Avast ne veut plus démarer erreur win 32
Résolu
johndu30160
Messages postés
133
Statut
Membre
-
johndu30160 Messages postés 133 Statut Membre -
johndu30160 Messages postés 133 Statut Membre -
Bonjour,
Je vient vous demander de l'aide car j'ai un problème avec avast 4.8 .
Lorsque j'ai démarer mon pc il y a eut des messages d'erreur dissant que les écriture des cls du registres qui concerner avast avait était refusé (accés refusé) .
Je l'ai réparer , désinstaller , reinstaller dans une autre version mais rien y fait j'ai toujours se message " C:\Program Files\Alwil SZoftware\Avast4\ashAvast.exe n'est pas une application win32 valide."
Merci de bien vouloir m'aider.
Je vient vous demander de l'aide car j'ai un problème avec avast 4.8 .
Lorsque j'ai démarer mon pc il y a eut des messages d'erreur dissant que les écriture des cls du registres qui concerner avast avait était refusé (accés refusé) .
Je l'ai réparer , désinstaller , reinstaller dans une autre version mais rien y fait j'ai toujours se message " C:\Program Files\Alwil SZoftware\Avast4\ashAvast.exe n'est pas une application win32 valide."
Merci de bien vouloir m'aider.
A voir également:
- Avast ne veut plus démarer erreur win 32
- 32 bits - Guide
- Power iso 32 bit - Télécharger - Gravure
- Désinstaller avast - Télécharger - Antivirus & Antimalwares
- Win rar - Télécharger - Compression & Décompression
- Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
32 réponses
Voila le log :
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : ADAN ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Not Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:22 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
O:\ (Local Disk) - NTFS - Total:465 Go (Free:271 Go)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 03/11/2008|20:21 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\spoolsv.exe
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(John.CARLOS) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(John.CARLOS) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(John.CARLOS) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(John.CARLOS) - {987311C6-B504-4aa2-90BF-60CC49808D42} => bugmenot
(John.CARLOS) - {F807FACD-E46A-4793-B345-D58CB177673C} => performancing
(Papa) - {7a3a9c78-3715-4fab-a21f-150dbd3d3d90} => radarsyncbar
(Papa) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Search Bar"="https://actus.sfr.fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\DesktopIcons
C:\Program Files\Instant Access\Multi
C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\updates
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe
[b]==> EGDACCESS <==/b
C:\WINDOWS\system32\drivers\downld
[b]==> BAGLE <==/b
1 - "C:\ToolBar SD\TB_1.txt" - 03/11/2008|19:53 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 03/11/2008|20:30 - Option : [2]
-----------\\ Fin du rapport a 20:30:24,46
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : ADAN ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Not Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:22 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
O:\ (Local Disk) - NTFS - Total:465 Go (Free:271 Go)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 03/11/2008|20:21 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\spoolsv.exe
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(John.CARLOS) - {0200c2a9-70da-4f6d-b527-f5f7d7877228} => fireuploader
(John.CARLOS) - {1018e4d6-728f-4b20-ad56-37578a4de76b} => flagfox
(John.CARLOS) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(John.CARLOS) - {987311C6-B504-4aa2-90BF-60CC49808D42} => bugmenot
(John.CARLOS) - {F807FACD-E46A-4793-B345-D58CB177673C} => performancing
(Papa) - {7a3a9c78-3715-4fab-a21f-150dbd3d3d90} => radarsyncbar
(Papa) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Search Bar"="https://actus.sfr.fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\DesktopIcons
C:\Program Files\Instant Access\Multi
C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\updates
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe
[b]==> EGDACCESS <==/b
C:\WINDOWS\system32\drivers\downld
[b]==> BAGLE <==/b
1 - "C:\ToolBar SD\TB_1.txt" - 03/11/2008|19:53 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 03/11/2008|20:30 - Option : [2]
-----------\\ Fin du rapport a 20:30:24,46
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Tuto: http://www.malekal.com/Adware.Magic_Control.php
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Tuto: http://www.malekal.com/Adware.Magic_Control.php
je crois que c'est ce log
Search Navipromo version 3.6.8 commencé le 03/11/2008 à 21:03:49,78
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "ADAN"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
...\Instant Access trouvé !
...\WebMediaPlayer trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\ADAN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\Papa\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\dialerexe.ini trouvé !
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\ADAN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" :
aertbcoh.dat trouvé !
aertbcoh_nav.dat trouvé !
aertbcoh_navps.dat trouvé !
jhxqsxnah.dat trouvé !
jhxqsxnah_nav.dat trouvé !
jhxqsxnah_navps.dat trouvé !
* Dans "C:\DOCUME~1\Papa\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 03/11/2008 à 22:51:08,35 ***
Search Navipromo version 3.6.8 commencé le 03/11/2008 à 21:03:49,78
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "ADAN"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
...\Instant Access trouvé !
...\WebMediaPlayer trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\ADAN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\Papa\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\ADAN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\Papa\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\dialerexe.ini trouvé !
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\ADAN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" :
aertbcoh.dat trouvé !
aertbcoh_nav.dat trouvé !
aertbcoh_navps.dat trouvé !
jhxqsxnah.dat trouvé !
jhxqsxnah_nav.dat trouvé !
jhxqsxnah_navps.dat trouvé !
* Dans "C:\DOCUME~1\Papa\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 03/11/2008 à 22:51:08,35 ***
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
J'ai refait un scan car j'ai supprimer des fichiers voici le log :
Search Navipromo version 3.6.8 commencé le 04/11/2008 à 16:55:00,67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Papa"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
...\Instant Access trouvé !
...\WebMediaPlayer trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\dialerexe.ini trouvé !
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Papa\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADAN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" :
aertbcoh.dat trouvé !
aertbcoh_nav.dat trouvé !
aertbcoh_navps.dat trouvé !
jhxqsxnah.dat trouvé !
jhxqsxnah_nav.dat trouvé !
jhxqsxnah_navps.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 04/11/2008 à 17:37:05,93 ***
Search Navipromo version 3.6.8 commencé le 04/11/2008 à 16:55:00,67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Papa"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
...\Instant Access trouvé !
...\WebMediaPlayer trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Papa\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADAN\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\dialerexe.ini trouvé !
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Papa\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADAN\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" :
aertbcoh.dat trouvé !
aertbcoh_nav.dat trouvé !
aertbcoh_navps.dat trouvé !
jhxqsxnah.dat trouvé !
jhxqsxnah_nav.dat trouvé !
jhxqsxnah_navps.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 04/11/2008 à 17:37:05,93 ***
voila le log après suppression :
Clean Navipromo version 3.6.8 commencé le 04/11/2008 à 17:39:11,01
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Papa"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
...\Instant Access ...suppression...
...\Instant Access supprimé !
...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Suppression fichiers ***
C:\WINDOWS\dialerexe.ini supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Papa\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
aertbcoh.dat trouvé !
Copie aertbcoh.dat réalisée avec succès !
aertbcoh.dat supprimé !
aertbcoh_nav.dat trouvé !
Copie aertbcoh_nav.dat réalisée avec succès !
aertbcoh_nav.dat supprimé !
aertbcoh_navps.dat trouvé !
Copie aertbcoh_navps.dat réalisée avec succès !
aertbcoh_navps.dat supprimé !
jhxqsxnah.dat trouvé !
Copie jhxqsxnah.dat réalisée avec succès !
jhxqsxnah.dat supprimé !
jhxqsxnah_nav.dat trouvé !
Copie jhxqsxnah_nav.dat réalisée avec succès !
jhxqsxnah_nav.dat supprimé !
jhxqsxnah_navps.dat trouvé !
Copie jhxqsxnah_navps.dat réalisée avec succès !
jhxqsxnah_navps.dat supprimé !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 04/11/2008 à 17:46:56,76 ***
Clean Navipromo version 3.6.8 commencé le 04/11/2008 à 17:39:11,01
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Papa"
Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
...\Instant Access ...suppression...
...\Instant Access supprimé !
...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Papa\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADAN\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JOHN~1.CAR\menudm~1\progra~1" ***
*** Suppression fichiers ***
C:\WINDOWS\dialerexe.ini supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Papa\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\Papa\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADAN\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Dans "C:\DOCUME~1\JOHN~1.CAR\locals~1\applic~1" *
aertbcoh.dat trouvé !
Copie aertbcoh.dat réalisée avec succès !
aertbcoh.dat supprimé !
aertbcoh_nav.dat trouvé !
Copie aertbcoh_nav.dat réalisée avec succès !
aertbcoh_nav.dat supprimé !
aertbcoh_navps.dat trouvé !
Copie aertbcoh_navps.dat réalisée avec succès !
aertbcoh_navps.dat supprimé !
jhxqsxnah.dat trouvé !
Copie jhxqsxnah.dat réalisée avec succès !
jhxqsxnah.dat supprimé !
jhxqsxnah_nav.dat trouvé !
Copie jhxqsxnah_nav.dat réalisée avec succès !
jhxqsxnah_nav.dat supprimé !
jhxqsxnah_navps.dat trouvé !
Copie jhxqsxnah_navps.dat réalisée avec succès !
jhxqsxnah_navps.dat supprimé !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 04/11/2008 à 17:46:56,76 ***
Telecharge malwarebytes
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1366
Windows 5.1.2600 Service Pack 3
05/11/2008 18:19:56
mbam-log-2008-11-05 (18-19-55).txt
Type de recherche: Examen complet (C:\|O:\|)
Eléments examinés: 333854
Temps écoulé: 5 hour(s), 54 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 150
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5y99ae78-58tt-11dw-be53-y67078979y} (Backdoor.ProRat) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cmstp (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\windows\system32\drivers\logman.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: system32\drivers\logman.exe -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\John.CARLOS\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\1st_Security_Center_Pro_5.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\3D_Funny_Fish_Screensaver_1.0_[Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\3D_Yellow_Ribbons_1.0_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Abilities_Builder_Add_&_Subtract_Whole_Numbers_6.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\AC3D 6.2.05.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Advanced Auto Clicker 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Aear Qsaver 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Analog Silver Clock 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Antivirus.Karpersky.2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Audioblast 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\BB_Doall_6.67_build_3831.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Body Makeover 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Brain_Storming_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Ceremu_System_Checker_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CGIndia toolbar for IE 4.5.134.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chatlog_1.0_(With_Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chilkat_ZIP_2_Secure_EXE_10.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chrono.Net 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CoCSoft Stream Down 6.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Command_&_Conquer_Red_Alert_1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CPUSpy_1.044_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Database_Browser_Plus_3.0.42.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Database_Tour_5.6.2.1004_[Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DDance.FM_Tuner_2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Deudos_Family_Tree_5.1.274.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DHL_Tracking_Tool_1.28_[Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Dictionary_English_-_Russian_for_Nokia_1.0.6_(Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Dream FTP Server 1.02.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DrWeb.key.alternative.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DynamicExplorer_1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\eBay Auction Typo Finder 1.02.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Educational_Worksheets_-_Math_(Windows_XP)_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ES_Clipboard_Monitor_Engine_1.1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\EventSentry_Light_2.71.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Express2Desktop_Converter_2.6_[Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\EZ Video To MPEG Converter 2.70.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FastSMS_III_Corporate_3.5.15.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FireFox Clock 1.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Flazzle Pro 1.6b.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FreePing 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Freezbe 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\fvpat Webdev Server 0.1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Gamer's Own Instant Messenger 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Google Argentina 0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Gym Trainer 2.0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Haihaisoft DRM-X Packager 1.0.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Heritage_Family_Tree_Deluxe_4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\HurbisTime_2.4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\i.Look 1.50.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Image to Icon 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\IMS Telephone On-Hold Player 3.13.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Insane_demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Invoicer 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\iolo_Personal_Firewall_1.1.10.7_[Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\J.River_Media_Jukebox_8.0.400_(With_Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.v5.0.522.German-TWK.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Klez_Removal_Tool_1.0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\konFuzzy 0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Kontakt_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LanguageStudio French 2.1s build 69.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Lights_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LingvoSoft Dictionary 2007 Russian - Azerbaijani 4.0.22.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LingvoSoft Suite 2007 English - Thai 2.0.23.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LTFCrypt 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Management Pack for Active Directory Application Mode 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MB4-211 Practice Exam Testing Software 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Media_Fortress_1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Media_Player_Puppeteer_for_iTunes_2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Mind Pad 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MS Products Key Finder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MSD Documents Multiuser 2.20.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MTBF_Timer_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\My Little Mole Toolbar 2.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\My_Options_3.5_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Net-Regulator_Personal_1.1.5.269.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NetGong 6.2 Build 715 (Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NetNotes_4.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Nitrox Calculator 2.2 (Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NM Make Index 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Nurse_Dispatchers_1.4_[Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Online_Store_System_toolbar_for_Firefox_1.5.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ParseWare_1.5.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\PasswordNow_Access_Recovery_Tool_3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Phonebook_2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\PhotoOne_Print_1.5.1774.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\pptXTREME_ColorPicker_for_PowerPoint_1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Quadratic Equation Solver 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\RQ Search and Replace 1.83.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SafEEditor_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sand Sculptures Animated Slide Show 1.0 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ScreenshotWatcher 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Server Port 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Share_My_Picture_3.1_Build_40615.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ShutOff 2000 2.8.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sibelius_3.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sib_Mobile_Imager_2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SoundTap_Streaming_Audio_Recorder_1.25.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Spyware Remover 7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SQLite_Analyzer_3.0.4.12_Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Stephanie 1.0 [KeyGen].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\StockWatch 4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sudoku Puzzles.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Surprise_Maker_3.4.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Symantec.Mobile.Security.For.Symbian.s60.s80.With.Instructions.(So7T).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SyncBot_3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TestTrack_Pro_7.5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ThinXP_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TimePunch 1.82.04 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ToOnScreen Isabel 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Troubleshooting Motor Controls 3.0 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TuberPlayer 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Txt2fil 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Undo_Delete_1.00_Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Unreal_Tournament_2003_-_Hive_deathmatch_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Unreal_Tournament_2004_AS_Unknown_Cube_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\USPS_Postnet_Fonts_3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VDTimer_1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VGadgetNT 1.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Video2Photo_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VideoVista Standard Edition 2.3.0 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Vidophone_H323_Softphone_1.6.1.0_(Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Virtual_BassLine_3.5_[With_Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Watermark_Photos_1.0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Whizlabs_SCMAD_Preparation_Kit_6.0.1_(KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\WinMatrix 2.32.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\X360_Multi-page_Tiff_Converter_OCX_2.0_Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\XP Icons 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Yahoo Quotes Downloader 1.08.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Zipfusion_6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 Jun 02 - 03_30_03 AM_578.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 May 25 - 03_30_12 AM_484.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 May 25 - 10_46_26 AM_078.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups\2008-05-25_10-52-51.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups\2008-05-27_16-57-07.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 01_41_14 PM_565.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 02_57_52 PM_187.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 08_44_07 PM_875.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 09_51_57 PM_046.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Registry Backups\2008-03-26_21-57-18.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cmstp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\mqtgsvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Version de la base de données: 1366
Windows 5.1.2600 Service Pack 3
05/11/2008 18:19:56
mbam-log-2008-11-05 (18-19-55).txt
Type de recherche: Examen complet (C:\|O:\|)
Eléments examinés: 333854
Temps écoulé: 5 hour(s), 54 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 150
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5y99ae78-58tt-11dw-be53-y67078979y} (Backdoor.ProRat) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cmstp (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\windows\system32\drivers\logman.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: system32\drivers\logman.exe -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\John.CARLOS\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\1st_Security_Center_Pro_5.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\3D_Funny_Fish_Screensaver_1.0_[Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\3D_Yellow_Ribbons_1.0_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Abilities_Builder_Add_&_Subtract_Whole_Numbers_6.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\AC3D 6.2.05.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Advanced Auto Clicker 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Aear Qsaver 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Analog Silver Clock 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Antivirus.Karpersky.2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Audioblast 1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\BB_Doall_6.67_build_3831.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Body Makeover 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Brain_Storming_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Ceremu_System_Checker_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CGIndia toolbar for IE 4.5.134.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chatlog_1.0_(With_Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chilkat_ZIP_2_Secure_EXE_10.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Chrono.Net 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CoCSoft Stream Down 6.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Command_&_Conquer_Red_Alert_1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\CPUSpy_1.044_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Database_Browser_Plus_3.0.42.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Database_Tour_5.6.2.1004_[Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DDance.FM_Tuner_2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Deudos_Family_Tree_5.1.274.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DHL_Tracking_Tool_1.28_[Key+Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Dictionary_English_-_Russian_for_Nokia_1.0.6_(Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Dream FTP Server 1.02.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DrWeb.key.alternative.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\DynamicExplorer_1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\eBay Auction Typo Finder 1.02.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Educational_Worksheets_-_Math_(Windows_XP)_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ES_Clipboard_Monitor_Engine_1.1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\EventSentry_Light_2.71.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Express2Desktop_Converter_2.6_[Key].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\EZ Video To MPEG Converter 2.70.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FastSMS_III_Corporate_3.5.15.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FireFox Clock 1.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Flazzle Pro 1.6b.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\FreePing 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Freezbe 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\fvpat Webdev Server 0.1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Gamer's Own Instant Messenger 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Google Argentina 0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Gym Trainer 2.0.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Haihaisoft DRM-X Packager 1.0.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Heritage_Family_Tree_Deluxe_4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\HurbisTime_2.4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\i.Look 1.50.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Image to Icon 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\IMS Telephone On-Hold Player 3.13.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Insane_demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Invoicer 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\iolo_Personal_Firewall_1.1.10.7_[Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\J.River_Media_Jukebox_8.0.400_(With_Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.v5.0.522.German-TWK.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Klez_Removal_Tool_1.0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\konFuzzy 0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Kontakt_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LanguageStudio French 2.1s build 69.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Lights_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LingvoSoft Dictionary 2007 Russian - Azerbaijani 4.0.22.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LingvoSoft Suite 2007 English - Thai 2.0.23.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\LTFCrypt 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Management Pack for Active Directory Application Mode 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MB4-211 Practice Exam Testing Software 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Media_Fortress_1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Media_Player_Puppeteer_for_iTunes_2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Mind Pad 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MS Products Key Finder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MSD Documents Multiuser 2.20.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\MTBF_Timer_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\My Little Mole Toolbar 2.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\My_Options_3.5_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Net-Regulator_Personal_1.1.5.269.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NetGong 6.2 Build 715 (Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NetNotes_4.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Nitrox Calculator 2.2 (Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\NM Make Index 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Nurse_Dispatchers_1.4_[Patch].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Online_Store_System_toolbar_for_Firefox_1.5.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ParseWare_1.5.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\PasswordNow_Access_Recovery_Tool_3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Phonebook_2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\PhotoOne_Print_1.5.1774.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\pptXTREME_ColorPicker_for_PowerPoint_1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Quadratic Equation Solver 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\RQ Search and Replace 1.83.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SafEEditor_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sand Sculptures Animated Slide Show 1.0 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ScreenshotWatcher 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Server Port 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Share_My_Picture_3.1_Build_40615.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ShutOff 2000 2.8.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sibelius_3.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sib_Mobile_Imager_2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SoundTap_Streaming_Audio_Recorder_1.25.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Spyware Remover 7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SQLite_Analyzer_3.0.4.12_Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Stephanie 1.0 [KeyGen].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\StockWatch 4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Sudoku Puzzles.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Surprise_Maker_3.4.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Symantec.Mobile.Security.For.Symbian.s60.s80.With.Instructions.(So7T).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\SyncBot_3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TestTrack_Pro_7.5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ThinXP_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TimePunch 1.82.04 Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\ToOnScreen Isabel 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Troubleshooting Motor Controls 3.0 (KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\TuberPlayer 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Txt2fil 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Undo_Delete_1.00_Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Unreal_Tournament_2003_-_Hive_deathmatch_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Unreal_Tournament_2004_AS_Unknown_Cube_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\USPS_Postnet_Fonts_3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VDTimer_1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VGadgetNT 1.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Video2Photo_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\VideoVista Standard Edition 2.3.0 Key+Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Vidophone_H323_Softphone_1.6.1.0_(Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Virtual_BassLine_3.5_[With_Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Watermark_Photos_1.0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Whizlabs_SCMAD_Preparation_Kit_6.0.1_(KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\WinMatrix 2.32.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\X360_Multi-page_Tiff_Converter_OCX_2.0_Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\XP Icons 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Yahoo Quotes Downloader 1.08.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\m\shared\Zipfusion_6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 Jun 02 - 03_30_03 AM_578.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 May 25 - 03_30_12 AM_484.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Log\2008 May 25 - 10_46_26 AM_078.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups\2008-05-25_10-52-51.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Papa\Application Data\RegistrySmart\Registry Backups\2008-05-27_16-57-07.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 01_41_14 PM_565.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 02_57_52 PM_187.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 08_44_07 PM_875.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Log\2008 Mar 26 - 09_51_57 PM_046.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\John.CARLOS\Application Data\RegistrySmart\Registry Backups\2008-03-26_21-57-18.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cmstp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\mqtgsvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
réouvre malewarebyte
va sur quarantaine
sipprime tout
Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
va sur quarantaine
sipprime tout
Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
