Sujet Précédent Sujet Suivant

Probleme win32 :beagle-AHD (wrm) et trojan

lov_dox -  
 cynol -
Bonjour, mon ami a eu un problème avec son ordinateur, après avoir télécharger je ne sais quel programme en P2P il a été infecté par un virus/ver beagle.. Donc plus d'antivirus, plus de connexion internet, pas de restauration possible...
J'ai quand même réussi à restaurer l'ordinateur à récupérer l'antivirus et connexion wifi par une méthode un peu détournée (j'ai créé un nouveau compte utilisateur et j'ai réussi à faire la restauration) et une fois l'ordi redémarré tout marche et je lance donc le scan avast qui m'a détecté ce virus win32 : Beagle-AHD [wrm]..

Le problème c'est que je ne sais pas si je peux supprimer les fichier car ce virus a infecté des fichiers de windows et n'y connaissant pas grand chose j'ai peur de supprimer un fichier indispensable au bon fonctionnement de windows (XP au fait) et avast n'arrive pas à les réparer.. j'ai donc choisi l'option ignorer d'avast et donc je me tourne vers vous pour savoir quoi faire..

J'attends qu'avast ai finit son analyse et si je peux je vous envoie le rapport.

Merci d'avance de votre aide.

6 réponses

Réponse 1 / 6
sherred Messages postés 8605 Statut Membre 351
 
--> Télécharge FindyKill sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l'installation avec les paramètres par defaut

--> Double-clique sur le raccourci FindyKill sur ton bureau

--> Au menu principal, choisis l'option 1 (Recherche)

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
0
lov_dox
 
ok je fais ça merci d'avoir repondu si vite
0
lov_dox
 
----------------- FindyKill V4.709 ------------------

* User : oualid - EREBUS
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 10/12/08 par Chiquitine29
* Recherche effectuée à 14:13:34 le 16/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WinZip\WZQKPICK.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS

Found ! [08/10/2008 01:50] - "C:\WINDOWS\exefld"

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch


»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\oualid\Application Data


»»»» Presence des fichiers dans C:\DOCUME~1\oualid\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\oualid\Local Settings\Temporary Internet Files\Content.IE5

Found ! [09/11/2008 18:29] - C:\Documents and Settings\AlbumArt_{1388201D-FB64-421C-B410-8BA2ABEDD14E}_Large.jpg
Found ! [09/11/2008 18:28] - C:\Documents and Settings\AlbumArt_{1388201D-FB64-421C-B410-8BA2ABEDD14E}_Small.jpg
Found ! [27/10/2008 18:25] - C:\Documents and Settings\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Large.jpg
Found ! [27/10/2008 18:25] - C:\Documents and Settings\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Small.jpg
Found ! [27/10/2008 18:28] - C:\Documents and Settings\AlbumArt_{9863CB64-AE2A-4D74-BCF0-BF8C5FE241D2}_Large.jpg
Found ! [27/10/2008 18:28] - C:\Documents and Settings\AlbumArt_{9863CB64-AE2A-4D74-BCF0-BF8C5FE241D2}_Small.jpg
Found ! [04/10/2008 18:38] - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Temporary Internet Files\Content.IE5\C5MZ496B\WMP8dd461cf-50ab-4d7c-be10-49b795b642a9[1]..jpg
Found ! [10/11/2008 02:22] - C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\BO film Honey - 2003\AlbumArt_{B3520F25-D2B8-4D1D-BA00-2C3DF276B64B}_Large.jpg
Found ! [10/11/2008 02:22] - C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\BO film Honey - 2003\AlbumArt_{B3520F25-D2B8-4D1D-BA00-2C3DF276B64B}_Small.jpg
Found ! [18/01/2006 17:20] - C:\Documents and Settings\oualid\Bureau\Mes documents\Ma musique\Arno\A La Fran‡aise\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Large.jpg
Found ! [18/01/2006 17:20] - C:\Documents and Settings\oualid\Bureau\Mes documents\Ma musique\Arno\A La Fran‡aise\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Small.jpg
Found ! [27/10/2008 19:27] - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{9064DA00-B642-4084-A513-9D372364F95A}_Large.jpg
Found ! [27/10/2008 19:27] - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{9064DA00-B642-4084-A513-9D372364F95A}_Small.jpg
Found ! [27/10/2008 19:25] - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{BC6EB64F-FC29-4C79-8168-207B4ACD1447}_Large.jpg
Found ! [27/10/2008 19:25] - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{BC6EB64F-FC29-4C79-8168-207B4ACD1447}_Small.jpg
Found ! [11/10/2008 20:37] - C:\Program Files\eMule\Incoming\AlbumArt_{AB642184-F9E1-4955-845A-1BE53213A323}_Large.jpg
Found ! [11/10/2008 20:37] - C:\Program Files\eMule\Incoming\AlbumArt_{AB642184-F9E1-4955-845A-1BE53213A323}_Small.jpg
Found ! [10/10/2008 17:50] - C:\unzipped\CAMPING BO de film de dubosc (l'album complet) BON\DESOLE, CE N'EST PAS- LE BON ALBUM\Greatest Hits\AlbumArt_{89B64DA3-FF46-4708-BF67-6013B6264A43}_Large.jpg
Found ! [10/10/2008 17:50] - C:\unzipped\CAMPING BO de film de dubosc (l'album complet) BON\DESOLE, CE N'EST PAS- LE BON ALBUM\Greatest Hits\AlbumArt_{89B64DA3-FF46-4708-BF67-6013B6264A43}_Small.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
IMJPMIG8.1=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
ssdiag=C:\WINDOWS\ssdiag.exe
Realtime Audio Engine=mmrtkrnl.exe
VTTimer=VTTimer.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
SpySpotter System Defender=C:\Program Files\SpySpotter3\Defender.exe -startup
PCMService="c:\Apps\Powercinema\PCMService.exe"
P2P Networking=C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
KAZAA=C:\Documents and Settings\oualid\Mes documents\Kazaa.exe /SYSTRAY
FaxCenterServer="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
AltnetPointsManager=c:\program files\altnet\points manager\points manager.exe -s
Adobe Photo Downloader="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
VTTrayp=VTtrayp.exe
Synchronization Manager=%SystemRoot%\system32\mobsync.exe /logon
DLA=C:\WINDOWS\System32\DLA\DLACTRLW.EXE
SoundMan=SOUNDMAN.EXE
lxcgmon.exe="C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
EzPrint="C:\Program Files\Lexmark 2300 Series\ezprint.exe"
LXCGCATS=rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
AliceSAV=C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
EoEngine="C:\Program Files\EoRezo\EoEngine.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1


--------------- [ Registre / Clés infectieuses ] ----------------



--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 3

Ip6Fw - Type de démarrage = 3

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

I: - Lecteur de CD-ROM

J: - Lecteur amovible


+- Contenu de l'autorun : I:\autorun.inf

[autorun]
open=autorun.exe
icon=kit.ico



+- Contenu de l'autorun : J:\autorun.inf

[AutoRun]
open=RavMon.exe e
shellexecute=RavMon.exe e
shell\Auto\command=RavMon.exe e
shell=Auto

+- presence des fichiers :

Found ! [28/09/2000 21:04][-r-------] - I:\autorun.inf
Found ! [04/03/2007 19:08][--ahs----] - J:\autorun.inf


--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
cynol
 
Bravo, super méthode tout est opérationel!
0
Réponse 2 / 6
lov_dox
 
mais je crois que je vais avoir du mal a faire aussi vite car autant mon pc marche très bien autant le sien (où se trouve le virus) est d'une lenteur impossible en 5 min je n'ai pas encore réussi a ouvrir mozilla..
0
Réponse 3 / 6
lov_dox
 
findykill ne marche pas.. il me mets un msg d'erreur "Windows - pas de disque" exception processing message (+ pleins de chiffres)

que dois je faire?
0
Réponse 4 / 6
lov_dox
 
heu en fait c'est bon je crois qu'il mettait pas de disque lorsqu'un lecteur était vide... voila le rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
sherred Messages postés 8605 Statut Membre 351
 
ok tu es bien infecté
relance en nettoyage option 2
tu me poste les resultats
puis télecharge ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html

Lance HijackThis en double cliquant sur son icône puis cliquez sur le bouton do a system scan and save a logfile

Le rapport est retranscrit aussitôt apres le scan dans une fenêtre de type Bloc-notes
realiser un copier/coller et de le poster dans le forum
0
lov_dox
 
----------------- FindyKill V4.709 ------------------

* User : oualid - EREBUS
* executed from : C:\Program Files\FindyKill
* Update on 10/12/08 par Chiquitine29
* Start at 16:04:25 the 16/12/2008
* Windows XP - Internet Explorer 7.0.5730.11


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS

Deleted ! - C:\WINDOWS\exefld\14926484.exe
Deleted ! - C:\WINDOWS\exefld\15747843.exe
Deleted ! - C:\WINDOWS\exefld\16944218.exe
Deleted ! - C:\WINDOWS\exefld\17024093.exe
Deleted ! - C:\WINDOWS\exefld\29670203.exe
Deleted ! - C:\WINDOWS\exefld\30522593.exe
Deleted ! - C:\WINDOWS\exefld\411328.exe
Deleted ! - C:\WINDOWS\exefld\412281.exe
Deleted ! - C:\WINDOWS\exefld\44207968.exe
Deleted ! - C:\WINDOWS\exefld\45468187.exe
Deleted ! - C:\WINDOWS\exefld\60040031.exe
Deleted ! - C:\WINDOWS\exefld\74627906.exe
Deleted ! - C:\WINDOWS\exefld\75400515.exe
Deleted ! - C:\WINDOWS\exefld\89232125.exe
Deleted ! - "C:\WINDOWS\exefld"

»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\oualid\Application Data


»»»» Supression files in C:\DOCUME~1\oualid\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\oualid\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\AlbumArt_{1388201D-FB64-421C-B410-8BA2ABEDD14E}_Large.jpg
Deleted ! - C:\Documents and Settings\AlbumArt_{1388201D-FB64-421C-B410-8BA2ABEDD14E}_Small.jpg
Deleted ! - C:\Documents and Settings\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Large.jpg
Deleted ! - C:\Documents and Settings\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Small.jpg
Deleted ! - C:\Documents and Settings\AlbumArt_{9863CB64-AE2A-4D74-BCF0-BF8C5FE241D2}_Large.jpg
Deleted ! - C:\Documents and Settings\AlbumArt_{9863CB64-AE2A-4D74-BCF0-BF8C5FE241D2}_Small.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{072278F4-0B64-4926-B263-ECE261182DBB}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{2921A960-1A6E-4D31-8EC1-B640DDD396BE}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{329ABA2F-B648-4E28-B237-CDD54F34C954}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{4B862B64-F51D-42B7-9867-EA0FAEB3E0F5}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{599D432B-7781-4EA0-A7F2-00B65CB64FF4}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{6D62E0BB-69E4-445D-AFB1-DB64900C992C}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{D31D1491-3496-4742-8928-B645AB4E3AA8}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{DD27A2AE-B6BD-4541-824A-102A6BAD5B64}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{DE1E531F-D0DB-47C6-97B3-6D6540EEB648}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{FCD2CBF3-93D3-4EB9-BBCC-E569E5B646C5}.jpg
Deleted ! - C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Local Settings\Temporary Internet Files\Content.IE5\C5MZ496B\WMP8dd461cf-50ab-4d7c-be10-49b795b642a9[1]..jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\BO film Honey - 2003\AlbumArt_{B3520F25-D2B8-4D1D-BA00-2C3DF276B64B}_Large.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\BO film Honey - 2003\AlbumArt_{B3520F25-D2B8-4D1D-BA00-2C3DF276B64B}_Small.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\Ma musique\Arno\A La Fran‡aise\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Large.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\Ma musique\Arno\A La Fran‡aise\AlbumArt_{54EFC167-FA69-44EB-BB64-2DEAEE84510D}_Small.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{9064DA00-B642-4084-A513-9D372364F95A}_Large.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{9064DA00-B642-4084-A513-9D372364F95A}_Small.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{BC6EB64F-FC29-4C79-8168-207B4ACD1447}_Large.jpg
Deleted ! - C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\AlbumArt_{BC6EB64F-FC29-4C79-8168-207B4ACD1447}_Small.jpg
Deleted ! - C:\Program Files\eMule\Incoming\AlbumArt_{AB642184-F9E1-4955-845A-1BE53213A323}_Large.jpg
Deleted ! - C:\Program Files\eMule\Incoming\AlbumArt_{AB642184-F9E1-4955-845A-1BE53213A323}_Small.jpg
Deleted ! - C:\unzipped\CAMPING BO de film de dubosc (l'album complet) BON\DESOLE, CE N'EST PAS- LE BON ALBUM\Greatest Hits\AlbumArt_{89B64DA3-FF46-4708-BF67-6013B6264A43}_Large.jpg
Deleted ! - C:\unzipped\CAMPING BO de film de dubosc (l'album complet) BON\DESOLE, CE N'EST PAS- LE BON ALBUM\Greatest Hits\AlbumArt_{89B64DA3-FF46-4708-BF67-6013B6264A43}_Small.jpg

--------------- [ Registry / Infected keys ] ----------------


--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

I: - Lecteur de CD-ROM

J: - Lecteur amovible


+- deleting files :

Not deleted !! - I:\autorun.inf
Deleted ! - J:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\oualid\Bureau\Bureau\Disque amovible (I)\disc nw\JEU - Le.monde.de.Nemo- JEUX PC - Fr - Crack NoCD.Zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\(Logiciel PC + Crack) MaGic TranSlator (traducteur anglais, francais, italien, allemand..).rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Alcatech BPM-Studio Pro 4.8.0.0 - Multilingual+Crack+Skins.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Crack
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel De Gravure Nero V 6.6.0.1 Fr Serial Crack Ok.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel TuneUp Utilities 2006 FR Crack.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Luxor-jeux pc+crack(riton).zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\NOUVEAUTE logiciel Code de la route 2006 francais Exclu + cracks + key serial + infos.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool Crack (Bejeweled2Deluxe, Bigkahunareef, Luxor, Zumadeluxe, Mahjong, Magicball2, Alien Shooter,) A-1 Par Dancer.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Piano Virtual - Keyboard PC + Crack.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Virtual Pool 3 Crack all versions - vp3 NoCD - working.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Virtual.DJ.Studio.v3.0 + Crack.zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\[Mixer] - Atomix VirtualDj 2.00 + Crack + Effects + Samples + Skins.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\[Pc-CracK]Virtual Tenis 3 CracK.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\[PROGRAMM] Atomix MP3 v2.1 Mixer for the DJ - Crack & Add-ons.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Crack\VT3.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Comment gagner du fric !!!!!
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Nero-7.0.1.2_fra
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Comment gagner du fric !!!!!\Pour preuve Mon relev‚ de compte Paypal.htm
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Comment gagner du fric !!!!!\QUE DU BENEF.doc
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Comment gagner du fric !!!!!\Vid‚o … voir en premier.avi
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Nero-7.0.1.2_fra\Keygen.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Nero-7.0.1.2_fra\Nero Burning ROM v7.0.1.2 Premium Keygen.rar
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Nero-7.0.1.2_fra\Nero-7.0.1.2_fra.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Logiciel_N‚ro7_francais+Crack -c'est le vrai!!!!!\Logiciel_N‚ro7_francais+Crack\Nero-7.0.1.2_fra\orion.nfo
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\music decompress‚es\The Rolling Stones 1971-1981\27-Love you live(1977)\13-Crackin'up.mp3
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\music decompress‚es\[56.Full.Albums].The.Rolling.Stones.-.Discografia(+Covers)\Crackin' Up.mp3
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\music … decompresser\music decompress‚es\[56.Full.Albums].The.Rolling.Stones.-.Discografia(+Covers)\Crackin' Up.scn
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\JEU - Le.monde.de.Nemo- JEUX PC - Fr - Crack NoCD.Zip
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\QuickZip 2.22 + Crack
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinRar 3.42 Fr + Crack
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\QuickZip 2.22 + Crack\QuickZip Fr 146.reg
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\QuickZip 2.22 + Crack\quickzip.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinRar 3.42 Fr + Crack\wrar342fr.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Procedure.txt
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\WinZip Patch Fr.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\FILE_ID.DIZ
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\LICENSE.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\ORDER.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\README.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\SETUP.EXE
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\SETUP.WZ
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\VENDOR.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\WHATSNEW.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\nw proG\regroupemt log. zip, quik z. winrar, winzip\WinZip 9.0 Fr + Keygen\Setup Winzip 9.0\WINZIP.TXT
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe 1.0 (Crack Only).exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Big Kahuna Reef\Eclipse KeyGen.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Magic Ball 2\Crack
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Magic Ball 2\Crack\Comment faire.rtf
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Magic Ball 2\Crack\magicball2res.dll
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\properties
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\zd_crk.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\Zuma.exe
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\Blackswirley
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\claw
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\coaster
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\groovefest
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\inversespiral
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\longrange
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\loopy
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\overunder
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\perm_thumbnails
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\riverbed
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\serpents
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\snakepit
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\space
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\spaceinvaders
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\spiral
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\squaresville
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\targetglyph
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\tiltspiral
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\triangle
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\tunnellevel
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\turnaround
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\underover
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\warshak
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\Blackswirley\blackswirley-1.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\Blackswirley\blackswirley-2.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\claw\claw.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\coaster\coaster.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\groovefest\groovefest.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\inversespiral\inversespiral.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\longrange\longrange.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\loopy\loopy.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\overunder\overunder.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\riverbed\riverbed.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\serpents\serpents-1.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\serpents\serpents-2.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\snakepit\snakepit-1.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\snakepit\snakepit-2.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\space\space.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\spaceinvaders\spaceinvaders.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\spiral\spiral.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\squaresville\squaresville.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\targetglyph\targetglyph.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\tiltspiral\tiltspiral.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\triangle\triangle.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\tunnellevel\tunnellevel.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\turnaround\turnaround.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\underover\underover.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\levels\warshak\warshak.dat
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\properties\partner.xml
C:\Documents and Settings\oualid\Bureau\Bureau\Nouveau Porte-documents\Petits Jeux Cool\Zuma Deluxe\Crack-Patch\properties\partner.xml.sig
C:\Documents and Settings\oualid\Bureau\Mes documents\My Shared Folder\Dutronc - Crack boum hue.MP3
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\ALCATech\BPM-Studio Profi\le reste du prg. en zip\Alcatech BPM-Studio Pro 4.8.0.0 - Multilingual+Crack+Skins.zip
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\ALCATech\BPM-Studio Profi\le reste du prg. en zip\[Apps] WinZip 9.0 Fr + WinRar 3.42 Fr + WinAce 2.55 Fr + QuickZip 2.22 Fr + Cracks.zip
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\ALCATech\BPM-Studio Profi\le reste du prg. en zip\[Winace 2.20 Winrar 3.20 Winzip 8.1] Fr Cracks-Keygen.exe


---------------- ! End of report ! ------------------
0
lov_dox > lov_dox
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:30, on 16/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cisvc.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st#home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ssdiag] C:\WINDOWS\ssdiag.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Documents and Settings\oualid\Mes documents\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: TelechargerSoftware - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\oualid\Application Data\TelechargerSoftware.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1180978477296
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - https://www.3ds.com/products-services/3dvia/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
0
lov_dox > lov_dox
 
il télécharge vraiment n importe quoi c'est étonnant que ça ne lui soit pas arrivé avant... bon courage pour lire tout ça ..
et pourriez vous aussi faire qqch pour l'extrême lenteur de cet ordinateur? si cela ne vous ennuie pas trop.
Merci de votre attention :)
0
sherred Messages postés 8605 Statut Membre 351 > lov_dox
 
ce sont des crack qui ton filé ce virus
télecharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
lov_dox > sherred Messages postés 8605 Statut Membre
 
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1507
Windows 5.1.2600 Service Pack 3

16/12/2008 22:17:41
mbam-log-2008-12-16 (22-17-41).txt

Type de recherche: Examen rapide
Eléments examinés: 63367
Temps écoulé: 51 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 210

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pbfrv2.pbfrv2 (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2ab289ae-4b90-4281-b2ae-1f4bb034b647} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1 (Adware.RXToolbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\p2p networking (Backdoor.Bot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\HTML (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\rqRJBQhi.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\Thumbs.db (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\Thumbs.db (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\_Ticker_ticker.txt (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\CacheCatalog.rx (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\rx.xml (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\rxtoolbar.cfg (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\rxwebsearches.xsl (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\sfcont.bin (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\yahoo.xsl (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTdownload501_avast_com_iavs4pro_setupfre_exeNC (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTfr_yahoo_com_ (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTmagic56_free_fr_ (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_01net_com (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_avast_com_ (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_ebay_fr_ (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_fr_com_ (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_qklinkserver_com_activity_in_asp_bid=6900NC (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_srch-results_com_lm_imp_rxt_asp_si=19902&k=une%20sessionNC (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\Cache\CTwww_srch-results_com_lm_imp_rxt_asp_si=19902&k=vous%20avezNC (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\additional.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\additional_active.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\background.jpg (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\blue_hr_horz.GIF (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\gray_hr_horz.GIF (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\Thumbs.db (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\thumbtack.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\thumbtack_active.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\graphics\thumbtack_click.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\HTML\content.htm (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Program Files\RXToolBar\HTML\main.htm (Adware.RXToolbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\(Kaspersky.Anti-Virus.Personal.Pro).v5.0.20.Final+reg+license.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\1D0-410_CIW_Foundations_for_CIW_Associat_6.11.05_Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\1st_Startup_Manager_1.0_(KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\2_Panda.Antivirus.Platinum.7.04.+.Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\3D_Impact_Pro_1.28.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\ABF_Slide_Show_Screen_Saver_1.6.3.45_(Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Active_Key_Logger_3.7.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Ameol_2.55.2048.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Any_DWG_to_DWF_Converter_2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Astrology_Prophet_Pro_3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Astronomy_Stuff_1.2.0_[Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Audio_To_WMA_Converter_1.00_[Cracked].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\AutoSudoku_2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Auto_Web_Browser_1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\AVG_Internet_Security_7.5.484a1100.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Baccarat_Basic_Strategy_Analysis_2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Battery_Monitor_2.5.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\BBC_World_Cup_Wallchart.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Beavis_and_Butt-head_in_Virtual_Stupidity_Bug_Justice_demo.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Bedlam_2_1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Best_Consignment_Shop_Software_Deluxe_Edition_4.4.403_(Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\BG.-.B.T.R..(2002).-.Igrata.(by.PANDA_1960).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\BT_Engine_5.03_Build_070605_Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\CB_Backup_Copy_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\CD-Ejector_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\CD-Lock_07.03.2_Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\CD_Extractor_Control_1.3_[Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Chart3D_7.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Church_3D_screensaver_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Coastal_Clips_3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\crack.Symantec.Norton.Ghost.2006.v10.By.Astalavista.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\cxxtools_1.4.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Dacris_Benchmark_5.0_Build_5005_(Cracked).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Desktop_Fay_2.8_KeyGen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Digital_Camera_Photo--MP3--File_Renamer_Pro_4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Dora_the_explorer_3D_Pyramid_Adventure_1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\E-guide_to_UK_Shopping_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Easy_French_Dialogs_3.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Easy_PDF_Creator_1.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Easy_Photo_Recovery_1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Edovia_AntiSpam_2005_4.1_(Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Everyone's_Legal_Forms_Professional_2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Export_Table_to_Excel_for_MS_SQL_Server_Professional_1.00.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\eZee_FrontDesk_Hotel_Software_5.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Filzip_3.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Find_SSNs_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Flash_Screen_Saver_Builder_2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\flying_dream_screensaver_01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Folder_Guard_Professional_7.91.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Foxit_Reader_for_U3_2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Fractal_Wonderland_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Gas_Station_Software_4.1_(Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\GF_02_book_2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Halo_Combat_Evolved_Race_Track_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Happy_XP-3000_Drop-down_Menu_1.30.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Home_Movie_Library_Database_1.0_(KeyGen).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Hot_Pipes_1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\HTML_Code_converter_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\iCast_4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Ice_RSS_Reader_0.9.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Indianapolis_Toolbar_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Instant_Report_1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\JDock_1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\JEP_3.0.0_Cracked.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\JT_Maps_2005_1.3.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Kaspersky.6.0.0.303.Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Kaspersky.Anti-Virus.Internet.Security.6.0.0.300.Final.German.Incl.Key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Kaspersky.Antivirus_v6.0.0.303_[spanish.WinAll.by.KaTeLmE.inc.keys(2007-10-25).+.manual].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\KidzLog_1.3_(Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\LanWatchDog_Enterprise_3.0_(Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\LingvoSoft_Dictionary_2007_English_-_Bosnian_4.0.22.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Loan_Advisor_1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Look2Skype_1.4.0.8_(Cracked).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Majestic_Lighthouse_Screensaver_1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Maverick_Launch_Centre_3.0_(Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\MITCalc_-_Pinned_couplings_1.12.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Mo-Search_2.7.0_Beta.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\mp3-2-wav_converter_1.16.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\MP3_EasySplitter_2.14.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\MSN_Explorer_Theme_for_Win9x_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\MyFriendStats_1.0_Serial.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Norton.Antivirus-Personal.Firewall-Systemworks.2005.Professional.Corporate.Edition.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\NumericalChameleon_1.6.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\OraFSPlus_SQL_Editor_2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PC_Sentinel's_Red-Handed_2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Pearl_Harbor_Defend_the_Fleet_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PersonalPMO_1.0.3.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Pet_Sitting_2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PfiOO_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Phantom_Pass_1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Phishing_Doctor_2.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PhotoDub_1.0.0.37.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Photo_to_PSP_1.10_[KeyGen].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PingCOPA_Ping_and_Traceroute_2.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Pinky_5.94_(Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Presto_Web_FX_2.0_(With_Crack).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\PS_Hot_Folders_2.2_(Key).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Punch_Clock_2005_1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Rabbit_Font_1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Riviera_Multimedia_Loader_1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Securibook_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SendScheduler_Outlook_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\sendSMS_0.3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\ShopKeep_4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SimpleDownload_3.33.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Simple_Weight_Loss_Calculator_1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Skydom_Messenger_1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SLInvest_1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Soulseek_1.57_test_8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SpellServer_PHP_4.0c.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SuperPower_2_patch_1.2b.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SuperResolution_plugin_1.0.2_(Patch).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\SysTrayX_3.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Tab_Killer_1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Tax_Brackets_Estimator_1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\the_seeker_0.7.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\The_Sitter_2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Unreal_Tournament_2003_-_Valley_of_Death_deathmatch_map.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\VerseQ_3.0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\VIRTUAL_TALKING_PARROT_0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Visual_Vendor_1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\WebMail_3.1n2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Web_Conference_1.9.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\WinEst_PlanX_Pro_8.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Xilisoft_YouTube_to_iPod_Converter_1.0.38.0723_[With_Crack].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\xrEvidence_2.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Yeosoft_CD_AudioGrabber_Lite_1.2_(Key+Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\ZIPCodeWorld_United_States_Gold_Congressional_District_Edition_November_2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Account.9964 (Retrieved after unexpected restart.)\Application Data\m\shared\Zoner_3D_Photo_Maker_1.0_[Serial].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Setup.EXE (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
0
Réponse 6 / 6
lov_dox
 
je pense que ça a marché.. je lance le scan avast pour voir si il détecte encore qqch..
sinon pour la lenteur du système d'exploitation pensez vous qu'un logiciel comme easycleaner pourrait améliorer cela ?
ou pourriez vous me conseiller autre chose?
0
sherred Messages postés 8605 Statut Membre 351
 
Ccleaner plutot
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
fait un nettoyage et une reparation de la base de registre avec ccleaner

tu peu aussi faire ca
allez dans le menu demarrer

choisir executer

taper "msconfig"

et dans l'onglet demarrage

decocher tous " sauf l'anti virus et le pare feu"

clic sur ok et redemarre le pc


tu ne risque rien , et si un programe te manque , tu peu refaire l'action inverse

enfin ToolsCleaner sur
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
executer ce petit nettoyage en mode normale
il va te debarrasser des outils devenus inutiles

0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses
Pb Windows 7, .EXE n'est pas app win32 valide
Witeric -
Lio -

15 réponses