Flux rss
Ils ont besoin de votre aide
Collection CommentCaMarche.net
Rechercher : dans
Par : Pertinence Date Nom d'utilisateur
47 réponses 123 Suivant
Statut : Résolu

Comment supprimer Antispyware 2009 ?

passpartt, le mercredi 8 octobre 2008 à 19:07:11
Bonjour.
Mon ordinateur est infecté par un rogue : XP Antispyware 2009. Il me bloque des pages internet, m'en ouvre sans demande, m'indique que mon ordinateur est infecté, me propose une 'analyse' du système...etc.
J'ai essayé de la supprimer avec SpyHunter mais je n'y suis pas arrivée. Je ne trouve pas XP Antispyware 2009 dans C:/Programme Files ni dans Processus ; pourtant il est toujours bien là...

Quelqu'un pourrait-il m'indiquer la démarche à faire ?

Je n'en peux plus de ce faux antispyware...

Merci d'avance.
Configuration: Windows XP
Internet Explorer 7.0
Répondre à passpartt  Signaler ce message aux modérateurs Aller au dernier message

1


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Destrio5, le mercredi 8 octobre 2008 à 19:12:23
Salut,

- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_­4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé) :
http://www.malekal.com/modesansechec.php

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php­
   
Répondre à Destrio5

6


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
REBUS, le jeudi 9 octobre 2008 à 18:28:30
Merci j'ai eu le même problème depuis le 7 octobre 2008 et le 8 c'est là que je suis venu à tout hasard.
J'ai fait ce que vous avez conseillé sauf que je n'ai pas réussi à enregistrer le rapport et le poster au tutorial.
Mais résultat très positif.Le rogue est parti encore merci.
rébus
   
Répondre à REBUS

2


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
passpartt, le mercredi 8 octobre 2008 à 21:48:19
voila le rapport : (merci d'avance)

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1244
Windows 5.1.2600 Service Pack 2

08/10/2008 21:46:47
mbam-log-2008-10-08 (21-46-47).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 232605
Temps écoulé: 2 hour(s), 5 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 38
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 21
Fichier(s) infecté(s): 236

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spcron (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Svconr (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Svconr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Spcron (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4115 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Updater\4115 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\JavaCore\UnInstall.exe (Adware.Insider) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\srff.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP912\A0218367.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\karna.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4115\dbghelp.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\dbghelp.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\remoteblacklist (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Updater\4115\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\VideoEgg\Updater\4115\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\youtubex.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emesx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup012.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup020.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMb38a3b71.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMb38a3b71.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\brastk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
   
Répondre à passpartt

3


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Destrio5, le mercredi 8 octobre 2008 à 21:51:23
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix\Combofix.txt
   
Répondre à Destrio5

7


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
passpartt, le jeudi 9 octobre 2008 à 18:35:46
Voila le scan de ComboFix ...



ComboFix 08-10-08.05 - HP_Propriétaire 2008-10-09 17:54:49.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.596 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\HP_Propriétaire\Application Data\ECURIT~1
C:\Documents and Settings\HP_Propriétaire\Mes documents\PPATCH~1
C:\Program Files\INSTALL.LOG
C:\Program Files\Movie Maker\profsywuy.html
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar\1.bin\N2FFXTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\N2NTSTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\PARTNER.DAT
C:\Program Files\Need2Find\bar\Cache\[u]0/u0298A66
C:\Program Files\Need2Find\bar\Cache\files.ini
C:\Program Files\Need2Find\bar\History\search
C:\Program Files\Need2Find\bar\Settings\prevcfg.htm
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\axoyikpk.ini
C:\WINDOWS\system32\dnbtowpk.ini
C:\WINDOWS\system32\dNnqBcfe.ini
C:\WINDOWS\system32\dNnqBcfe.ini2
C:\WINDOWS\system32\eyusokk.dat
C:\WINDOWS\system32\eyusokk.exe
C:\WINDOWS\system32\eyusokk_nav.dat
C:\WINDOWS\system32\eyusokk_navps.dat
C:\WINDOWS\system32\eyusokk_navup.dat
C:\WINDOWS\system32\ffhkj.ini
C:\WINDOWS\system32\ffhkj.ini2
C:\WINDOWS\system32\ibrkgytj.ini
C:\WINDOWS\system32\lpatdwhs.ini
C:\WINDOWS\system32\molrfbij.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\radnwnuv.ini
C:\WINDOWS\system32\yrxcstac.ini
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-09 au 2008-10-09 ))))))))))))))))))))))))))))))))))))
.

2008-10-09 06:47 . 2008-10-09 06:47 118,784 --a------ C:\WINDOWS\system32\gdqfytmt.exe
2008-10-08 20:01 . 2008-10-08 20:02 <REP> d-------- C:\rsit
2008-10-08 20:01 . 2008-10-08 20:02 <REP> d-------- C:\Program Files\trend micro
2008-10-08 18:38 . 2008-10-08 18:38 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-08 18:38 . 2008-10-08 18:38 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-10-08 18:38 . 2008-10-08 18:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-08 18:38 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-08 18:38 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-08 17:02 . 2008-10-09 13:05 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-10-08 13:15 . 2008-10-08 13:15 <REP> d-------- C:\Program Files\Enigma Software Group
2008-10-08 13:09 . 2008-10-08 13:09 19,628 --a------ C:\Program Files\Fichiers communs\juzisodyvi.reg
2008-10-08 13:09 . 2008-10-08 13:09 18,511 --a------ C:\WINDOWS\piwego.com
2008-10-08 13:09 . 2008-10-08 13:09 18,409 --a------ C:\Program Files\Fichiers communs\jeroqejo.exe
2008-10-08 13:09 . 2008-10-08 13:09 18,096 --a------ C:\Documents and Settings\All Users\Application Data\icifyfynol.bin
2008-10-08 13:09 . 2008-10-08 13:09 17,605 --a------ C:\WINDOWS\system32\umihutilan.pif
2008-10-08 13:09 . 2008-10-08 13:09 17,425 --a------ C:\WINDOWS\system32\tovecyjino.inf
2008-10-08 13:09 . 2008-10-08 13:09 16,101 --a------ C:\WINDOWS\system32\recemez.dat
2008-10-08 13:09 . 2008-10-08 13:09 15,708 --a------ C:\WINDOWS\jihiduce.com
2008-10-08 13:09 . 2008-10-08 13:09 13,859 --a------ C:\WINDOWS\hiqehiqu.dl
2008-10-08 13:09 . 2008-10-08 13:09 13,102 --a------ C:\Documents and Settings\HP_Propriétaire\Application Data\yzyquhusy.sys
2008-10-08 13:09 . 2008-10-08 13:09 10,577 --a------ C:\WINDOWS\ugelapekab.bat
2008-10-08 13:09 . 2008-10-08 13:09 10,415 --a------ C:\WINDOWS\dafugenil.scr
2008-10-08 13:01 . 2008-10-08 13:01 19,782 --a------ C:\WINDOWS\qumahywe.bin
2008-10-08 13:01 . 2008-10-08 13:01 16,904 --a------ C:\WINDOWS\zysozi.com
2008-10-08 13:01 . 2008-10-08 13:01 14,920 --a------ C:\WINDOWS\feqos.sys
2008-10-08 13:01 . 2008-10-08 13:01 14,792 --a------ C:\WINDOWS\folidery.bin
2008-10-08 13:01 . 2008-10-08 13:01 14,432 --a------ C:\WINDOWS\vepe.dat
2008-10-08 13:01 . 2008-10-08 13:01 13,354 --a------ C:\Program Files\Fichiers communs\cicota.exe
2008-10-08 13:01 . 2008-10-08 13:01 13,309 --a------ C:\WINDOWS\kyxijola._dl
2008-10-08 13:01 . 2008-10-08 13:01 12,185 --a------ C:\Program Files\Fichiers communs\cesizuzu.sys
2008-10-08 13:01 . 2008-10-08 13:01 10,974 --a------ C:\WINDOWS\gujovupamo.exe
2008-10-08 13:01 . 2008-10-08 13:01 10,232 --a------ C:\WINDOWS\witu.reg
2008-10-08 13:01 . 2008-10-08 13:01 10,066 --a------ C:\WINDOWS\wijewoked.vbs
2008-10-08 08:54 . 2008-10-08 08:54 19,750 --a------ C:\WINDOWS\utohut.reg
2008-10-08 08:54 . 2008-10-08 08:54 18,786 --a------ C:\WINDOWS\obimyseh.dat
2008-10-08 08:54 . 2008-10-08 08:54 18,106 --a------ C:\WINDOWS\epudura._sy
2008-10-08 08:54 . 2008-10-08 08:54 16,984 --a------ C:\Documents and Settings\All Users\Application Data\opilulu.vbs
2008-10-08 08:54 . 2008-10-08 08:55 15,464 --a------ C:\Documents and Settings\HP_Propriétaire\Application Data\diroxisupe.com
2008-10-08 08:54 . 2008-10-08 08:54 15,112 --a------ C:\WINDOWS\system32\igep.scr
2008-10-08 08:54 . 2008-10-08 08:54 14,457 --a------ C:\Documents and Settings\All Users\Application Data\iwagynij.pif
2008-10-08 08:54 . 2008-10-08 08:54 14,068 --a------ C:\WINDOWS\lymaqifana._dl
2008-10-08 08:54 . 2008-10-08 08:54 11,185 --a------ C:\Documents and Settings\HP_Propriétaire\Application Data\wedevaf.sys
2008-10-08 08:54 . 2008-10-08 08:54 10,680 --a------ C:\WINDOWS\anoguzoki._dl
2008-10-08 08:54 . 2008-10-08 08:54 10,419 --a------ C:\WINDOWS\system32\yzezuzud.db
2008-10-08 08:14 . 2008-10-08 08:14 19,266 --a------ C:\WINDOWS\vakava.dat
2008-10-08 08:14 . 2008-10-08 08:14 18,980 --a------ C:\WINDOWS\sava.ban
2008-10-08 08:14 . 2008-10-08 08:14 18,651 --a------ C:\Program Files\Fichiers communs\nuzumagi.sys
2008-10-08 08:14 . 2008-10-08 08:14 18,345 --a------ C:\WINDOWS\bahaqeruqo.dll
2008-10-08 08:14 . 2008-10-08 08:14 16,516 --a------ C:\WINDOWS\system32\zanuqy.ban
2008-10-08 08:14 . 2008-10-08 08:14 15,130 --a------ C:\Documents and Settings\HP_Propriétaire\Application Data\pexijomo.scr
2008-10-08 08:14 . 2008-10-08 08:14 14,821 --a------ C:\WINDOWS\wurada.bin
2008-10-08 08:14 . 2008-10-08 08:14 14,314 --a------ C:\Program Files\Fichiers communs\yzybesawu.vbs
2008-10-08 08:14 . 2008-10-08 08:14 13,763 --a------ C:\WINDOWS\qobevoni.vbs
2008-10-08 08:14 . 2008-10-08 08:14 13,269 --a------ C:\Documents and Settings\All Users\Application Data\pigydunu.bin
2008-10-08 08:14 . 2008-10-08 08:14 12,082 --a------ C:\Documents and Settings\All Users\Application Data\jiwocibivu.scr
2008-10-08 08:14 . 2008-10-08 08:14 11,462 --a------ C:\WINDOWS\fukirawu.exe
2008-10-08 08:14 . 2008-10-08 08:14 10,213 --a------ C:\WINDOWS\system32\ypywyb.dl
2008-10-08 08:12 . 2008-10-08 18:47 65,428 --a------ C:\WINDOWS\system32\wini104552502.exe
2008-10-05 19:13 . 2008-10-05 19:13 1,121,290 --a------ C:\WINDOWS\Babar 1.exe
2008-10-05 19:13 . 2008-10-05 19:13 312,324 --a------ C:\WINDOWS\Babar 1.scr
2008-10-05 19:13 . 2008-10-05 19:13 40,960 --a------ C:\WINDOWS\Babar 1.dll
2008-10-05 19:13 . 2008-10-05 19:13 18,192 --a------ C:\WINDOWS\Babar 1.dat
2008-10-03 18:49 . 2008-10-09 06:48 <REP> d-------- C:\Program Files\yjfcjyb
2008-10-03 18:49 . 2008-10-09 06:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\fizqlwvo
2008-10-03 08:26 . 2008-10-03 08:26 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-09-25 16:55 . 2008-09-25 17:00 <REP> d-------- C:\Program Files\SM
2008-09-12 19:17 . 2008-09-12 19:17 <REP> d-------- C:\divx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-09 13:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-08 11:01 15,676 ----a-w C:\Program Files\Fichiers communs\toxyji.dl
2008-10-08 11:01 10,690 ----a-w C:\Program Files\Fichiers communs\osihotopa.ban
2008-10-08 06:57 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer
2008-10-08 06:54 12,597 ----a-w C:\Program Files\Fichiers communs\iwawasosy.ban
2008-10-08 06:14 10,647 ----a-w C:\Program Files\Fichiers communs\luhe.ban
2008-10-07 14:50 47,312 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2008-10-06 14:48 --------- d-----w C:\Program Files\PhotoFiltre
2008-10-05 17:51 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Corel
2008-10-03 06:26 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-09-28 13:53 --------- d-----w C:\Program Files\Free Music Zilla
2008-09-16 17:09 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\DivX
2008-09-12 17:15 --------- d-----w C:\Program Files\DivX
2008-09-11 20:11 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\FMZilla
2008-09-07 18:54 --------- d-----w C:\Program Files\ALCATEL PC Suite
2008-09-06 19:03 --------- d-----w C:\Program Files\Screamer Radio
2008-09-02 18:46 --------- d-----w C:\Program Files\Apple Software Update
2008-08-31 17:07 --------- d-----w C:\Program Files\iTunes
2008-08-31 17:06 --------- d-----w C:\Program Files\iPod
2008-08-31 16:59 --------- d-----w C:\Program Files\Safari
2008-08-30 19:52 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-30 09:05 --------- d-----w C:\Program Files\Easy GIF Animator
2008-08-28 20:02 --------- d-----w C:\Program Files\Livre Album Fuji Photo
2008-08-28 20:00 --------- d-----w C:\Program Files\Passware
2008-08-20 15:01 --------- d-----w C:\Program Files\TrueCrypt
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-04-27 10:41 169,240 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2007-07-13 22:04 2,776,064 ----a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-19 18:13 6,422,611 ----a-w C:\Program Files\frostwire-4.13.1.6.windows.exe
2008-04-09 10:56 168 --sh--r C:\WINDOWS\system32\9C7F7C87DA.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-17 68856]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-01-22 985088]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"ComMsgInfo"="C:\WINDOWS\system32\gdqfytmt.exe" [2008-10-09 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]

C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Eurobarre.lnk - C:\Program Files\Eurobarre\eb.exe [2008-04-16 113664]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\vio\dvacm.acm
"VIDC.MJPG"= mtkjpeg.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"BMb38a3b71"=Rundll32.exe "C:\WINDOWS\system32\eljbwhex.dll",s
"b0b908ed"=rundll32.exe "C:\WINDOWS\system32\ynrdvsla.dll",b
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Zattoo\\zattood.exe"=
"C:\\Program Files\\Zattoo\\Zattoo1.exe"=
"C:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Zattoo\\Zattoo.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 AVWEBCAM;AV WebCam, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2005-11-22 215552]
R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2004-10-27 335360]
R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2004-10-24 24544]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 GameConsoleService;GameConsoleService;C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2007-11-02 181784]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-20 19034]
S3 SPC220NC;Philips SPC220NC Webcam;C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS [2007-01-09 507136]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\dvd-rom.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bb9ab96-4e98-11dd-9b4e-001167558f42}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69b81bd2-2760-11dd-9b33-001167558f42}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Tâches planifiées'

2008-10-06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-10-09 C:\WINDOWS\Tasks\GlaryInitialize.job
- C:\Program Files\Glary Utilities\initialize.exe [2008-04-09 13:22]

2008-10-09 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 19:22]

2008-10-09 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B3C51C26-58D8-43C1-967F-E06B1B92078E}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-brastk - C:\WINDOWS\system32\brastk.exe
HKLM-Run-eyusokk - c:\windows\system32\eyusokk.exe
HKLM-Explorer_Run-2WcEr01sW5 - C:\Documents and Settings\All Users\Application Data\fizqlwvo\tuhinqpu.exe
Notify-cbXRhGWN - cbXRhGWN.dll
Notify-pmnoolm - pmnoolm.dll


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\cjxde4uz.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.fr
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-09 18:01:24
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-09 18:08:45 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-09 16:08:42

Avant-CF: 33 910 181 888 octets libres
Après-CF: 35,267,112,960 octets libres

284 --- E O F --- 2008-09-24 01:03:22
   
Répondre à passpartt

8


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Destrio5, le jeudi 9 octobre 2008 à 19:14:32
/!\ Seul passpartt peut suivre cette procédure /!\


1/

---> Clique sur Démarrer, Exécuter, tape notepad clique sur OK.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :






KillAll::

File::
C:\WINDOWS\system32\gdqfytmt.exe
C:\Program Files\Fichiers communs\juzisodyvi.reg
C:\WINDOWS\piwego.com
C:\Program Files\Fichiers communs\jeroqejo.exe
C:\Documents and Settings\All Users\Application Data\icifyfynol.bin
C:\WINDOWS\system32\umihutilan.pif
C:\WINDOWS\system32\tovecyjino.inf
C:\WINDOWS\system32\recemez.dat
C:\WINDOWS\jihiduce.com
C:\WINDOWS\hiqehiqu.dl
C:\Documents and Settings\HP_Propriétaire\Application Data\yzyquhusy.sys
C:\WINDOWS\ugelapekab.bat
C:\WINDOWS\dafugenil.scr
C:\WINDOWS\qumahywe.bin
C:\WINDOWS\zysozi.com
C:\WINDOWS\feqos.sys
C:\WINDOWS\folidery.bin
C:\WINDOWS\vepe.dat
C:\Program Files\Fichiers communs\cicota.exe
C:\WINDOWS\kyxijola._dl
C:\Program Files\Fichiers communs\cesizuzu.sys
C:\WINDOWS\gujovupamo.exe
C:\WINDOWS\witu.reg
C:\WINDOWS\wijewoked.vbs
C:\WINDOWS\utohut.reg
C:\WINDOWS\obimyseh.dat
C:\WINDOWS\epudura._sy
C:\Documents and Settings\All Users\Application Data\opilulu.vbs
C:\Documents and Settings\HP_Propriétaire\Application Data\diroxisupe.com
C:\WINDOWS\system32\igep.scr
C:\Documents and Settings\All Users\Application Data\iwagynij.pif
C:\WINDOWS\lymaqifana._dl
C:\Documents and Settings\HP_Propriétaire\Application Data\wedevaf.sys
C:\WINDOWS\anoguzoki._dl
C:\WINDOWS\system32\yzezuzud.db
C:\WINDOWS\vakava.dat
C:\WINDOWS\sava.ban
C:\Program Files\Fichiers communs\nuzumagi.sys
C:\WINDOWS\bahaqeruqo.dll
C:\WINDOWS\system32\zanuqy.ban
C:\Documents and Settings\HP_Propriétaire\Application Data\pexijomo.scr
C:\WINDOWS\wurada.bin
C:\Program Files\Fichiers communs\yzybesawu.vbs
C:\WINDOWS\qobevoni.vbs
C:\Documents and Settings\All Users\Application Data\pigydunu.bin
C:\Documents and Settings\All Users\Application Data\jiwocibivu.scr
C:\WINDOWS\fukirawu.exe
C:\WINDOWS\system32\ypywyb.dl
C:\WINDOWS\system32\wini104552502.exe
C:\WINDOWS\Babar 1.exe
C:\WINDOWS\Babar 1.scr
C:\WINDOWS\Babar 1.dll
C:\WINDOWS\Babar 1.dat
C:\Program Files\Fichiers communs\toxyji.dl
C:\Program Files\Fichiers communs\osihotopa.ban
C:\Program Files\Fichiers communs\iwawasosy.ban
C:\Program Files\Fichiers communs\luhe.ban
C:\WINDOWS\system32\9C7F7C87DA.sys
C:\WINDOWS\system32\eljbwhex.dll
C:\WINDOWS\system32\ynrdvsla.dll

Folder::
C:\Documents and Settings\All Users\Application Data\fizqlwvo
C:\Program Files\yjfcjyb

DirLook::
C:\Program Files\SM

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ComMsgInfo"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"BMb38a3b71"=-
"b0b908ed"=-
"KernelFaultCheck"=-
"TkBellExe"=-
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bb9ab96-4e98-11dd-9b4e-001167558f42}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69b81bd2-2760-11dd-9b33-001167558f42}]







---> Colle la sélection dans le bloc-notes

---> Enregistre ce fichier sur le bureau (Impératif)

---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes


2/

---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/...

[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

[*] Une fois le scan achevé, un rapport va s'afficher : poste-le

[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt
   
Répondre à Destrio5

4


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
didou146, le jeudi 9 octobre 2008 à 12:43:06
Bonjour a tous,

J'ai le meme probleme depuis hier

Pouvez vous m'aidez ???

Je vais deja installer Malwarebyte et analyser et mode sans echec et sauvegarder le rapport

Merci
   
Répondre à didou146

5


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Nilou17, le jeudi 9 octobre 2008 à 17:39:02
Bonjour Didou146 ! :-))

Vous venez de répondre à un message en cours.
Pour une meilleure lisibilité, merci de créer votre propre message dans le forum.


Il vous suffit de cliquer sur ce lien : Ecrire un nouveau message dans le forum Virus-Sécurité
Remplissez les champs demandés, et envoyez votre message.


Merci de votre compréhension.
   
Répondre à Nilou17

9


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
passpartt, le jeudi 9 octobre 2008 à 19:52:42
Voila voila...


ComboFix 08-10-08.05 - HP_Propriétaire 2008-10-09 19:31:14.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.662 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\HP_Propriétaire\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
C:\Documents and Settings\All Users\Application Data\icifyfynol.bin
C:\Documents and Settings\All Users\Application Data\iwagynij.pif
C:\Documents and Settings\All Users\Application Data\jiwocibivu.scr
C:\Documents and Settings\All Users\Application Data\opilulu.vbs
C:\Documents and Settings\All Users\Application Data\pigydunu.bin
C:\Documents and Settings\HP_Propriétaire\Application Data\diroxisupe.com
C:\Documents and Settings\HP_Propriétaire\Application Data\pexijomo.scr
C:\Documents and Settings\HP_Propriétaire\Application Data\wedevaf.sys
C:\Documents and Settings\HP_Propriétaire\Application Data\yzyquhusy.sys
C:\Program Files\Fichiers communs\cesizuzu.sys
C:\Program Files\Fichiers communs\cicota.exe
C:\Program Files\Fichiers communs\iwawasosy.ban
C:\Program Files\Fichiers communs\jeroqejo.exe
C:\Program Files\Fichiers communs\juzisodyvi.reg
C:\Program Files\Fichiers communs\luhe.ban
C:\Program Files\Fichiers communs\nuzumagi.sys
C:\Program Files\Fichiers communs\osihotopa.ban
C:\Program Files\Fichiers communs\toxyji.dl
C:\Program Files\Fichiers communs\yzybesawu.vbs
C:\WINDOWS\anoguzoki._dl
C:\WINDOWS\Babar 1.dat
C:\WINDOWS\Babar 1.dll
C:\WINDOWS\Babar 1.exe
C:\WINDOWS\Babar 1.scr
C:\WINDOWS\bahaqeruqo.dll
C:\WINDOWS\dafugenil.scr
C:\WINDOWS\epudura._sy
C:\WINDOWS\feqos.sys
C:\WINDOWS\folidery.bin
C:\WINDOWS\fukirawu.exe
C:\WINDOWS\gujovupamo.exe
C:\WINDOWS\hiqehiqu.dl
C:\WINDOWS\jihiduce.com
C:\WINDOWS\kyxijola._dl
C:\WINDOWS\lymaqifana._dl
C:\WINDOWS\obimyseh.dat
C:\WINDOWS\piwego.com
C:\WINDOWS\qobevoni.vbs
C:\WINDOWS\qumahywe.bin
C:\WINDOWS\sava.ban
C:\WINDOWS\system32\9C7F7C87DA.sys
C:\WINDOWS\system32\eljbwhex.dll
C:\WINDOWS\system32\gdqfytmt.exe
C:\WINDOWS\system32\igep.scr
C:\WINDOWS\system32\recemez.dat
C:\WINDOWS\system32\tovecyjino.inf
C:\WINDOWS\system32\umihutilan.pif
C:\WINDOWS\system32\wini104552502.exe
C:\WINDOWS\system32\ynrdvsla.dll
C:\WINDOWS\system32\ypywyb.dl
C:\WINDOWS\system32\yzezuzud.db
C:\WINDOWS\system32\zanuqy.ban
C:\WINDOWS\ugelapekab.bat
C:\WINDOWS\utohut.reg
C:\WINDOWS\vakava.dat
C:\WINDOWS\vepe.dat
C:\WINDOWS\wijewoked.vbs
C:\WINDOWS\witu.reg
C:\WINDOWS\wurada.bin
C:\WINDOWS\zysozi.com
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\fizqlwvo
C:\Documents and Settings\All Users\Application Data\icifyfynol.bin
C:\Documents and Settings\All Users\Application Data\iwagynij.pif
C:\Documents and Settings\All Users\Application Data\jiwocibivu.scr
C:\Documents and Settings\All Users\Application Data\opilulu.vbs
C:\Documents and Settings\All Users\Application Data\pigydunu.bin
C:\Documents and Settings\HP_Propriétaire\Application Data\diroxisupe.com
C:\Documents and Settings\HP_Propriétaire\Application Data\pexijomo.scr
C:\Documents and Settings\HP_Propriétaire\Application Data\wedevaf.sys
C:\Documents and Settings\HP_Propriétaire\Application Data\yzyquhusy.sys
C:\Program Files\Fichiers communs\cesizuzu.sys
C:\Program Files\Fichiers communs\cicota.exe
C:\Program Files\Fichiers communs\iwawasosy.ban
C:\Program Files\Fichiers communs\jeroqejo.exe
C:\Program Files\Fichiers communs\juzisodyvi.reg
C:\Program Files\Fichiers communs\luhe.ban
C:\Program Files\Fichiers communs\nuzumagi.sys
C:\Program Files\Fichiers communs\osihotopa.ban
C:\Program Files\Fichiers communs\toxyji.dl
C:\Program Files\Fichiers communs\yzybesawu.vbs
C:\Program Files\yjfcjyb
C:\WINDOWS\anoguzoki._dl
C:\WINDOWS\Babar 1.dat
C:\WINDOWS\Babar 1.dll
C:\WINDOWS\Babar 1.exe
C:\WINDOWS\Babar 1.scr
C:\WINDOWS\bahaqeruqo.dll
C:\WINDOWS\dafugenil.scr
C:\WINDOWS\epudura._sy
C:\WINDOWS\feqos.sys
C:\WINDOWS\folidery.bin
C:\WINDOWS\fukirawu.exe
C:\WINDOWS\gujovupamo.exe
C:\WINDOWS\hiqehiqu.dl
C:\WINDOWS\jihiduce.com
C:\WINDOWS\kyxijola._dl
C:\WINDOWS\lymaqifana._dl
C:\WINDOWS\obimyseh.dat
C:\WINDOWS\piwego.com
C:\WINDOWS\qobevoni.vbs
C:\WINDOWS\qumahywe.bin
C:\WINDOWS\sava.ban
C:\WINDOWS\system32\9C7F7C87DA.sys
C:\WINDOWS\system32\eljbwhex.dll
C:\WINDOWS\system32\gdqfytmt.exe
C:\WINDOWS\system32\igep.scr
C:\WINDOWS\system32\recemez.dat
C:\WINDOWS\system32\tovecyjino.inf
C:\WINDOWS\system32\umihutilan.pif
C:\WINDOWS\system32\wini104552502.exe
C:\WINDOWS\system32\ypywyb.dl
C:\WINDOWS\system32\yzezuzud.db
C:\WINDOWS\system32\zanuqy.ban
C:\WINDOWS\ugelapekab.bat <