Supprimer Virus MicroAV
pifpof
-
pifpof Messages postés 1 Statut Membre -
pifpof Messages postés 1 Statut Membre -
Bonjour à tous,
Depuis hier soir, j'ai été agressé par un virus qui prend la forme d'un faux atispyware, microAV.. évidemment je n'arrive plus à rien, même taper ce simple mail est une torture.. Je fais appel à votre expertise pour me tirer d'affaire et je vous remercie par avance de tout ce que vous pourrez faire. J'ai été me balader sur un autre ordinateur cet après-midi, et apparemment, vous avez besoin d'un rapport hijackthis.. je vais le coller ci-dessous...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:01, on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Program Files\Fichiers communs\Nero\Nero Web\SetupX.exe" MODE="update" STARTPAGE="LANGUAGE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [\YUR474.exe] C:\Windows\system32\YUR474.exe
O4 - HKLM\..\Run: [\YUR475.exe] C:\Windows\system32\YUR475.exe
O4 - HKLM\..\Run: [\YUR476.exe] C:\Windows\system32\YUR476.exe
O4 - HKLM\..\Run: [\YUR477.exe] C:\Windows\system32\YUR477.exe
O4 - HKLM\..\Run: [\YUR481.exe] C:\Windows\system32\YUR481.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll wdvgsw.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Depuis hier soir, j'ai été agressé par un virus qui prend la forme d'un faux atispyware, microAV.. évidemment je n'arrive plus à rien, même taper ce simple mail est une torture.. Je fais appel à votre expertise pour me tirer d'affaire et je vous remercie par avance de tout ce que vous pourrez faire. J'ai été me balader sur un autre ordinateur cet après-midi, et apparemment, vous avez besoin d'un rapport hijackthis.. je vais le coller ci-dessous...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:01, on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Program Files\Fichiers communs\Nero\Nero Web\SetupX.exe" MODE="update" STARTPAGE="LANGUAGE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [\YUR474.exe] C:\Windows\system32\YUR474.exe
O4 - HKLM\..\Run: [\YUR475.exe] C:\Windows\system32\YUR475.exe
O4 - HKLM\..\Run: [\YUR476.exe] C:\Windows\system32\YUR476.exe
O4 - HKLM\..\Run: [\YUR477.exe] C:\Windows\system32\YUR477.exe
O4 - HKLM\..\Run: [\YUR481.exe] C:\Windows\system32\YUR481.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll wdvgsw.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
A voir également:
- Supprimer Virus MicroAV
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Comment supprimer fausse alerte virus mcafee - Accueil - Piratage
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
1 réponse
J'ai procédé à une analyse avec Malwarebytes.. voici le rapport.. ca a l'air pire que je pensais...
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1161
Windows 5.1.2600 Service Pack 3
16/09/2008 21:38:29
mbam-log-2008-09-16 (21-38-29).txt
Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 218835
Temps écoulé: 33 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 10
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 53
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\qoMeFurr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUkHXPI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\wdvgsw.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1773b2b2-8636-4a59-8c22-362f50fd4b9d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1773b2b2-8636-4a59-8c22-362f50fd4b9d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvukhxpi (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5e37e9a-4a24-4c57-9659-2e90f055d392} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{d5e37e9a-4a24-4c57-9659-2e90f055d392} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\smwin32.mdr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e6be5e3a-23f3-4ec2-b9b7-bcd9a601f2a3} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38754e01-ac2e-482b-95fa-f1aee41823c4} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9f146720-43f3-4fa6-b9e5-4fb13f8c2ffd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\getsn32.msiesn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur474.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur475.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur476.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur477.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur481.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\qomefurr -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomefurr -> Delete on reboot.
Dossier(s) infecté(s):
C:\Program Files\webHancer (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\wdvgsw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUkHXPI.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qoMeFurr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\rruFeMoq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rruFeMoq.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\auqbecca.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\accebqua.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smwin32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whiehlpr.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\x (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\3YK0DMOF\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\3YK0DMOF\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\ZYZAOPV4\cntr[1].gif (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\4.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1960408961-602162358-1417001333-1003\Dc1.cpl (Rogue.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7A6C321F-8967-4023-AC68-4CE3F799A307}\RP132\A0011543.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awttqnKa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\axxtpl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dltfeqfc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGyyxxW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MicroAV.cpl (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rggmkkpd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tjxdddyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqQjklK.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdkogn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV.exe (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV.ooo (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV0.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV1.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\default.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Bureau\BEST ZOO PORN.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Bureau\QUALITY PORN.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1161
Windows 5.1.2600 Service Pack 3
16/09/2008 21:38:29
mbam-log-2008-09-16 (21-38-29).txt
Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 218835
Temps écoulé: 33 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 10
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 53
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\qoMeFurr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUkHXPI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\wdvgsw.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1773b2b2-8636-4a59-8c22-362f50fd4b9d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1773b2b2-8636-4a59-8c22-362f50fd4b9d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvukhxpi (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5e37e9a-4a24-4c57-9659-2e90f055d392} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{d5e37e9a-4a24-4c57-9659-2e90f055d392} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\smwin32.mdr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e6be5e3a-23f3-4ec2-b9b7-bcd9a601f2a3} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38754e01-ac2e-482b-95fa-f1aee41823c4} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9f146720-43f3-4fa6-b9e5-4fb13f8c2ffd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\getsn32.msiesn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5aee532c-7c2f-4e5c-a044-096846cb9490} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur474.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur475.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur476.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur477.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur481.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\qomefurr -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomefurr -> Delete on reboot.
Dossier(s) infecté(s):
C:\Program Files\webHancer (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\wdvgsw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUkHXPI.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qoMeFurr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\rruFeMoq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rruFeMoq.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\auqbecca.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\accebqua.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smwin32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whiehlpr.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\x (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\3YK0DMOF\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\3YK0DMOF\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temporary Internet Files\Content.IE5\ZYZAOPV4\cntr[1].gif (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\4.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1960408961-602162358-1417001333-1003\Dc1.cpl (Rogue.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7A6C321F-8967-4023-AC68-4CE3F799A307}\RP132\A0011543.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awttqnKa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\axxtpl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dltfeqfc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGyyxxW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MicroAV.cpl (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rggmkkpd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tjxdddyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqQjklK.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdkogn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV.exe (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV.ooo (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV0.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV1.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\default.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Bureau\BEST ZOO PORN.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Bureau\QUALITY PORN.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Christophe.2C6725A1C38F4DA\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
