Hacked By Godzilla comment supprimer?

Fermé
FéeClochette - 3 nov. 2008 à 01:34
 FéeClochette - 8 nov. 2008 à 12:18
Bonjour,
voilà, comme beaucoup, mon pc est contaminé par "hacked by godzilla" (c'est écrit dans la barre de la fenêtre internet explorer), et je ne sais pas si c'est lié mais je ne peux plus empêcher les fenêtres intempestives... Comment supprimer ce virus? Merci d'avance!
A voir également:

9 réponses

Utilisateur anonyme
3 nov. 2008 à 01:37
Salut,

Telecharge UsbFix sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
1
FéeClochette
3 nov. 2008 à 12:37
Merci beaucoup, apparemment ça a fonctionné, "hacked by godzilla" n'apparaît plus!!!
voici le rapport d'UsbFix:



-------------- UsbFix V2.395 ---------------

* User : pbell - 103050090004
* Outils mis a jours le 01/11/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 12:26:01 le 03/11/2008
* Windows Xp - Internet Explorer 7.0.5730.11


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\DOCUME~1\pbell\LOCALS~1\Temp\1.tmp\b2e.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

L: - Lecteur amovible

N: - Lecteur amovible


+- Contenu de l'autorun : L:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
+- Contenu de l'autorun : N:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
PCMService REG_SZ "c:\Apps\Powercinema\PCMService.exe"
ACTIVBOARD REG_SZ c:\apps\ABoard\ABoard.exe
BJCFD REG_SZ C:\Program Files\BroadJump\Client Foundation\CFD.exe
PhilipsDM REG_SZ "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
Workflow REG_SZ D:\install\Workflow.exe
EPSON Stylus DX4000 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S88.tmp" /EF "HKLM"
URLLSTCK.exe REG_SZ C:\Program Files\Norton Internet Security\UrlLstCk.exe
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
SMSTray REG_SZ C:\Program Files\Samsung\EmoDio\SMSTray.exe
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CursorXP REG_SZ C:\Program Files\CursorXP\CursorXP.exe
PhilipsLime REG_SZ "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
OM_Monitor REG_SZ C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
Acmw REG_SZ "C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe" -vt ndrv
Idfghfck REG_SZ "C:\Program Files\?ppPatch\d?xplore.exe"

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{522d10e6-bee2-11dc-beaf-0008d320c3c4}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b6b3180-f86e-11da-bc9c-000fb59bb502}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfc4ae15-afb3-11db-bd6b-00038a000015}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [31/10/2008 16:00] L:\autorun.inf
Supprimé ! - [31/10/2008 16:00] L:\*.dll.vbs
Supprimé ! - [28/10/2008 13:40] N:\autorun.inf
Supprimé ! - [28/10/2008 13:40] N:\*.dll.vbs

--------------- [ Listing des fichiers présents ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[05/08/2004 13:00][-rahs----] C:\NTDETECT.COM
[18/05/2007 16:23][-rahs----] C:\BOOT.INI

--------------- ! Fin du rapport ! ----------------
0
Utilisateur anonyme
3 nov. 2008 à 22:06
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe




-> Double clique sur combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
1
FéeClochette
4 nov. 2008 à 11:24
voici le rapport, par contre le programme ne m'a pas demandé de choisir un quelconque menu :

ComboFix 08-11-03.04 - pbell 2008-11-04 11:11:40.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.270 [GMT 1:00]
Lancé depuis: c:\documents and settings\pbell\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\pbell\Application Data\RACLE~1
c:\documents and settings\pbell\Application Data\RACLE~1\?icrosoft\
c:\documents and settings\pbell\Application Data\RACLE~1\wuauboot.exe
c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo
c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
c:\documents and settings\pbell\Mes documents\YMANTE~1
c:\documents and settings\pbell\real.txt
c:\program files\GamesBar\oberontb.dll
c:\program files\pppatc~1
c:\program files\pppatc~1\d?xplore.exe
c:\program files\ymante~1
c:\windows\Downloaded Program Files\setup.inf
c:\windows\stem32~1
c:\windows\system32\_000005_.tmp.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-04 au 2008-11-04 ))))))))))))))))))))))))))))))))))))
.

2008-11-03 23:07 . 2008-11-03 23:08 <REP> d-------- c:\program files\Miss Teri Tale - Vote 4 Me
2008-11-03 21:48 . 2008-11-03 22:03 <REP> d-------- c:\program files\Navilog1
2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\documents and settings\pbell\Application Data\Malwarebytes
2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-03 16:26 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-03 16:26 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-03 16:08 . 2008-11-03 16:08 <REP> d-------- C:\Themes
2008-11-03 14:30 . 2008-11-03 14:30 <REP> d-------- c:\program files\Trend Micro
2008-11-03 12:20 . 2008-11-03 12:26 <REP> d-------- c:\program files\UsbFix
2008-11-03 00:02 . 2008-11-03 00:03 <REP> d-------- c:\documents and settings\pbell\Application Data\SprillBermudeFr
2008-10-27 19:23 . 2008-10-27 19:25 <REP> d-------- c:\documents and settings\pbell\Application Data\PetShowCraze
2008-10-27 15:40 . 2008-10-27 15:40 <REP> d-------- c:\documents and settings\pbell\Application Data\Pogo Games
2008-10-25 11:50 . 2008-10-25 11:50 <REP> d-------- c:\documents and settings\All Users\Application Data\SpinTop Games
2008-10-21 13:48 . 2008-10-21 13:48 <REP> d-------- c:\documents and settings\pbell\Application Data\Alawar
2008-10-21 12:01 . 2008-10-21 12:01 <REP> d-------- c:\documents and settings\All Users\Application Data\MysteryChronicles
2008-10-14 13:45 . 2008-10-14 13:45 <REP> d-------- c:\documents and settings\pbell\Application Data\Amaranth Games
2008-10-13 18:04 . 2008-10-13 18:04 <REP> d-------- c:\documents and settings\pbell\Application Data\SulusGames
2008-10-06 17:56 . 2008-10-06 17:56 <REP> d-------- c:\documents and settings\pbell\Application Data\AlterLab
2008-10-05 23:33 . 2008-10-27 15:05 <REP> d-------- c:\program files\Oberon Media

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-04 10:11 --------- d-----w c:\program files\GamesBar
2008-11-04 09:57 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-11-03 23:09 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-03 19:10 --------- d-----w c:\documents and settings\All Users\Application Data\BigFishGamesCache
2008-11-03 15:07 --------- d-----w c:\program files\CursorXP
2008-11-03 13:50 --------- d-----w c:\program files\eMule
2008-10-28 21:44 --------- d-----w c:\documents and settings\pbell\Application Data\Big Fish Games
2008-10-25 13:18 --------- d-----w c:\documents and settings\pbell\Application Data\PlayFirst
2008-10-25 13:18 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-13 19:40 --------- d-----w c:\documents and settings\pbell\Application Data\Flood Light Games
2008-10-13 19:40 --------- d-----w c:\documents and settings\All Users\Application Data\Flood Light Games
2008-10-05 22:37 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games
2008-10-03 17:12 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
2008-10-03 16:23 --------- d-----w c:\program files\Fichiers communs\xing shared
2008-10-03 16:21 --------- d-----w c:\program files\Fichiers communs\Real
2008-09-30 20:29 --------- d-----w c:\documents and settings\pbell\Application Data\Games
2008-09-23 08:50 --------- d-----w c:\documents and settings\All Users\Application Data\Gogii
2008-09-22 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\TheRace_dev
2008-09-22 16:35 --------- d-----w c:\documents and settings\pbell\Application Data\Meridian93
2008-09-22 10:54 --------- d-----w c:\documents and settings\pbell\Application Data\blg
2008-09-22 10:54 --------- d-----w c:\documents and settings\All Users\Application Data\blg
2008-09-21 21:27 --------- d-----w c:\program files\bfgclient
2008-09-18 12:49 --------- d-----w c:\documents and settings\pbell\Application Data\BeachPartyCraze
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-08 10:53 --------- d-----w c:\documents and settings\All Users\Application Data\FamilyFlights
2008-09-02 06:36 73,784 ----a-w c:\documents and settings\pbell\Application Data\GDIPFONTCACHEV1.DAT
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-27 09:11 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:39 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 08:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-08-24 19:56 96,704 ----a-w c:\windows\~GLC0000.TMP
2008-08-23 05:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-08-14 13:44 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:44 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2008-05-13 13:12 0 ----a-w c:\program files\temp01
2008-04-10 16:22 2,149,941 ----a-w c:\program files\cleanvirusmsn.zip
2007-12-03 09:38 9 ----a-w c:\documents and settings\pbell\Application Data\mdb.bin
2007-07-27 11:55 3,858,985 ----a-w c:\program files\eMule0.48a-Installer.exe
2007-07-09 19:37 4,909,080 ----a-w c:\program files\picasa2Setup.exe
2007-06-26 10:30 17,929,072 ----a-w c:\program files\Install_Messenger.exe
2007-04-18 20:23 87,608 ----a-w c:\documents and settings\pbell\Application Data\ezpinst.exe
2007-04-18 20:23 47,360 ----a-w c:\documents and settings\pbell\Application Data\pcouffin.sys
2007-04-27 15:41 56 --sh--r c:\windows\system32\E72D798504.sys
2007-04-27 15:41 1,890 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Idfghfck"="c:\program files\?ppPatch\d?xplore.exe" [?]
"PhilipsLime"="c:\program files\Philips\Philips Lime Service\bin\LimeAlive.exe" [2005-09-08 159744]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 339968]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2004-10-08 81920]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"PhilipsDM"="c:\program files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2005-09-14 512000]
"URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-01-27 70760]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2003-09-09 70800]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-10-21 98304]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2006-02-26 95960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2008-06-23 479232]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-03 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-09 113664]
Microsoft Office.lnk - c:\program files\microsoft office\Office10\OSA.EXE [2001-02-13 83360]
NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111 Configuration Utility\wpn111.exe [2006-03-06 491606]
WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe [2007-03-21 694272]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= pvmjpg21.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.ffds"= c:\program files\ffdshow\ffdshow.ax
"vidc.mpng"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll
"vidc.mvjp"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll
"vidc.444p"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\APPS\\Inventime\\my.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"<NO NAME>"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 Cap713x;Cap713x Video Capture;c:\windows\system32\DRIVERS\Cap713x.sys [2004-10-08 751104]
R3 usbscan;Pilote de scanneur USB;c:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB;c:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;c:\windows\system32\Drivers\athwpn.sys [2004-10-14 43392]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.SYS [2003-07-24 17149]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\DRIVERS\usb8023.sys [2004-08-05 12672]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\DRIVERS\WPN111.sys [2005-01-07 286720]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-11-04 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-04-09 12:22]

2008-10-31 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2003-12-04 20:06]

2008-11-04 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-09-09 12:39]

2008-11-03 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{A547EF18-2383-7C56-AE3E-78A296EC4FBE} - c:\windows\system32\kwnpso.dll
HKCU-Run-OM_Monitor - c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe
HKCU-Run-Acmw - c:\docume~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe
HKLM-Run-Workflow - d:\install\Workflow.exe
HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe


.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\pbell\Application Data\Mozilla\Firefox\Profiles\2xxdndj1.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-04 11:16:20
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MysqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-nt MysqlInventime"
.
Heure de fin: 2008-11-04 11:20:00
ComboFix-quarantined-files.txt 2008-11-04 10:19:39

Avant-CF: 9 826 013 184 octets libres
Après-CF: 9,881,808,896 octets libres

222 --- E O F --- 2008-11-03 23:12:02
0
Utilisateur anonyme
3 nov. 2008 à 13:36
Télécharge HijackThis (outils de dignostic) ici :

-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

-> Clique sur Install ensuite sur I Accept

-> Clique sur Do a scan system and save log file

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
0
FéeClochette
3 nov. 2008 à 14:33
voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:22, on 03/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe
C:\Program Files\?ppPatch\d?xplore.exe
C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\CPV\CPV7.dll (file missing)
O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Documents and Settings\All Users\Application Data\services\services.dll (file missing)
O2 - BHO: msvbcr40 module - {2756BAD7-2F9F-47ef-AE6D-8D39CCEB396F} - C:\WINDOWS\system32\msvbcr40.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {66AC9868-59F6-012B-8C39-58C07152D6ED} - C:\WINDOWS\system32\fcoex.dll
O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A547EF18-2383-7C56-AE3E-78A296EC4FBE} - C:\WINDOWS\system32\kwnpso.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S88.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acmw] "C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Idfghfck] "C:\Program Files\?ppPatch\d?xplore.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3d1edfddca9243c6a7524105ba1b1ab8
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3d1edfddca9243c6a7524105ba1b1ab8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://dida.univ-tln.fr/qp2.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/ddfotg.1.0.0.37.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeuxenligne.orange.fr/GameShell/online/fr/Diner_Dash/DinerDash.1.0.0.4.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4699A48C-7B72-42F0-84FE-F2DB63DE760E}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE42C708-BF61-4320-8C35-02739C906654}: NameServer = 192.168.1.1
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Winmutsavltf - Ralink Technology Inc. - C:\WINDOWS\system32\drivers\rt25u98.sys
0
Utilisateur anonyme
3 nov. 2008 à 14:37
commence par désinstaller proprement norton :


pour désinstaller norton proprement telecharge cet outil


http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924?OpenDocument&seg=hm&lg=fr&ct=fr


ensuite :


Telecharge malwarebytes

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
FéeClochette
3 nov. 2008 à 20:04
voici le rapport après avoir supprimé les éléments trouvés :

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1358
Windows 5.1.2600 Service Pack 2

03/11/2008 20:00:27
mbam-log-2008-11-03 (20-00-27).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Eléments examinés: 161313
Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 57
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 24
Fichier(s) infecté(s): 120

Processus mémoire infecté(s):
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
0
FéeClochette
3 nov. 2008 à 20:05
voici le rapport après avoir supprimé les éléments trouvés :

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1358
Windows 5.1.2600 Service Pack 2

03/11/2008 20:00:27
mbam-log-2008-11-03 (20-00-27).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Eléments examinés: 161313
Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 57
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 24
Fichier(s) infecté(s): 120

Processus mémoire infecté(s):
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
0
FéeClochette
3 nov. 2008 à 20:06
voici le rapport après avoir supprimé les éléments trouvés (par contre j'ai toujours des fenêtres intempestives "avdertissement by outerinfo") :

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1358
Windows 5.1.2600 Service Pack 2

03/11/2008 20:00:27
mbam-log-2008-11-03 (20-00-27).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Eléments examinés: 161313
Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 57
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 24
Fichier(s) infecté(s): 120

Processus mémoire infecté(s):
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
3 nov. 2008 à 20:11
réouvre malewarebyte
va sur quarantaine
supprime tout


Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
FéeClochette
3 nov. 2008 à 22:05
voici de nouveau le rapport :

Search Navipromo version 3.6.8 commencé le 03/11/2008 à 21:50:27,64

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "pbell"

Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\pbell\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\pbell\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\pbell\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\pbell\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\pbell\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 03/11/2008 à 22:03:33,07 ***
0
Utilisateur anonyme
4 nov. 2008 à 19:10
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
FéeClochette
4 nov. 2008 à 19:52
Comment se fait-il que la procédure soit aussi longue? Tout ceci ne sert-il qu'à supprimer le virus?
0
Utilisateur anonyme
4 nov. 2008 à 19:54
14 post c pas beaucoup

ton pc presentait plusieures infections donc plusieures outils sont necessaire
0
FéeClochette
4 nov. 2008 à 20:00
Ok ok, voici le nouveau rapport :


-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.80GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : pbell ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total:181 Go (Free:9 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)
M:\ (USB)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 04/11/2008|19:54 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\pbell\Cookies\pbell@bananalotto[2].txt
C:\DOCUME~1\pbell\Cookies\pbell@www.bananalotto[2].txt
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Azada16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\caribbean_hideaway16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_of_persia16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_rome16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deep_quest16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_daisy_pet_vet16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\family_restaurant16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\fashion_craze16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_poker16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_stories_kit_ellis16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\seasonmatch16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\solitaire_cruise16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\supercow16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Turbo_Subs16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar

-----------\\ Extensions

(pbell) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2008|19:57 - Option : [1]

-----------\\ Fin du rapport a 19:57:07,50
0
Utilisateur anonyme
4 nov. 2008 à 20:03
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
0
FéeClochette
4 nov. 2008 à 20:50
voici le rapport :


-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.80GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : pbell ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Not Activated)
Firewall : Norton Internet Security 2004 (Not Activated)
C:\ (Local Disk) - NTFS - Total:181 Go (Free:9 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)
M:\ (USB)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 04/11/2008|20:10 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\pbell\Cookies\pbell@bananalotto[2].txt
Supprime! - C:\DOCUME~1\pbell\Cookies\pbell@www.bananalotto[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Azada16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\caribbean_hideaway16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_of_persia16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_rome16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deep_quest16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_daisy_pet_vet16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\family_restaurant16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\fashion_craze16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_poker16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_stories_kit_ellis16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\seasonmatch16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\solitaire_cruise16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\supercow16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Turbo_Subs16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\OBGet.exe
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(pbell) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2008|19:57 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/11/2008|20:13 - Option : [2]

-----------\\ Fin du rapport a 20:13:44,20
0
FéeClochette
4 nov. 2008 à 20:53
qu'est-ce qui a pu m'apporter ces virus (de façon à ce que je n'en ai plus à l'avenir...), le téléchargement de jeux sur oranger ou fish games peut-il être proteur de virus?
0
bobo > FéeClochette
4 nov. 2008 à 21:43
Voici mon rapport
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\system32\TPSBattM.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

E: - Lecteur amovible

F: - Lecteur fixe


+- Contenu de l'autorun : C:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
+- Contenu de l'autorun : E:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
+- Contenu de l'autorun : F:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
AGRSMMSG REG_SZ AGRSMMSG.exe
Apoint REG_SZ C:\Program Files\Apoint2K\Apoint.exe
CeEKEY REG_SZ C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
<SANS NOM> REG_SZ
TPNF REG_SZ C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
HWSetup REG_SZ C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
SVPWUTIL REG_SZ C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
Zooming REG_SZ ZoomingHook.exe
TCtryIOHook REG_SZ TCtrlIOHook.exe
TPSMain REG_SZ TPSMain.exe
SmoothView REG_SZ C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
TFncKy REG_SZ TFncKy.exe
PadTouch REG_SZ C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
Tvs REG_SZ C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
NDSTray.exe REG_SZ NDSTray.exe
dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
ATIPTA REG_SZ "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
CFSServ.exe REG_SZ CFSServ.exe -NoClient
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
EverioService REG_SZ "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
TOSCDSPD REG_SZ C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
WOOKIT REG_SZ C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27cd580c-2f76-11dc-a383-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a567c34-9575-11dd-a69f-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d38b6c8-00db-11dd-a53b-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a64db73e-7080-11dd-a61d-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c14705ef-a03a-11dd-a6c4-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c701822d-2be7-11dd-a5a6-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e26d754f-6d36-11dd-a60d-0013ceadbe83}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [04/11/2008 21:34] C:\WINDOWS\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] C:\autorun.inf
Supprimé ! - [04/11/2008 21:34] C:\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] E:\autorun.inf
Supprimé ! - [04/11/2008 21:34] E:\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] F:\autorun.inf
Supprimé ! - [04/11/2008 21:34] F:\MS32DLL.dll.vbs

--------------- [ Listing des fichiers présents ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[16/09/2005 07:37][--a------] C:\AUTOEXEC.BAT
[05/08/2004 11:00][-rahs----] C:\NTDETECT.COM
[02/03/2006 10:19][-rahs----] C:\boot.ini

--------------- ! Fin du rapport ! ----------------
0
FéeClochette
8 nov. 2008 à 12:18
Vous ne m'avez pas répondu, je vous renvoie donc je dernier rapport que vous m'aviez demandé :

Voici mon rapport
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\system32\TPSBattM.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

E: - Lecteur amovible

F: - Lecteur fixe


+- Contenu de l'autorun : C:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
+- Contenu de l'autorun : E:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
+- Contenu de l'autorun : F:\autorun.inf

[autorun]
shellexecute=wscript.exe MS32DLL.dll.vbs
--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion­\Run
AGRSMMSG REG_SZ AGRSMMSG.exe
Apoint REG_SZ C:\Program Files\Apoint2K\Apoint.exe
CeEKEY REG_SZ C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
<SANS NOM> REG_SZ
TPNF REG_SZ C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
HWSetup REG_SZ C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
SVPWUTIL REG_SZ C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
Zooming REG_SZ ZoomingHook.exe
TCtryIOHook REG_SZ TCtrlIOHook.exe
TPSMain REG_SZ TPSMain.exe
SmoothView REG_SZ C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
TFncKy REG_SZ TFncKy.exe
PadTouch REG_SZ C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
Tvs REG_SZ C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
NDSTray.exe REG_SZ NDSTray.exe
dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
ATIPTA REG_SZ "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
CFSServ.exe REG_SZ CFSServ.exe -NoClient
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
EverioService REG_SZ "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
TOSCDSPD REG_SZ C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
WOOKIT REG_SZ C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27cd580c-2f76-11dc-a383-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a567c34-9575-11dd-a69f-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d38b6c8-00db-11dd-a53b-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a64db73e-7080-11dd-a61d-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c14705ef-a03a-11dd-a6c4-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c701822d-2be7-11dd-a5a6-0013ceadbe83}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e26d754f-6d36-11dd-a60d-0013ceadbe83}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [04/11/2008 21:34] C:\WINDOWS\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] C:\autorun.inf
Supprimé ! - [04/11/2008 21:34] C:\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] E:\autorun.inf
Supprimé ! - [04/11/2008 21:34] E:\MS32DLL.dll.vbs
Supprimé ! - [04/11/2008 21:34] F:\autorun.inf
Supprimé ! - [04/11/2008 21:34] F:\MS32DLL.dll.vbs

--------------- [ Listing des fichiers présents ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[16/09/2005 07:37][--a------] C:\AUTOEXEC.BAT
[05/08/2004 11:00][-rahs----] C:\NTDETECT.COM
[02/03/2006 10:19][-rahs----] C:\boot.ini

--------------- ! Fin du rapport ! ----------------
0