Problème cheval de troie
Résolu/Fermé
A voir également:
- Problème cheval de troie
- Cheval de troie virus download - Télécharger - Antivirus & Antimalwares
- Html/scrinject.b cheval de troie ✓ - Forum Virus / Sécurité
- Message cheval de troie ✓ - Forum Virus / Sécurité
- Supprimer cheval de troie windows defender - Forum Virus / Sécurité
- Mail menace cheval de troie ✓ - Forum Vos droits sur internet
51 réponses
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
14 sept. 2008 à 17:26
14 sept. 2008 à 17:26
---> Relance HijackThis et choisis Do a system scan only
---> Coche les cases qui sont devant les lignes suivantes :
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
---> Redémarre ton PC et poste un nouveau rapport HijackThis
---> Coche les cases qui sont devant les lignes suivantes :
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
---> Redémarre ton PC et poste un nouveau rapport HijackThis
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
14 sept. 2008 à 17:55
14 sept. 2008 à 17:55
Tu peux supprimer ComboFix, Tools Cleaner et FindyKill.
Alors voilà le contenu du bloc note :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17:10, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\lxcrcoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [winapl] C:\WINDOWS\system32\qvkdirwf.exe
O4 - HKCU\..\Run: [infogen] C:\WINDOWS\system32\fmfwbgxa.exe
O4 - HKCU\..\Run: [setproc] C:\WINDOWS\system32\qdizelqz.exe
O4 - HKCU\..\Run: [hlpwinapp] C:\WINDOWS\system32\gnmdunqt.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17:10, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\lxcrcoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [winapl] C:\WINDOWS\system32\qvkdirwf.exe
O4 - HKCU\..\Run: [infogen] C:\WINDOWS\system32\fmfwbgxa.exe
O4 - HKCU\..\Run: [setproc] C:\WINDOWS\system32\qdizelqz.exe
O4 - HKCU\..\Run: [hlpwinapp] C:\WINDOWS\system32\gnmdunqt.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
D'accord, je suis en train de faire le scan mais comme il bloque un peu, ça va prendre un petit peu de temps, mais dès qu'il a fini je post le rapport.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voilà le rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1145
Windows 5.1.2600 Service Pack 2
13/09/2008 18:37:43
mbam-log-2008-09-13 (18-37-43).txt
Type de recherche: Examen rapide
Eléments examinés: 57731
Temps écoulé: 12 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec1a2105-5621-440f-987d-27ef428131d9} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> Delete on reboot.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\config\48810242.Evt (Rootkit.Agent.H) -> Delete on reboot.
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
C:\Documents and Settings\claudine\Local Settings\Temp\elopkduv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\wxajejml.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\132656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\188875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\200515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\210562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\599250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\627968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\803171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\814187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\819828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\360Panovision Professional Suite 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\4Sale2 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Aardvark Aadventures 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Acid Scanner 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Active Directory Network Manager 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Active Privacy Guardian Washer 1.57.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AddaButton 4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Aepryus Graph 1.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Age of Mythology - Infiltrator scenario.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AK-FireFrame 1.6 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Alice DVD any Video to Sony PSP Converter 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AlphaChess 3.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ALTools Christmas Desktop Wallpapers 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AppLauncher Deluxe 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Attachments Processor for Outlook 4.2 [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Audio Record Wizard 3.99 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\BBB Bar 0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Best_Firewall_2007_AIO__ZoneAlarm__Kaspersky__McAfee__Sygate__etc_.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\BillPlus 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Bluebeam PDF Revu AutoCAD Edition 4.7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Change Case of Directory Names Software 7.0 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\chm2web 2.7 Build 174 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Cibersql Web Admin 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Code Weaver 1.7.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Coding Workshop Ringtone Converter 5.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ComBonus 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Computer_Associates_Practice_Tests_from_Boson_5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\copy2calendar 2.0.0.23 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\CopyWipe 1.14.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Count 3 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Crypto Composer 0.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DBArtisan 8.1.2 build 3218 Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Deductus disk catalog 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DFIncBackup Home 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DivXRepair 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DNews News Server 5.7e1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Doc Organizer 3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Easy Mail Merge for Outlook 1.1.85 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\eBooks Compiler 1.0 [KeyGen].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EBRcart 5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Email Security Labels for Outlook 1.0 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EMS SQL Manager 2005 for SQL Server 2.5.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EnCalcE 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Engineering Power Tools 1.9.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\English & Armenian Dictionary 2.7 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EssentialPIM Pro 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Essien VideoConvert 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Eyes Relaxing and Focusing 2.0 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Family Database 2008 1.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Filecom Order System 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Files Search Assistant 3.1 (Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\FirstStop WebSearch Standard Edition 5.0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Folio First 1.0.0.371 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Fontabulator 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\FotoPrint 3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Free XP Style Icons 0.1 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Fresh UI 7.62.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Gadwin Web Snapshot 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Gammadyne Mailer 27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GatherBird SQLGrep 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\gdShredder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GeometryProof Professional Edition 5.10 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GetBot 3.04 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GoogImager Browser 1.0 [With Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Halo Combat Evolved Chutes and Ladders map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\HandoVideo Converter Lite 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\HDDlife plug-in for Google Desktop 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Hotel Pro 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\hsCADence 1.0.10.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Imaging Matrix - Image Converter Lite 2.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Inline Search for IE 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Innovatools Email Control 1.0 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Instant Eyedropper Free 1.75.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Intelliant OCR 1.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Internet Traffic Agent 2.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\InterWARN 4.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\IsoMaker 2000 6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ISQLme 1.0.04.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Janitor Dan the Spaceman 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\JXMLAppKit 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KaZaZZ! Ask Anything Toolbar 7.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KittyXplorer 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KLogicalDrives 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\kmAnywhere 2005 Pro build 060901 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LBE Web Helpdesk 4.0.123.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Learn the Secrets to Texas Holdem Poker 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2007 English - Arabic 1.1.19.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Link Exchange Easy 3.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LinkScanner Pro 2.6.2.0068.7 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Little Black Book Trailer.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lizard Application Monitor 7.11.93.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lizard Protector Secure Viewer 1.1.90.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LockDown My Computer 1.1.1 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lomond Home PhotoLab 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Love Fortune Clock screensaver 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Mansfield Park 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\McAfee.VirusScan.Enterprise.v8.5.0i-DVT.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MechWarrior 4 Vengeance - Martian Range map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\mnoGoSearch SQL 3.2.41.1 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ModelPress Desktop 4.4.0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ModemLockDown 3.31.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MP3 and WAV Solutions 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSCCrypto 2.0 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Nick Changer for Windows Media Player 1b.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Space Helper 1.51.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Winks Remover 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Multi-Mail Notifier 3.1.002.04 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Multiple Choice 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\My Web News January 2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MyAlert For MySpace 1.3 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MyDbDump 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Myspace the Guide 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Natural Login Pro 1.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NCM Webcams 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\nCRYPTION 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Nerocode MySQL Client 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Network Assistant 4.2.0.2525 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Network Tools 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NetworkView 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NewsPoint 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NRG Orb - 3D Fully Animated Wallpaper 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Orbitz Search Widget 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Orkut Cute 6.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\OSCheck 1.2 Build 1000.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Outlook Express ActiveX Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Oven Fresh Developer Pack 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\OverCAD Blocks 1.21 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panda.Antivirus.2007.Beta.-.Valid.Crack.July.2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panda.antivirus.titanium.2005.french.(multilang).retail.Ressed.By.M@RtZXO5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panorama 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Password Guard 5.0.600.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PC Activity Monitor Net (PC Acme Net) 6.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PDF2Office Professional 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PDF417 ActiveX Control 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PGP Desktop 9.6.0 Public Beta 1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Photo Mishmash Screensaver 2.2.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Photocopier Pro 3.04.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Plaxoft Time Tracker 1.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Portable Vault 2.1.5.0 [Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Projectexplorer 2.3 (Cracked).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PSS Update Check Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Quality Golf Stats 5.10.27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\QWallet 2.0 [Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Radsoft RadVWM 1.3.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Random Clock# Generator 5.3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Red Dot Forever 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Red Flower Jigsaw Puzzle 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Registry Repair Doctor 1.0.0.1 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\RelayFax Server 6.7.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Risk 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\River Past Video Slice 5.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\RumorMill 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Scam Escrow Detector 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SecureAway 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ShareCrypt 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Sib Icon Converter 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SimpleFTP 1.1 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SlavaNap 3.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Sniper 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SpamWeed Anti-Spam Filter 2.5 rev290.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Speak 1.8.84.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Speaking Notepad 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SplitWiz 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Stay On Top 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StopItNow! 5.17i.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StoragePatrol 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StrikeIron Reverse Phone Lookup 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Swiff Player 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Swift POS 5.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Talismania Deluxe 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Taskbar Control 2.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Texas Hold'em Poker 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\THRSim11 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TradeAccountant Pro 3.4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TSOfficePool - Pro Football 6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Turbo Icon Editor 2.0.1 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TWAIN Integration Kit 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Unreal Tournament 2003 - Nanika skin.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Unreal Tournament 2003 - Silver deathmatch map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\VicFTPS 3.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Virtua Tennis demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Virtual Safe 1.2.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Vue d'Esprit 4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Walrus Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Warcraft II demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Weather Manager 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Web Research Network Add-on 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinCron 4.3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinSpy 3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinUtilities EXE Protector 2.1 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WordSafe Voyager 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WorldCup 2006 Lite 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\wxDownload Fast 0.6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\XHP CMS 0.5.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\XMLSpy Enterprise Edition 2007 SP2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\YeoSoft Text to MP3 Speaker 5.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ZeroTrace 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ZW Net Send Manager 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav.ooo (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emesx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup012.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc733j0e9ev.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Il me met aussi que certains éléments n'ont pas pu être supprimés et qu'ils ont été ajoutés à la liste des éléments qui seront supprimés au redémarrage et il me demande si je veux redémarrer mon ordinateur.
Dois-je le redémarrer ?
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1145
Windows 5.1.2600 Service Pack 2
13/09/2008 18:37:43
mbam-log-2008-09-13 (18-37-43).txt
Type de recherche: Examen rapide
Eléments examinés: 57731
Temps écoulé: 12 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec1a2105-5621-440f-987d-27ef428131d9} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> Delete on reboot.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\config\48810242.Evt (Rootkit.Agent.H) -> Delete on reboot.
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
C:\Documents and Settings\claudine\Local Settings\Temp\elopkduv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\wxajejml.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\132656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\188875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\200515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\210562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\599250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\627968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\803171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\814187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\819828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\360Panovision Professional Suite 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\4Sale2 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Aardvark Aadventures 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Acid Scanner 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Active Directory Network Manager 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Active Privacy Guardian Washer 1.57.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AddaButton 4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Aepryus Graph 1.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Age of Mythology - Infiltrator scenario.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AK-FireFrame 1.6 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Alice DVD any Video to Sony PSP Converter 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AlphaChess 3.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ALTools Christmas Desktop Wallpapers 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\AppLauncher Deluxe 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Attachments Processor for Outlook 4.2 [Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Audio Record Wizard 3.99 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\BBB Bar 0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Best_Firewall_2007_AIO__ZoneAlarm__Kaspersky__McAfee__Sygate__etc_.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\BillPlus 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Bluebeam PDF Revu AutoCAD Edition 4.7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Change Case of Directory Names Software 7.0 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\chm2web 2.7 Build 174 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Cibersql Web Admin 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Code Weaver 1.7.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Coding Workshop Ringtone Converter 5.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ComBonus 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Computer_Associates_Practice_Tests_from_Boson_5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\copy2calendar 2.0.0.23 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\CopyWipe 1.14.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Count 3 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Crypto Composer 0.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DBArtisan 8.1.2 build 3218 Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Deductus disk catalog 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DFIncBackup Home 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DivXRepair 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\DNews News Server 5.7e1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Doc Organizer 3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Easy Mail Merge for Outlook 1.1.85 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\eBooks Compiler 1.0 [KeyGen].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EBRcart 5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Email Security Labels for Outlook 1.0 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EMS SQL Manager 2005 for SQL Server 2.5.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EnCalcE 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Engineering Power Tools 1.9.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\English & Armenian Dictionary 2.7 Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\EssentialPIM Pro 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Essien VideoConvert 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Eyes Relaxing and Focusing 2.0 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Family Database 2008 1.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Filecom Order System 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Files Search Assistant 3.1 (Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\FirstStop WebSearch Standard Edition 5.0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Folio First 1.0.0.371 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Fontabulator 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\FotoPrint 3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Free XP Style Icons 0.1 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Fresh UI 7.62.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Gadwin Web Snapshot 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Gammadyne Mailer 27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GatherBird SQLGrep 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\gdShredder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GeometryProof Professional Edition 5.10 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GetBot 3.04 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\GoogImager Browser 1.0 [With Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Halo Combat Evolved Chutes and Ladders map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\HandoVideo Converter Lite 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\HDDlife plug-in for Google Desktop 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Hotel Pro 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\hsCADence 1.0.10.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Imaging Matrix - Image Converter Lite 2.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Inline Search for IE 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Innovatools Email Control 1.0 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Instant Eyedropper Free 1.75.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Intelliant OCR 1.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Internet Traffic Agent 2.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\InterWARN 4.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\IsoMaker 2000 6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ISQLme 1.0.04.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Janitor Dan the Spaceman 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\JXMLAppKit 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KaZaZZ! Ask Anything Toolbar 7.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KittyXplorer 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\KLogicalDrives 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\kmAnywhere 2005 Pro build 060901 [Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LBE Web Helpdesk 4.0.123.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Learn the Secrets to Texas Holdem Poker 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2007 English - Arabic 1.1.19.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Link Exchange Easy 3.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LinkScanner Pro 2.6.2.0068.7 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Little Black Book Trailer.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lizard Application Monitor 7.11.93.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lizard Protector Secure Viewer 1.1.90.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\LockDown My Computer 1.1.1 (Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Lomond Home PhotoLab 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Love Fortune Clock screensaver 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Mansfield Park 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\McAfee.VirusScan.Enterprise.v8.5.0i-DVT.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MechWarrior 4 Vengeance - Martian Range map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\mnoGoSearch SQL 3.2.41.1 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ModelPress Desktop 4.4.0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ModemLockDown 3.31.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MP3 and WAV Solutions 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSCCrypto 2.0 [Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Nick Changer for Windows Media Player 1b.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Space Helper 1.51.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MSN Winks Remover 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Multi-Mail Notifier 3.1.002.04 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Multiple Choice 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\My Web News January 2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MyAlert For MySpace 1.3 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\MyDbDump 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Myspace the Guide 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Natural Login Pro 1.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NCM Webcams 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\nCRYPTION 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Nerocode MySQL Client 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Network Assistant 4.2.0.2525 (With Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Network Tools 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NetworkView 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NewsPoint 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\NRG Orb - 3D Fully Animated Wallpaper 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Orbitz Search Widget 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Orkut Cute 6.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\OSCheck 1.2 Build 1000.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Outlook Express ActiveX Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Oven Fresh Developer Pack 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\OverCAD Blocks 1.21 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panda.Antivirus.2007.Beta.-.Valid.Crack.July.2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panda.antivirus.titanium.2005.french.(multilang).retail.Ressed.By.M@RtZXO5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Panorama 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Password Guard 5.0.600.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PC Activity Monitor Net (PC Acme Net) 6.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PDF2Office Professional 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PDF417 ActiveX Control 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PGP Desktop 9.6.0 Public Beta 1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Photo Mishmash Screensaver 2.2.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Photocopier Pro 3.04.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Plaxoft Time Tracker 1.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Portable Vault 2.1.5.0 [Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Projectexplorer 2.3 (Cracked).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\PSS Update Check Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Quality Golf Stats 5.10.27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\QWallet 2.0 [Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Radsoft RadVWM 1.3.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Random Clock# Generator 5.3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Red Dot Forever 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Red Flower Jigsaw Puzzle 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Registry Repair Doctor 1.0.0.1 With Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\RelayFax Server 6.7.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Risk 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\River Past Video Slice 5.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\RumorMill 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Scam Escrow Detector 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SecureAway 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ShareCrypt 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Sib Icon Converter 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SimpleFTP 1.1 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SlavaNap 3.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Sniper 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SpamWeed Anti-Spam Filter 2.5 rev290.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Speak 1.8.84.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Speaking Notepad 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\SplitWiz 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Stay On Top 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StopItNow! 5.17i.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StoragePatrol 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\StrikeIron Reverse Phone Lookup 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Swiff Player 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Swift POS 5.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Talismania Deluxe 1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Taskbar Control 2.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Texas Hold'em Poker 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\THRSim11 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TradeAccountant Pro 3.4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TSOfficePool - Pro Football 6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Turbo Icon Editor 2.0.1 [Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\TWAIN Integration Kit 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Unreal Tournament 2003 - Nanika skin.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Unreal Tournament 2003 - Silver deathmatch map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\VicFTPS 3.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Virtua Tennis demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Virtual Safe 1.2.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Vue d'Esprit 4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Walrus Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Warcraft II demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Weather Manager 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\Web Research Network Add-on 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinCron 4.3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinSpy 3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WinUtilities EXE Protector 2.1 [Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WordSafe Voyager 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\WorldCup 2006 Lite 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\wxDownload Fast 0.6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\XHP CMS 0.5.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\XMLSpy Enterprise Edition 2007 SP2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\YeoSoft Text to MP3 Speaker 5.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ZeroTrace 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Application Data\m\shared\ZW Net Send Manager 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav.ooo (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\claudine\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emesx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup012.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc733j0e9ev.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Il me met aussi que certains éléments n'ont pas pu être supprimés et qu'ils ont été ajoutés à la liste des éléments qui seront supprimés au redémarrage et il me demande si je veux redémarrer mon ordinateur.
Dois-je le redémarrer ?
Voilà :
----------------- FindyKill V3.075 ------------------
Recherche effectuée à 18:54:27 le 13/09/2008
Emplacement : C:\Program Files\FindyKill\FindyKill.bat
Outils Mis a jours le 11/09/08
----------------- *** Recherche *** ------------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\claudine\Application Data
»»»» Registre :
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
lxcrmon.exe REG_SZ "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
EzPrint REG_SZ "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
FaxCenterServer REG_SZ "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
CTHelper REG_SZ CTHELPER.EXE
UpdReg REG_SZ C:\WINDOWS\UpdReg.EXE
Jet Detection REG_SZ "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
LXCRCATS REG_SZ rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
TomTomHOME.exe REG_SZ "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
winapl REG_SZ C:\WINDOWS\system32\qvkdirwf.exe
infogen REG_SZ C:\WINDOWS\system32\fmfwbgxa.exe
setproc REG_SZ C:\WINDOWS\system32\qdizelqz.exe
hlpwinapp REG_SZ C:\WINDOWS\system32\gnmdunqt.exe
»»»» Presence d infections dans Support amovible :
----------- ! Recherche realisée avec success ! -----------
----------------- FindyKill V3.075 ------------------
Recherche effectuée à 18:54:27 le 13/09/2008
Emplacement : C:\Program Files\FindyKill\FindyKill.bat
Outils Mis a jours le 11/09/08
----------------- *** Recherche *** ------------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\claudine\Application Data
»»»» Registre :
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
lxcrmon.exe REG_SZ "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
EzPrint REG_SZ "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
FaxCenterServer REG_SZ "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
CTHelper REG_SZ CTHELPER.EXE
UpdReg REG_SZ C:\WINDOWS\UpdReg.EXE
Jet Detection REG_SZ "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
LXCRCATS REG_SZ rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
TomTomHOME.exe REG_SZ "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
winapl REG_SZ C:\WINDOWS\system32\qvkdirwf.exe
infogen REG_SZ C:\WINDOWS\system32\fmfwbgxa.exe
setproc REG_SZ C:\WINDOWS\system32\qdizelqz.exe
hlpwinapp REG_SZ C:\WINDOWS\system32\gnmdunqt.exe
»»»» Presence d infections dans Support amovible :
----------- ! Recherche realisée avec success ! -----------
Il me dit qu'un virus ou un programme indésirable a été trouvé et me demande ce que je veux faire :
le déplacer en quarantaine
le supprimer
le renommer
ou l'ignorer
Que dois-je choisir ?
le déplacer en quarantaine
le supprimer
le renommer
ou l'ignorer
Que dois-je choisir ?
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 sept. 2008 à 19:19
13 sept. 2008 à 19:19
Supprime.
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 sept. 2008 à 19:21
13 sept. 2008 à 19:21
Poste le rapport à la fin de l'analyse.
C'est enfin fini, voici le rapport :
Avira AntiVir Personal
Date de création du fichier de rapport : samedi 13 septembre 2008 19:13
La recherche porte sur 1612438 souches de virus.
Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :CLAUDINE-UJIXUA
Informations de version :
BUILD.DAT : 8.1.0.47 16931 Bytes 19/08/2008 11:45:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:49
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 17:12:11
ANTIVIR3.VDF : 7.0.6.154 2048 Bytes 12/09/2008 17:12:11
Version du moteur: 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 13/09/2008 17:12:24
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 13/09/2008 17:12:22
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 13/09/2008 17:12:21
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 13/09/2008 17:12:20
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 13/09/2008 17:12:14
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 13/09/2008 17:12:13
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 13/09/2008 17:12:12
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43
Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen
Début de la recherche : samedi 13 septembre 2008 19:13
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'locator.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'oodag.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lxcrcoms.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdaterService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BTNtService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdater.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LogitechDesktopMessenger.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BlueSoleil.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HOMERunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CTHELPER.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ezprint.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lxcrmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'39' processus ont été contrôlés avec '39' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '53' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\claudine\Local Settings\Temp\IXP000.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP001.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP002.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP003.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\Jojo's Fashion Show\Jojo's Fashion Show.exe
[0] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\[PC Game] Dress Shop Hop\dress shop hop.exe
[0] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\[PC Game] Dress Shop Hop\[PC Game] Dress Shop Hop.rar
[0] Type d'archive: RAR
--> dress shop hop.exe
[1] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\Dress Shop Hop\Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\Jojo's Fashion Show\Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\ZeCheval`Script\mirc.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/mIRC-1755648.A
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0017208.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0017227.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018425.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018460.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Frauder.bu
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018519.exe
[RESULTAT] Contient le cheval de Troie TR/Obfuscated.GX.736
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018786.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018847.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018974.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018975.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018976.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/mIRC-1755648.A
[REMARQUE] Fichier supprimé.
Fin de la recherche : samedi 13 septembre 2008 20:43
Temps nécessaire: 1:30:28 Heure(s)
La recherche a été effectuée intégralement
6148 Les répertoires ont été contrôlés
293969 Des fichiers ont été contrôlés
26 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
20 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
293942 Fichiers non infectés
1318 Les archives ont été contrôlées
1 Avertissements
20 Consignes
Avira AntiVir Personal
Date de création du fichier de rapport : samedi 13 septembre 2008 19:13
La recherche porte sur 1612438 souches de virus.
Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :CLAUDINE-UJIXUA
Informations de version :
BUILD.DAT : 8.1.0.47 16931 Bytes 19/08/2008 11:45:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:49
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 17:12:11
ANTIVIR3.VDF : 7.0.6.154 2048 Bytes 12/09/2008 17:12:11
Version du moteur: 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 13/09/2008 17:12:24
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 13/09/2008 17:12:22
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 13/09/2008 17:12:21
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 13/09/2008 17:12:20
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 13/09/2008 17:12:14
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 13/09/2008 17:12:13
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 13/09/2008 17:12:12
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43
Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen
Début de la recherche : samedi 13 septembre 2008 19:13
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'locator.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'oodag.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lxcrcoms.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdaterService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BTNtService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdater.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LogitechDesktopMessenger.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BlueSoleil.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HOMERunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CTHELPER.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ezprint.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lxcrmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'39' processus ont été contrôlés avec '39' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '53' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\claudine\Local Settings\Temp\IXP000.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP001.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP002.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Local Settings\Temp\IXP003.TMP\oput.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\Jojo's Fashion Show\Jojo's Fashion Show.exe
[0] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\[PC Game] Dress Shop Hop\dress shop hop.exe
[0] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Documents and Settings\claudine\Mes documents\jeux\[PC Game] Dress Shop Hop\[PC Game] Dress Shop Hop.rar
[0] Type d'archive: RAR
--> dress shop hop.exe
[1] Type d'archive: RAR SFX (self extracting)
--> Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\Dress Shop Hop\Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\Jojo's Fashion Show\Uninstall.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\Program Files\ZeCheval`Script\mirc.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/mIRC-1755648.A
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0017208.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0017227.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018425.exe
[0] Type d'archive: RAR SFX (self extracting)
--> MSA.exe
[RESULTAT] Contient le cheval de Troie TR/Fake.UltimaAV.bh
--> MSA.cpl
[RESULTAT] Contient le cheval de Troie TR/FakeAV.AO
[RESULTAT] Contient le modèle de détection du dropper DR/FraudTool.MSAntivirus.T.1
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018460.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Frauder.bu
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018519.exe
[RESULTAT] Contient le cheval de Troie TR/Obfuscated.GX.736
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018786.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018847.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018974.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018975.exe
[RESULTAT] Contient le cheval de Troie TR/Spy.Gampass.CV
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{D5EF2C8A-C965-404E-AB53-7917EC7C6340}\RP187\A0018976.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/mIRC-1755648.A
[REMARQUE] Fichier supprimé.
Fin de la recherche : samedi 13 septembre 2008 20:43
Temps nécessaire: 1:30:28 Heure(s)
La recherche a été effectuée intégralement
6148 Les répertoires ont été contrôlés
293969 Des fichiers ont été contrôlés
26 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
20 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
293942 Fichiers non infectés
1318 Les archives ont été contrôlées
1 Avertissements
20 Consignes
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 sept. 2008 à 20:50
13 sept. 2008 à 20:50
Poste un nouveau rapport HijackThis.
Voilà :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:36, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\lxcrcoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [winapl] C:\WINDOWS\system32\qvkdirwf.exe
O4 - HKCU\..\Run: [infogen] C:\WINDOWS\system32\fmfwbgxa.exe
O4 - HKCU\..\Run: [setproc] C:\WINDOWS\system32\qdizelqz.exe
O4 - HKCU\..\Run: [hlpwinapp] C:\WINDOWS\system32\gnmdunqt.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:36, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\lxcrcoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [winapl] C:\WINDOWS\system32\qvkdirwf.exe
O4 - HKCU\..\Run: [infogen] C:\WINDOWS\system32\fmfwbgxa.exe
O4 - HKCU\..\Run: [setproc] C:\WINDOWS\system32\qdizelqz.exe
O4 - HKCU\..\Run: [hlpwinapp] C:\WINDOWS\system32\gnmdunqt.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 sept. 2008 à 20:56
13 sept. 2008 à 20:56
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
Quand je clique sur le lien je met exécuter et après Combofix charge mais ça me met ça :
You cannot rename ComboFix as ComboFix[1]
Please user another name, preferbaly made up of alphanumeric characters
et quand je clique sur OK il ne se passe rien
You cannot rename ComboFix as ComboFix[1]
Please user another name, preferbaly made up of alphanumeric characters
et quand je clique sur OK il ne se passe rien
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 sept. 2008 à 21:04
13 sept. 2008 à 21:04
Essaie avec ce lien :
https://forospyware.com
https://forospyware.com