (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Aesi (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WebSUpdater (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{32341e7e-c319-46de-91d0-e30bb1a3caba} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoOE (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WeatherDPA (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoSA (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SDR6V_Check (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinUpdater (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QdrPack17 (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run\A00F39E2D9F.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.3.36.0 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Flash Media (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukkjih -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukkjih -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Heuristics.Reserved.Word.Exploit) -> Data: c:\docume~1\@\locals~1\temp\services.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\@\LOCALS~1\Temp\services.exe) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Zango (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0 (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Inet_Get_2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\@ (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\Application Data (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\Documents and Settings (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\@ (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\Application Data (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\Documents and Settings (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\ShoppingReport\cs\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Program Files\PeDevice (Adware.Popups) -> Delete on reboot.
C:\Program Files\PeDevice\tmp (Adware.Popups) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\dsktp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\temp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\ISM (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Delete on reboot.
C:\Program Files\MyWay\myBar\Cache (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\Application Data (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\cs (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\Twain (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Svconr (Trojan.Agent) -> Delete on reboot.
C:\Program Files\Spcron (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Eroca (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\aaroeaht.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\thaeoraa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlylyene.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eneylyld.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuccekog.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gokeccuf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcevfror.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rorfvecp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sfwvlvbf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbvlvwfs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUkkjih.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hijkkUtv.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hijkkUtv.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocubr.dll (Adware.ClickSpring) -> Delete on reboot.
C:\WINDOWS\mrofinu1423.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\NoDNS.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\??pPatch\logonui.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\aldhsyj.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WinTouch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\Microsoft\Windows\rayiou.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Eroca\Eroca.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Svconr\Svconr.exe (Adware.Agent) -> Delete on reboot.
C:\Program Files\winvi\wupda.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Zango\bin\10.3.36.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\PeDevice\PeDev.dll (Adware.Popups) -> Delete on reboot.
C:\updaterInstall_108.exe (Trojan.KeenValue) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\kujhzr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\nlfdjg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Application Data\WinTouch\WTUninstaller.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Local Settings\Temporary Internet Files\Content.IE5\AX19DALM\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\@\Local Settings\Temporary Internet Files\Content.IE5\TRXN4P0K\afj[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV8.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\Program Files\dbar\deskbar.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\ISM\ism.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\Messenger\qisyveho777444.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Program Files\Messenger\qisyveho821058.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack\QdrPack16.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron\Spc.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron\Spcron_old.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475695.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475726.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475727.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1003\A0475729.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0477828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0477830.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478817.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478818.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478819.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1004\A0478820.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1006\A0487963.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490055.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490061.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1008\A0490062.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1010\A0493194.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1012\A0498209.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501306.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501307.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501308.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501309.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1013\A0501310.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509463.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509464.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1018\A0509465.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0509490.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0513519.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP1019\A0515577.dll (Dialer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384289.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384290.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384291.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384292.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384293.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384294.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP917\A0384295.exe (Trojan.Matcash) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP918\A0384296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384374.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384381.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP919\A0384384.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384413.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384416.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP920\A0384417.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP922\A0387380.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP922\A0387382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387417.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387418.exe (Trojan.Matcash) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0387419.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0388381.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP923\A0388382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP924\A0389380.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP924\A0389409.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP926\A0390382.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP926\A0391382.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP927\A0391411.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP927\A0391414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP928\A0391479.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP928\A0391488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392519.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392521.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392528.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP929\A0392531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393527.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393528.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0393530.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP930\A0394522.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395542.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395543.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395544.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395565.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0395569.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP932\A0396522.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP934\A0396549.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP934\A0396550.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396585.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396586.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396587.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396588.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP935\A0396590.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396609.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396610.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396614.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396618.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP936\A0396641.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP940\A0400725.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP940\A0400726.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP943\A0403728.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP943\A0403729.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0403870.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0403874.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP945\A0404870.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP946\A0404885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP948\A0407885.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP948\A0407886.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP949\A0408870.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP949\A0408871.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP950\A0409889.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP951\A0409970.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP951\A0409971.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP953\A0414055.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP955\A0418126.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420305.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420306.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP957\A0420311.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP958\A0425314.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP959\A0426388.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427532.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427533.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP960\A0427534.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP962\A0428591.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP963\A0430584.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431666.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431667.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431671.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431672.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431673.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP964\A0431674.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP965\A0435718.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP967\A0437739.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP968\A0438736.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP971\A0440897.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP973\A0441053.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441094.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441095.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441110.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP974\A0441124.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP975\A0442133.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP975\A0442150.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP980\A0444392.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP980\A0444393.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP981\A0444487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP983\A0448562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454849.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454850.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454851.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454852.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP985\A0454853.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455836.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455837.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455838.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0455858.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP986\A0456891.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP990\A0458088.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP991\A0462147.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP993\A0464203.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0465194.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0465195.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466191.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466195.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP994\A0466206.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP995\A0468273.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP998\A0471428.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP998\A0471429.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B92E9E04-95AA-45A4-B2FE-C44C1B9F7C37}\RP999\A0473516.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\17PHolmes1423.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b128.exe (Trojan.Downloader) -> Quarantined and deleted
Clean Navipromo version 3.5.8 commencé le 15/06/2008 à 19:52:31,11
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "@"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\WINDOWS\system32\iamwiqimi.dat réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi.exe réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi_nav.dat réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\WINDOWS\system32\iamwiqimi.dat supprimé !
C:\WINDOWS\system32\iamwiqimi.exe supprimé !
C:\WINDOWS\system32\iamwiqimi_nav.dat supprimé !
C:\WINDOWS\system32\iamwiqimi_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\@\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 15/06/2008 à 19:57:05,31 ***
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "@"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\WINDOWS\system32\iamwiqimi.dat réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi.exe réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi_nav.dat réalisée avec succès !
Copie C:\WINDOWS\system32\iamwiqimi_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\WINDOWS\system32\iamwiqimi.dat supprimé !
C:\WINDOWS\system32\iamwiqimi.exe supprimé !
C:\WINDOWS\system32\iamwiqimi_nav.dat supprimé !
C:\WINDOWS\system32\iamwiqimi_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\@\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\@\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\@\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 15/06/2008 à 19:57:05,31 ***
parfait
fais sdfix
____________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakhcits et dis tes soucis
fais sdfix
____________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakhcits et dis tes soucis
