Sujet Précédent Sujet Suivant

Encore des pubs intempestives

Fermé
crevette85 - 17 sept. 2008 à 22:54
 crevette85 - 19 sept. 2008 à 13:59
Bonjour,

Je suis comme beaucoup concernée par les pb de pubs intempestives. Comme je vois que sur le forum, les pb sont traités au cas par cas, je me demandais si quelqu'un pouvais m'aider.

Merci d'avance.

Pour info, j'ai zone alarm en pare feu et avast en anti virus... J'ai aussi récemment utilisé Spyware secure (mais quand je sélectionne tous les fichiers et que je clique sur réparer rien ne se passe....)
A voir également:

35 réponses

Précédent
  • 1
  • 2
Réponse 21 / 35
crevette85
18 sept. 2008 à 19:11
Ben voilà....

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1166
Windows 5.1.2600 Service Pack 3

18/09/2008 09:53:38
mbam-log-2008-09-18 (09-53-15).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 197949
Temps écoulé: 1 hour(s), 46 minute(s), 55 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 848
Fichier(s) infecté(s): 6900

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Delete on reboot.
C:\Casino\32 Vegas Casino (Adware.Casino) -> Delete on reboot.
C:\Casino\32 Vegas Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\aroundtheworld\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\aroundtheworld\windows (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\baccarat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\cocktail (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\colors (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\firstlast (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\numbers (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\sixth (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\steps (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\balls\tables\total (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_duel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_duel\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_pontoon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_progressive\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_switch (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\blackjack_video (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\bonusbowling (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\bonusbowling\anim (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\bonusbowling\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\casinowar (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\craps (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\craps\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\darts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\darts\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\darts\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\darts\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\darts\texts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\dicetwister (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\dicetwister\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\genieshilo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\genieshilo\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\genieshilo\cards (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\genieshilo\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\genieshilo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\headsortails (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\headsortails\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\headsortails\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\info (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\stadium (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\start (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\tables (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\horseracing\texts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno_x (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno_x\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno_x\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno_x\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\keno_x\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby\gameicon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\mahjong (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\mahjong\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\mahjong\paytable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\mahjong\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\mahjong\window_win (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko\components (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko\gems (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko\minigames (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\pachinko\yokoku (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\penaltyshootout (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\penaltyshootout\anims (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\penaltyshootout\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\penaltyshootout\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_3card (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_caribbean (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_holdem (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_letthemride (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\poker_tequila (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\popbingo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\popbingo\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\popbingo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\reddog (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rockpaperscissors (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rockpaperscissors\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rockpaperscissors\info (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rockpaperscissors\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rollercoasterdice (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rollercoasterdice\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rollercoasterdice\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\rollercoasterdice\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette\zoom (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette00 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette00\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette00\zoom (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette_mini (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette_mini\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette_mini\luxury (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\roulette_mini\luxury\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\3reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\3reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\5reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\9line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\blackjack (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\cards (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\cards\poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\cards\textures (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\cards\videopoker_multiline (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\coins (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\coins\tablecoins (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\dollarball (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\dollarball\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\doublescreen (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\live_buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\slots_multispin (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\sounds\dealervoices (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\sounds\dealervoices\numbers (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\tablegames (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\tablegames\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\tablesigns (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_4line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_4line\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_deuces (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_jacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_multiline (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\shared\videopoker_multiline\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\sicbo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\sicbo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_8ball (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_8ball\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_8ball_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alchemist (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alchemist\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alchemist\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alchemist\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alchemist\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\animations (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\bonus1 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\bonus2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_alien25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_amigos (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_amigos\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_amigos_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line\betlines (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_beachlife20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_bermuda (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_bermuda\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_bermuda_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_captain (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_captain\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_captain\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_chinese8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_chinese8line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_chinese8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_chinese8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\bonus\select (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\bonus2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\bonus2\select (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_cinerama5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_crazy (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_crazy\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_crazy_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom3reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom3reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom3reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom3reel_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom3reel_xl\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom5reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom5reel_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_custom5reel_xl\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_desert20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_desert20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_desert20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_desert20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel\bonus\screen (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_diamond5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fo\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fo\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_footballrules25line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_footballrules25line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_footballrules25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_footballrules25line\sounds\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_footballrules25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_forestofwonders25line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_forestofwonders25line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_forestofwonders25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_forestofwonders25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fountain (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fountain\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fountain_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fruitmania5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fruitmania5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fruitmania5reel\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fruitmania5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_fruitmania5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gameball8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gameball8line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gameball8line\line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gameball8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gameball8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_goblin\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line\bonus\screen (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_gold8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_golf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_golf\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_golf\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_golf\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_haunted (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_haunted\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_haunted\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_haunted_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_haunted_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_highway (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_highway\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_highway\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_highway\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_jungle (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_jungle\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_jungle_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_jungle_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lotto20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lovemore20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lovemore20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_lovemore20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_magic\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_monkey (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_monkey\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_monkey_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_monkey_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_neptune (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_neptune\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_neptune_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_neptune_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_nightout20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_nightout20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_nightout20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_nightout20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ocean (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ocean\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ocean\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ocean\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ocean\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_party (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_party\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_party_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_party_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_planet8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_planet8line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_planet8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_profits\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_pyramids9line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_pyramids9line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_pyramids9line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_pyramids9line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_rock (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_rock\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_rock\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_rock_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_rock_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_safecracker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_safecracker\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_safecracker\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_safecracker\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_santa (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_santa\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_santa_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_santa_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_silver (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_silver\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_silver\dollarball (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_silver\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_silver\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million\animations (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million\betlines (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_spin2million\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_sultan (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_sultan\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_sultan_xl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_sultan_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line\betlines (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_take5million20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\loading (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\payline (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_thrillseekers50line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_tropic (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_tropic\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_tropic\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_tropic\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_tropic\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_uggabugga (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_uggabugga\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_uggabugga\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_uggabugga\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ultimate8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ultimate8line\anim (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ultimate8line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ultimate8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_ultimate8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_vacation8line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_vacation8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_vacation8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wall5reel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wall5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wall5reel\bonus\select (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wall5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wall5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wanted25line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wanted25line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wanted25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wanted25line\sounds\bonus (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\slots_wanted25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\spinawin (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\spinawin\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\spinawin\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\tutorial_wildviking (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\tutorial_wildviking\audio (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\tutorial_wildviking\images (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\tutorial_wildviking\swf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\tutorial_wildviking\xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_10jacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_10jacks\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_10orbetter (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_25aces (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_25aces\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_4aces (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_4deuceswild (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_4jacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_50jacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_50jacks\wintable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_aces (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_deuceswild (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_highlow (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_highlow\doublescreen (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_jacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_jacks\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_joker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_joker\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\videopoker_megajacks (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\wildviking (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\32 Vegas Casino\data\wildviking\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez (Adware.Casino) -> Delete on reboot.
C:\Casino\Casino Tropez\data (Adware.Casino) -> Delete on reboot.
C:\Casino\Casino Tropez\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\aroundtheworld\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\aroundtheworld\windows (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\baccarat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\baccarat_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\baccarat_progressive\gold_bright (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\cocktail (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\colors (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\firstlast (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\numbers (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\sixth (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\steps (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\balls\tables\total (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_duel (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_duel\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_pontoon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_progressive\gold_bright (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_switch (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\blackjack_video (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\bonusbowling (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\bonusbowling\anim (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\bonusbowling\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\casinowar (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\craps (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\craps\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\darts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\darts\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\darts\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\darts\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\darts\texts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\dicetwister (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\dicetwister\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\genieshilo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\genieshilo\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\genieshilo\cards (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\genieshilo\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\genieshilo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\headsortails (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\headsortails\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\headsortails\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\info (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\stadium (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\start (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\tables (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\horseracing\texts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno_x (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno_x\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno_x\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno_x\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\keno_x\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\mahjong (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\mahjong\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\mahjong\paytable (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\mahjong\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\mahjong\window_win (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko\components (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko\gems (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko\minigames (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\pachinko\yokoku (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\penaltyshootout (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\penaltyshootout\anims (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\penaltyshootout\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\penaltyshootout\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_3card (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_caribbean (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_holdem (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_letthemride (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_tequila (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\popbingo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\popbingo\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\popbingo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\reddog (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rockpaperscissors (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rockpaperscissors\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rockpaperscissors\info (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rockpaperscissors\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rollercoasterdice (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rollercoasterdice\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rollercoasterdice\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\rollercoasterdice\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette\zoom (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette00 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette00\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette00\zoom (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette_mini (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette_mini\3d (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette_mini\western (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\roulette_mini\western\3d (Adware.Casino) -> Quarantin
0
Réponse 22 / 35
crevette85
18 sept. 2008 à 19:45
Voici le rapport de combofix

ComboFix 08-09-16.05 - PC 2008-09-18 19:27:20.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1336 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\PC\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\PC\Cookies\pc@bluestreak[1].txt
C:\Documents and Settings\PC\Cookies\pc@clickintext[2].txt
C:\Documents and Settings\PC\Cookies\pc@edt02[2].txt
C:\Documents and Settings\PC\Cookies\pc@effiliation[2].txt
C:\Documents and Settings\PC\Cookies\pc@ehg-deltatre.hitbox[2].txt
C:\Documents and Settings\PC\Cookies\pc@ehg-dig.hitbox[2].txt
C:\Documents and Settings\PC\Cookies\pc@esearchvision[1].txt
C:\Documents and Settings\PC\Cookies\pc@ox.divertissez-vous[2].txt
C:\Documents and Settings\PC\Cookies\pc@serving-sys[1].txt
C:\Documents and Settings\PC\Cookies\pc@serving-sys[2].txt
C:\Documents and Settings\PC\Cookies\pc@stats.searchtrack[1].txt
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[2].txt
C:\Documents and Settings\PC\Cookies\pc@trafiz[1].txt
C:\Documents and Settings\PC\Cookies\pc@www.pixmania[3].txt
C:\WINDOWS\Downloaded Program Files\setup.inf

----- BITS: Il y a peut-ˆtre des sites infect‚s -----

http://premium.virginmega.fr
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_npf


((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-18 au 2008-09-18 ))))))))))))))))))))))))))))))))))))
.

2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Documents and Settings\PC\Application Data\Malwarebytes
2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-17 23:48 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-17 23:48 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-17 23:43 . 2008-09-17 23:43 <REP> d-------- C:\Program Files\Trend Micro
2008-09-17 23:08 . 2008-04-14 04:33 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-09-17 23:08 . 2001-08-23 17:47 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe
2008-09-17 23:08 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-09-17 23:08 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-09-17 23:08 . 2004-08-03 22:29 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-09-17 23:08 . 2008-04-14 04:33 18,944 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-09-17 23:08 . 2001-08-17 20:11 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-09-17 23:08 . 2001-08-23 17:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-09-17 23:07 . 2004-08-03 22:31 154,624 --a--c--- C:\WINDOWS\system32\dllcache\wlluc48.sys
2008-09-17 23:07 . 2001-08-23 17:05 35,402 --a--c--- C:\WINDOWS\system32\dllcache\wlandrv2.sys
2008-09-17 23:07 . 2004-08-03 22:29 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-09-17 23:07 . 2008-04-13 20:36 8,832 --a--c--- C:\WINDOWS\system32\dllcache\wmiacpi.sys
2008-09-17 23:07 . 2008-04-14 04:33 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-09-17 23:05 . 2001-08-17 21:28 794,399 --a--c--- C:\WINDOWS\system32\dllcache\usr1806v.sys
2008-09-17 23:04 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-09-17 23:03 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2008-09-17 23:02 . 2001-08-23 17:46 172,768 --a--c--- C:\WINDOWS\system32\dllcache\t2r4disp.dll
2008-09-17 23:01 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-09-17 23:00 . 2001-08-23 17:46 147,200 --a--c--- C:\WINDOWS\system32\dllcache\smidispb.dll
2008-09-17 22:59 . 2001-08-23 17:46 252,032 --a--c--- C:\WINDOWS\system32\dllcache\sis300iv.dll
2008-09-17 22:58 . 2008-09-17 23:31 <REP> d-------- C:\Program Files\Navilog1
2008-09-17 22:58 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-09-17 22:57 . 2001-08-23 17:46 210,496 --a--c--- C:\WINDOWS\system32\dllcache\s3mvirge.dll
2008-09-17 22:56 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-09-17 22:55 . 2008-04-14 04:33 363,520 --a--c--- C:\WINDOWS\system32\dllcache\psisdecd.dll
2008-09-17 22:54 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-09-17 22:53 . 2008-04-14 04:07 2,067,968 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-09-17 22:52 . 2001-08-23 17:09 131,072 --a--c--- C:\WINDOWS\system32\dllcache\n100325.sys
2008-09-17 22:51 . 2001-08-17 21:28 797,500 --a--c--- C:\WINDOWS\system32\dllcache\ltsmt.sys
2008-09-17 22:50 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-09-17 22:49 . 2008-04-14 04:34 153,088 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-09-17 22:48 . 2008-04-14 04:33 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-09-17 22:47 . 2001-08-17 21:28 542,879 --a--c--- C:\WINDOWS\system32\dllcache\hsf_msft.sys
2008-09-17 22:46 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-09-17 22:45 . 2001-08-23 17:16 596,319 --a--c--- C:\WINDOWS\system32\dllcache\es56cvmp.sys
2008-09-17 22:44 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-09-17 22:43 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-09-17 22:42 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-09-17 22:41 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-09-17 22:40 . 2001-08-23 17:46 382,592 --a--c--- C:\WINDOWS\system32\dllcache\atidrab.dll
2008-09-17 22:38 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-09-17 22:37 . 2008-04-14 04:08 2,191,104 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-09-17 22:37 . 2001-08-23 17:46 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-17 22:03 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-17 21:56 . 2008-09-17 21:56 <REP> d-------- C:\WINDOWS\EHome
2008-08-26 00:29 . 2004-08-19 15:53 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-18 17:33 38,590,496 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-18 17:32 453,260 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-18 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-18 08:33 --------- d-----w C:\Program Files\Alerte Bureau InterCasino
2008-09-18 08:33 --------- d-----w C:\Documents and Settings\PC\Application Data\Alerte Bureau InterCasino
2008-09-11 01:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-16 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\IM
2008-08-16 20:22 --------- d-----w C:\Program Files\IncrediMail
2008-08-16 20:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-08-04 18:47 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-21 09:44 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-04 68856]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-07-10 475180]
"Alerte Bureau InterCasino"="C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe" [2008-01-21 1119560]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R3 iKeyEnum;Rainbow iKey Enumerator;C:\WINDOWS\system32\DRIVERS\ikeyenum.sys [2002-04-15 11560]
R3 iKeyIFD;Rainbow iKey Virtual Reader;C:\WINDOWS\system32\DRIVERS\ikeyifd.sys [2002-04-15 17256]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2007-05-04 215040]
R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 13532]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [ ]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [ ]
.
Contenu du dossier 'Tƒches planifi‚es'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-WOOKIT - C:\PROGRA~1\Wanadoo\GestMaj.exe
HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe


.
------- Examen suppl‚mentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.netvibes.com/#Accueil
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O16 -: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - hxxps://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
C:\WINDOWS\Downloaded Program Files\setup.inf

O16 -: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
C:\WINDOWS\Downloaded Program Files\IPSUploader.inf
C:\Program Files\Samsung\Samsung PC Studio 3\UNICOWS.DLL
C:\WINDOWS\Downloaded Program Files\IPSUploader.ocx

O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf
C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 19:33:38
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs
Fichiers cach‚s: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\scardsvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2008-09-18 19:43:24 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-18 17:43:06

Avant-CF: 285,204,369,408 octets libres
AprŠs-CF: 285,366,329,344 octets libres

234 --- E O F --- 2008-09-17 20:10:30
0
Réponse 23 / 35
crevette85
18 sept. 2008 à 22:51
euh j'ai du louper qqchose parce que ca m'a dit infection absente, et après j'avais le choix entre nettoyage et quitter ou quitter j'ai fait nettoyage et quitter et rien de plus ne s'est passé
0
Réponse 24 / 35
crevette85
18 sept. 2008 à 22:56
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:20, on 18/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.netvibes.com/en#Accueil
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [Alerte Bureau InterCasino] "C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe" -r
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 35
crevette85
18 sept. 2008 à 22:56
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:20, on 18/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.netvibes.com/en#Accueil
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [Alerte Bureau InterCasino] "C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe" -r
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 26 / 35
crevette85
18 sept. 2008 à 23:26
RAPPORT COMBOFIX
ComboFix 08-09-16.05 - PC 2008-09-18 23:08:59.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1319 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\PC\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\PC\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Alerte Bureau InterCasino
C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe
C:\Program Files\Navilog1
C:\Program Files\Navilog1\Backupnavi\sucaaia.dat
C:\Program Files\Navilog1\Backupnavi\SUCAAIA.EXE-19200ADA.pf
C:\Program Files\Navilog1\Backupnavi\sucaaia.exe
C:\Program Files\Navilog1\Backupnavi\sucaaia_nav.dat
C:\Program Files\Navilog1\Backupnavi\sucaaia_navps.dat
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Navilog1\Contents\Filess.bat
C:\Program Files\Navilog1\Contents\Folders.bat
C:\Program Files\Navilog1\Contents\Folderss.bat
C:\Program Files\Navilog1\Contents\Gnc2.bat
C:\Program Files\Navilog1\Contents\Gnc2su.bat
C:\Program Files\Navilog1\Contents\Gncs.bat
C:\Program Files\Navilog1\Contents\Gncssfil.bat
C:\Program Files\Navilog1\Contents\Heurs.bat
C:\Program Files\Navilog1\Contents\Heurss.bat
C:\Program Files\Navilog1\Contents\Orphus.bat
C:\Program Files\Navilog1\Contents\Wlist.bat
C:\Program Files\Navilog1\GetPaths.exe
C:\Program Files\Navilog1\gnc.exe
C:\Program Files\Navilog1\navilog1.bat
C:\Program Files\Navilog1\Navreb.bat
C:\Program Files\Navilog1\oem2ansi.exe
C:\Program Files\Navilog1\Process.exe
C:\Program Files\Navilog1\reg.exe
C:\Program Files\Navilog1\regnavi.reg
C:\Program Files\Navilog1\Safebackup\backup_registry.dat
C:\Program Files\Navilog1\Safebackup\HKCU_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Arpcache.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Uninstall.reg
C:\Program Files\Navilog1\traite.bat
C:\Program Files\Navilog1\traite2.bat
C:\Program Files\Navilog1\traite3.bat
C:\Program Files\Navilog1\unins000.dat
C:\Program Files\Navilog1\unins000.exe
C:\WINDOWS\WLXPGSS.SCR

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SETUPNTGLM7X
-------\Service_SetupNTGLM7X
-------\Service_ZDCndis5


((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-18 au 2008-09-18 ))))))))))))))))))))))))))))))))))))
.

2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Documents and Settings\PC\Application Data\Malwarebytes
2008-09-17 23:48 . 2008-09-17 23:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-17 23:48 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-17 23:48 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-17 23:43 . 2008-09-17 23:43 <REP> d-------- C:\Program Files\Trend Micro
2008-09-17 23:08 . 2008-04-14 04:33 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-09-17 23:08 . 2001-08-23 17:47 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe
2008-09-17 23:08 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-09-17 23:08 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-09-17 23:08 . 2004-08-03 22:29 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-09-17 23:08 . 2008-04-14 04:33 18,944 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-09-17 23:08 . 2001-08-17 20:11 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-09-17 23:08 . 2001-08-23 17:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-09-17 23:07 . 2004-08-03 22:31 154,624 --a--c--- C:\WINDOWS\system32\dllcache\wlluc48.sys
2008-09-17 23:07 . 2001-08-23 17:05 35,402 --a--c--- C:\WINDOWS\system32\dllcache\wlandrv2.sys
2008-09-17 23:07 . 2004-08-03 22:29 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-09-17 23:07 . 2008-04-13 20:36 8,832 --a--c--- C:\WINDOWS\system32\dllcache\wmiacpi.sys
2008-09-17 23:07 . 2008-04-14 04:33 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-09-17 23:05 . 2001-08-17 21:28 794,399 --a--c--- C:\WINDOWS\system32\dllcache\usr1806v.sys
2008-09-17 23:04 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-09-17 23:03 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2008-09-17 23:02 . 2001-08-23 17:46 172,768 --a--c--- C:\WINDOWS\system32\dllcache\t2r4disp.dll
2008-09-17 23:01 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-09-17 23:00 . 2001-08-23 17:46 147,200 --a--c--- C:\WINDOWS\system32\dllcache\smidispb.dll
2008-09-17 22:59 . 2001-08-23 17:46 252,032 --a--c--- C:\WINDOWS\system32\dllcache\sis300iv.dll
2008-09-17 22:58 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-09-17 22:57 . 2001-08-23 17:46 210,496 --a--c--- C:\WINDOWS\system32\dllcache\s3mvirge.dll
2008-09-17 22:56 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-09-17 22:55 . 2008-04-14 04:33 363,520 --a--c--- C:\WINDOWS\system32\dllcache\psisdecd.dll
2008-09-17 22:54 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-09-17 22:53 . 2008-04-14 04:07 2,067,968 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-09-17 22:52 . 2001-08-23 17:09 131,072 --a--c--- C:\WINDOWS\system32\dllcache\n100325.sys
2008-09-17 22:51 . 2001-08-17 21:28 797,500 --a--c--- C:\WINDOWS\system32\dllcache\ltsmt.sys
2008-09-17 22:50 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-09-17 22:49 . 2008-04-14 04:34 153,088 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-09-17 22:48 . 2008-04-14 04:33 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-09-17 22:47 . 2001-08-17 21:28 542,879 --a--c--- C:\WINDOWS\system32\dllcache\hsf_msft.sys
2008-09-17 22:46 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-09-17 22:45 . 2001-08-23 17:16 596,319 --a--c--- C:\WINDOWS\system32\dllcache\es56cvmp.sys
2008-09-17 22:44 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-09-17 22:43 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-09-17 22:42 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-09-17 22:41 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-09-17 22:40 . 2001-08-23 17:46 382,592 --a--c--- C:\WINDOWS\system32\dllcache\atidrab.dll
2008-09-17 22:38 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-09-17 22:37 . 2008-04-14 04:08 2,191,104 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-09-17 22:37 . 2001-08-23 17:46 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-17 22:05 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-17 22:03 . 2008-09-17 22:05 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-17 21:56 . 2008-09-17 21:56 <REP> d-------- C:\WINDOWS\EHome
2008-08-26 00:29 . 2004-08-19 15:53 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-18 21:13 454,436 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-18 21:13 38,686,752 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-18 17:37 --------- d-----w C:\Documents and Settings\PC\Application Data\Alerte Bureau InterCasino
2008-09-18 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-11 01:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-16 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\IM
2008-08-16 20:22 --------- d-----w C:\Program Files\IncrediMail
2008-08-16 20:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-08-04 18:47 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-10-21 09:44 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((( snapshot@2008-09-18_19.42.34.89 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-18 21:15:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_164.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-04 68856]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-07-10 475180]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R3 iKeyEnum;Rainbow iKey Enumerator;C:\WINDOWS\system32\DRIVERS\ikeyenum.sys [2002-04-15 11560]
R3 iKeyIFD;Rainbow iKey Virtual Reader;C:\WINDOWS\system32\DRIVERS\ikeyifd.sys [2002-04-15 17256]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2007-05-04 215040]
R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 13532]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
.
Contenu du dossier 'Tƒches planifi‚es'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Alerte Bureau InterCasino - C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe



**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 23:15:06
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs
Fichiers cach‚s: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\scardsvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Heure de fin: 2008-09-18 23:24:32 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-18 21:24:13
ComboFix2.txt 2008-09-18 17:43:26

Avant-CF: 285,638,258,688 octets libres
AprŠs-CF: 285,619,085,312 octets libres

238 --- E O F --- 2008-09-17 20:10:30
0
Réponse 27 / 35
crevette85
18 sept. 2008 à 23:28
RAPPORT HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26:48, on 18/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.netvibes.com/en#Accueil
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino France - {30C66393-FEF3-4758-BA00-803E3ABC88A2} - C:\Documents and Settings\PC\Bureau\InterCasino France.lnk (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 28 / 35
crevette85
19 sept. 2008 à 13:55
voici le rapport de tcleaner :

[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\PC\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\PC\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\PC\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\PC\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\PC\Mes documents\Stephanie DELEGLISE\SmitFraudFix.zip: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\QooBox\Quarantine\C\Program Files\Navilog1: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\PC\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\PC\Bureau\Navilog1.exe: supprimé !
C:\Documents and Settings\PC\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\PC\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\PC\Mes documents\Stephanie DELEGLISE\SmitFraudFix.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé
0
Réponse 29 / 35
crevette85
19 sept. 2008 à 13:59
Voilà, j'ai fait les dernières instructions à savoir, désactiver - activer la restauration du système... Est ce qu'il rest quelque chose à faire ?
0
Réponse 30 / 35
Utilisateur anonyme
18 sept. 2008 à 19:04
oui stp
-1
Réponse 31 / 35
Utilisateur anonyme
18 sept. 2008 à 19:18
joile colonie de merdouille


Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe




-> Double clique sur combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-1
Réponse 32 / 35
Utilisateur anonyme
18 sept. 2008 à 19:59
Télécharge, puis installe MSNFix : http://sosvirus.changelog.fr/MSNFix.zip , tuto de Malekal
- Décompresse donc le dossier zip MSNFix et lance le fichier "MSNFix.bat". Une fenêtre bleue doit apparaitre.
- Mets l'interface en français en appuyant sur la touche F puis sur Entrée.
- Lance la recherche de virus en appuyant sur la touche R puis sur Entrée.
Si un virus est détecté, il te sera alors demandé de nettoyer l'ordinateur.
Un message d'erreur concernant la suppression impossible d'un fichier sera résolu par un redémarrage.
Après le nettoyage, la barre "Démarrer" s'efface puis réapparait, cela fait partie de la procédure de nettoyage.
- Poste le rapport qui s'ouvre en fin de nettoyage sur le forum stp.

Si ta barre "Démarrer" ne s'affiche toujours pas, il suffit de faire :
Ctrl + Alt + Suppr (sous Windows XP), ou Ctrl + Maj + Echap (sous Windows Vista) pour ouvrir le Gestionnaire de tâches Windows.
- Fais ensuite "Fichier", puis "Nouvelle tâche" et entre explorer.exe dans la fenêtre qui apparait et finis par "OK".

- redémarre ton ordinateur pour achever le nettoyage !
-1
Réponse 33 / 35
Utilisateur anonyme
18 sept. 2008 à 22:54
salut,


refais un scan hijackthis et post le rapport stp
-1
Réponse 34 / 35
Utilisateur anonyme
18 sept. 2008 à 23:04
Copie le texte ci-dessous :

File::
C:\WINDOWS\WLXPGSS.SCR
C:\Program Files\Alerte Bureau InterCasino\Alerte Bureau InterCasino.exe
D:\NTGLM7X.sys
C:\WINDOWS\system32\ZDCndis5.SYS

Folder::
C:\Program Files\Navilog1
C:\Program Files\Alerte Bureau InterCasino

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Alerte Bureau InterCasino"=-

Driver::
SetupNTGLM7X
ZDCndis5



Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ceci :

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.
-1
Réponse 35 / 35
Utilisateur anonyme
19 sept. 2008 à 00:03
réouvre hijackthis
fais scan only
coches ces lignes :


O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')


O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab


tu les coches et tu clic sur fix checked


ensuite :

désinstal java car pas a jours et telecharge et instal cette version



ensuite :

regarde ceci concernant avast :

antivir vs avast :

-> http://forum.malekal.com/ftopic3528.php


alors je te conseille de le desinstaller et d´installer antivir a la place

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->Antivir le telecharger


tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59

Pour désinstaller Avast telecharge cet outil


ensuite:

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):


http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/


ensuite :

* pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


et :

Désactive et réactive ta restauration system :

(1) Désactiver la Restauration du système

cliques sur Démarrer
Cliques droit sur Poste de travail
cliques sur Propriétés
Cliques sur l'onglet Restauration du système
Coches Désactiver la Restauration du système sur tous les lecteurs
Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
cliques sur Oui.
Cliques sur OK.


(2) Activer la Restauration du système


cliques sur Démarrer
Cliques droit sur Poste de travail
cliques sur Propriétés
Cliques sur l'onglet Restauration du système
Décoches Désactiver la Restauration du système sur tous les lecteurs
Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
cliques sur Oui.
Cliques sur OK.


Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924






-1

Discussions similaires

apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
Candy crush
eric2850 -
MPMP10 -

6 réponses
Pub intempestive sur smartphone Android.
Camitte -
Yoyo -

31 réponses
Publicité s'ouvre toute seule ! ?
RRD91 -
Vinz -

52 réponses
Pub incessantes sur mon téléphone
safiya.l -
Mia -

6 réponses