Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

ordi tres lent

nicolas72800

Par nicolas72800
dans Analyses et éradication malwares

 Partager

Messages recommandés

nicolas72800 Junior Member

nicolas72800

Posté(e)
Posté(e)

bonjour a tous moi c nico

j ai un ordi qui rame de plus en plus au démarrage et des fois il se met a tourner tout seul en bloquant toute navigation

svp aidez moi

voici mon rapport en espérant trouver mon bienfaiteur.

merci d avance

nico

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:25:01, on 15/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

C:\Program Files\Pack Securite\Common\FSMA32.EXE

C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Pack Securite\Common\FSMB32.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Pack Securite\Common\FCH32.EXE

C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe

C:\Program Files\Pack Securite\Common\FAMEH32.EXE

C:\Program Files\Pack Securite\FSPC\fspc.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Pack Securite\Common\FSM32.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\Pack Securite\FSGUI\fsguidll.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe

C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\Pack Securite\FSAUA\program\fsus.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Neuf\Widget Neuf\9widget.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\NETGEAR\WG111T\wlan111t.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Propriétaire\Mes documents\NICO\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {98C3BDF2-BC1E-8E2E-CFDE-1E24FBAB6796} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Anniversaires] C:\Program Files\Anniversaires\Rappel.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\Propriétaire\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe

O4 - HKCU\..\Run: [sizedrv] C:\DOCUME~1\PROPRI~1\APPLIC~1\TITLED~1\AUDIOTONSSIGN.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab

O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://nicofanny.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} (AOL Newport Editor Ctrl) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.6.0.6.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149827349843

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nicofanny.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.servicesalacarte.wanad...gamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer = 192.168.1.1

O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe (file missing)

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)

 

--

End of file - 15710 bytes

chrifleur Full Patch Member

chrifleur

Posté(e)
Posté(e)

bonjour et bienvenue

il y a effectivement infections

Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

 

un tutoriel pour l'utiliser

http://siri.urz.free.fr/Fix/SmitfraudFix.php

 

Double-clique sur le fichier "SmitFraudFix.exe" (SmitFraudFix) et choisis l'option 1, il va lister tous les éléments nuisibles dans un rapport : poste-le

Le rapport se trouve à la racine du disque système C:\rapport.txt

 

process.exe est détecté par certains antivirus comme étant potentiellement dangereux. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.

.....

Double clique sur SmitfraudFix.exe

Sélectionne 2 et clique sur Entrée dans le menu pour supprimer les fichiers responsables de l'infection.

A la question: Voulez-vous nettoyer le registre ? Réponds O (oui) et clique sur Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.

L'outil déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? Réponds O (oui) et clique Entrée pour remplacer le fichier corrompu.

Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

Poste ce rapport

 

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

***Si le lien ne fonctionne pas, essaie celui-ci :

http://download.bleepingcomputer.com/andymanchesta/SDFix.exe ***

 

Double clique sur SDFix.exe et choisis Install. L'outil sera extrait à la racine du lecteur système (généralement le C:\).

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

· Redémarre ton ordinateur

· Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (F5 sur certains PC), une pression par seconde.

· A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.

· Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".

· Choisis ton compte.

Déroule la liste des instructions ci-dessous :

· Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le script.

· Appuie sur Y pour commencer le processus de nettoyage.

· Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

· Il est possible que l'outil demande un nouveau redémarrage en mode Sans Échec en début de routine, si une infection particulière est détectée; valide et tapote la touche F8 (ou F5) au redémarrage pour accéder aux options de démarrage.

· Appuie sur une touche pour redémarrer le PC.

· Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

· Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

· Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

· Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

 

Télécharger Lop S&D.exe de eric71 et angeldark

http://eric.71.mespages.googlepages.com/Lop.sd.exe

scanne ton Pc option1

poste le rapport obtenu

nicolas72800 Junior Member

nicolas72800

Posté(e)
  • Auteur
Posté(e)

salut chrisfleur et merci a toi de me venir en aide

désolé pour ce long delai semaine chargée

je te poste les rapports comme demande

----------------------------------

SmitFraudFix v2.352

 

Rapport fait à 21:49:13,93, 17/09/2008

Executé à partir de C:\Documents and Settings\Propri‚taire\Mes documents\NICO\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

C:\Program Files\Pack Securite\Common\FSMA32.EXE

C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE

C:\Program Files\Pack Securite\Common\FSMB32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Pack Securite\Common\FCH32.EXE

C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe

C:\Program Files\Pack Securite\Common\FAMEH32.EXE

C:\Program Files\Pack Securite\FSPC\fspc.exe

C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Pack Securite\Common\FSM32.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Pack Securite\FSGUI\fsguidll.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Neuf\Widget Neuf\9widget.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Pack Securite\FSAUA\program\fsus.exe

C:\Program Files\NETGEAR\WG111T\wlan111t.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

404Fix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

AntiXPVSTFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» RK

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter - Miniport d'ordonnancement de paquets

DNS Server Search Order: 192.168.1.1

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{100DE370-8FFC-42AB-BF00-9CF8F9BE7F7E}: DhcpNameServer=212.27.54.252 212.27.53.252

HKLM\SYSTEM\CS2\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252

HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

-------------------------

le 2 eme

 

SmitFraudFix v2.352

 

Rapport fait à 22:09:25,81, 17/09/2008

Executé à partir de C:\Documents and Settings\Propri‚taire\Mes documents\NICO\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

 

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

127.0.0.1 localhost

 

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

 

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

 

S!Ri's WS2Fix: LSP not Found.

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

 

 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

 

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

 

404Fix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

 

AntiXPVSTFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» RK

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter - Miniport d'ordonnancement de paquets

DNS Server Search Order: 192.168.1.1

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{100DE370-8FFC-42AB-BF00-9CF8F9BE7F7E}: DhcpNameServer=212.27.54.252 212.27.53.252

HKLM\SYSTEM\CS2\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{50AD095D-A10A-48FC-9AAD-4A8D3BDF1A37}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252

HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

 

Nettoyage terminé.

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

----------------------------------

le 3 eme

SDFix: Version 1.226

Run by Propri‚taire on 17/09/2008 at 22:45

 

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

 

Checking Services :

 

 

C:\WINDOWS\system32\Microsoft\backup.ftp Found

C:\WINDOWS\system32\Microsoft\backup.tftp Found

 

Checking files:

 

Genuine:

C:\WINDOWS\system32\Microsoft\backup.ftp

C:\WINDOWS\system32\Microsoft\backup.tftp

C:\WINDOWS\system32\ftp.exe

C:\WINDOWS\system32\tftp.exe

C:\WINDOWS\system32\dllcache\tftp.exe

 

 

Restoring Default Security Values

Restoring Default Hosts File

 

Rebooting

 

 

Checking Files :

 

Trojan Files Found:

 

C:\WINDOWS\system32\Microsoft\backup.ftp - Deleted

C:\WINDOWS\system32\Microsoft\backup.tftp - Deleted

 

 

 

 

 

Removing Temp Files

 

ADS Check :

 

 

 

Final Check :

 

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-17 23:01:17

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"p0"="C:\Program Files\DAEMON Tools\"

"h0"=dword:00000000

"khjeh"=hex:0c,03,8e,7f,46,ee,bb,71,2e,35,51,cb,b1,75,e1,ce,2e,51,bb,14,b6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,d1,79,a0,7a,5e,7b,28,87,f1,93,1e,9a,4f,98,4c,bc,77,..

"khjeh"=hex:4d,1a,24,1c,6f,40,b4,5e,96,c7,50,c6,22,c0,5d,cb,d6,29,3b,a6,1c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:09,f5,14,d0,df,d3,f8,6d,5f,64,0b,fb,b4,0e,5f,5a,c2,11,9e,d0,5c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:73,33,49,f6,45,0d,c2,60,2c,c6,8b,22,b1,b6,b1,a7,b0,02,2e,b6,a1,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:44,f6,54,45,39,2f,64,97,d8,d4,ad,e0,bc,80,11,20,30,93,2a,d4,ae,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"p0"="C:\Program Files\DAEMON Tools\"

"h0"=dword:00000000

"khjeh"=hex:0c,03,8e,7f,46,ee,bb,71,2e,35,51,cb,b1,75,e1,ce,2e,51,bb,14,b6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,d1,79,a0,7a,5e,7b,28,87,f1,93,1e,9a,4f,98,4c,bc,77,..

"khjeh"=hex:4d,1a,24,1c,6f,40,b4,5e,96,c7,50,c6,22,c0,5d,cb,d6,29,3b,a6,1c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:09,f5,14,d0,df,d3,f8,6d,5f,64,0b,fb,b4,0e,5f,5a,c2,11,9e,d0,5c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:73,33,49,f6,45,0d,c2,60,2c,c6,8b,22,b1,b6,b1,a7,b0,02,2e,b6,a1,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:44,f6,54,45,39,2f,64,97,d8,d4,ad,e0,bc,80,11,20,30,93,2a,d4,ae,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]

"Epoch"=dword:0004c3df

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

"h0"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"p0"="C:\Program Files\DAEMON Tools\"

"h0"=dword:00000000

"khjeh"=hex:0c,03,8e,7f,46,ee,bb,71,2e,35,51,cb,b1,75,e1,ce,2e,51,bb,14,b6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,d1,79,a0,7a,5e,7b,28,87,f1,93,1e,9a,4f,98,4c,bc,77,..

"khjeh"=hex:4d,1a,24,1c,6f,40,b4,5e,96,c7,50,c6,22,c0,5d,cb,d6,29,3b,a6,1c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:09,f5,14,d0,df,d3,f8,6d,5f,64,0b,fb,b4,0e,5f,5a,c2,11,9e,d0,5c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:73,33,49,f6,45,0d,c2,60,2c,c6,8b,22,b1,b6,b1,a7,b0,02,2e,b6,a1,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:44,f6,54,45,39,2f,64,97,d8,d4,ad,e0,bc,80,11,20,30,93,2a,d4,ae,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"p0"="C:\Program Files\DAEMON Tools\"

"h0"=dword:00000000

"khjeh"=hex:0c,03,8e,7f,46,ee,bb,71,2e,35,51,cb,b1,75,e1,ce,2e,51,bb,14,b6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,d1,79,a0,7a,5e,7b,28,87,f1,93,1e,9a,4f,98,4c,bc,77,..

"khjeh"=hex:4d,1a,24,1c,6f,40,b4,5e,96,c7,50,c6,22,c0,5d,cb,d6,29,3b,a6,1c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:09,f5,14,d0,df,d3,f8,6d,5f,64,0b,fb,b4,0e,5f,5a,c2,11,9e,d0,5c,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:73,33,49,f6,45,0d,c2,60,2c,c6,8b,22,b1,b6,b1,a7,b0,02,2e,b6,a1,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:44,f6,54,45,39,2f,64,97,d8,d4,ad,e0,bc,80,11,20,30,93,2a,d4,ae,..

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

 

Remaining Services :

 

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL9~1.0"

"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"

"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"

"C:\\bmalbum\\BMALBUM.exe"="C:\\bmalbum\\BMALBUM.exe:*:Enabled:BMALBum Cr‚ation de site"

"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"

"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"

"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"

"C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\aolsoftware.exe:*:Enabled:AOL Services"

"C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\aim6.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\aim6.exe:*:Enabled:AIM"

"C:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL Topspeed"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL"

"C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1138621967\\ee\\AOLServiceHost.exe:*:Enabled:AOL"

"C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"

"C:\\Program Files\\Fichiers communs\\AOL\\1163787723\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1163787723\\ee\\aolsoftware.exe:*:Enabled:AOL Services"

"C:\\Program Files\\Fichiers communs\\AOL\\1163787723\\ee\\aim6.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1163787723\\ee\\aim6.exe:*:Enabled:AIM"

"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Documents and Settings\\Propri‚taire\\Local Settings\\Temporary Internet Files\\Content.IE5\\OANV25OL\\incredimail_install[1].exe"="C:\\Documents and Settings\\Propri‚taire\\Local Settings\\Temporary Internet Files\\Content.IE5\\OANV25OL\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"

"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"

"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe"="C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe:*:Enabled:Active Virus Shield"

"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

"C:\\Documents and Settings\\Propri‚taire\\Mes documents\\in memorium\\CRACK\\rituel.exe"="C:\\Documents and Settings\\Propri‚taire\\Mes documents\\in memorium\\CRACK\\rituel.exe:*:Enabled:rituel"

"C:\\Ubi Soft\\dernierrituel\\rituel.exe"="C:\\Ubi Soft\\dernierrituel\\rituel.exe:*:Enabled:rituel"

"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"="C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Disabled:pando"

"C:\\Documents and Settings\\Propri‚taire\\Mes documents\\LOGICIEL\\incredimail_install.exe"="C:\\Documents and Settings\\Propri‚taire\\Mes documents\\LOGICIEL\\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\\Documents and Settings\\Propri‚taire\\Mes documents\\incredimail_install.exe"="C:\\Documents and Settings\\Propri‚taire\\Mes documents\\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\Simple DNS Plus\\sdnsmain.exe"="C:\\Program Files\\Simple DNS Plus\\sdnsmain.exe:*:Enabled:Simple DNS Plus - Main server engine"

"C:\\Documents and Settings\\Propri‚taire\\Mes documents\\bricolage\\PS3Proxy\\ps3proxy.exe"="C:\\Documents and Settings\\Propri‚taire\\Mes documents\\bricolage\\PS3Proxy\\ps3proxy.exe:*:Enabled:PS3 Proxy"

"C:\\Program Files\\XoftSpySE\\XoftSpy.exe"="C:\\Program Files\\XoftSpySE\\XoftSpy.exe:*:Enabled:Xoftspy"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe"="C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe:172.16.255.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

Remaining Files :

 

 

File Backups: - C:\SDFix\backups\backups.zip

 

Files with Hidden Attributes :

 

Sat 17 Jan 2004 0 A..HR --- "C:\WINDOWS\SMINST\HPCD.SYS"

Mon 14 Apr 2008 65,024 A.SH. --- "C:\WINDOWS\system32\asycfilt.dll"

Mon 14 Apr 2008 617,472 A.SH. --- "C:\WINDOWS\system32\comctl32.dll"

Mon 14 Apr 2008 1,028,096 A.SH. --- "C:\WINDOWS\system32\mfc42.dll"

Sun 3 Aug 2003 57,344 A.SH. --- "C:\WINDOWS\system32\mfc42loc.dll"

Wed 20 Sep 1995 35,088 A.SH. --- "C:\WINDOWS\system32\msjint32.dll"

Wed 20 Sep 1995 977,680 A.SH. --- "C:\WINDOWS\system32\msjt3032.dll"

Wed 20 Sep 1995 23,824 A.SH. --- "C:\WINDOWS\system32\msjter32.dll"

Mon 14 Apr 2008 413,696 A.SH. --- "C:\WINDOWS\system32\msvcp60.dll"

Mon 14 Apr 2008 343,040 A.SH. --- "C:\WINDOWS\system32\msvcrt.dll"

Sat 2 Aug 2003 253,952 A.SH. --- "C:\WINDOWS\system32\msvcrt20.dll"

Mon 14 Apr 2008 551,936 A.SH. --- "C:\WINDOWS\system32\oleaut32.dll"

Mon 14 Apr 2008 84,992 A.SH. --- "C:\WINDOWS\system32\olepro32.dll"

Mon 14 Apr 2008 30,749 A.SH. --- "C:\WINDOWS\system32\vbajet32.dll"

Sun 24 Sep 1995 243,472 A.SH. --- "C:\WINDOWS\system32\vbar2232.dll"

Mon 18 May 1998 368,912 A.SH. --- "C:\WINDOWS\system32\vbar332.dll"

Wed 24 May 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

Mon 9 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Thu 8 Feb 2007 32,768 ...H. --- "C:\Documents and Settings\Propri‚taire\Mes documents\yolan\recettes\POTAGE\~WRL4063.tmp"

 

Finished!

 

et le dernier

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.60GHz )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : Propriétaire ( Administrator )

BOOT : Normal boot

Antivirus : Pack Securite Plus 7.00 7.00 (Activated)

Firewall : Norton Internet Security 2006 2006 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total : 152 Go Free : 31 Go

D:\ (CD or DVD)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (USB)

 

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )

Option : [1] ( 17/09/2008|23:14 )

 

--------------------\\ Listing des dossiers dans Application Data

 

[13/02/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[11/02/2008|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[17/11/2006|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads

[06/12/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[16/02/2008|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7

[07/09/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon

[30/08/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[09/04/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure

[09/04/2008|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg

[11/07/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[11/07/2007|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[16/08/2006|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek

[01/01/2003|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard

[06/02/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP

[06/08/2008|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM

[06/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail

[01/01/2003|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo

[20/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak

[19/02/2006|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mediaknobbowsmapi

[30/01/2006|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[22/07/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[11/07/2007|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla

[22/02/2007|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6

[23/03/2007|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound

[24/02/2006|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[30/01/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\play gpl wait idol

[13/02/2006|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[30/07/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ringo

[01/01/2003|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[22/09/2007|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic

[05/03/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[17/08/2008|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[09/02/2006|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software

[20/03/2007|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoEgg

[18/11/2006|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

[29/01/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/11/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[11/07/2007|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller

[14/11/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[09/02/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[25/04/2006|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[06/05/2006|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

 

[01/01/2003|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[01/01/2003|15:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[01/01/2003|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust

[01/01/2003|17:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[01/01/2003|17:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView

[01/01/2003|17:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[02/01/2003|00:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[13/06/2006|16:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\AOL

[16/02/2008|23:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[16/02/2008|23:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

[22/07/2007|21:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\3M

[04/05/2006|19:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\acccore

[19/06/2008|14:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe

[10/01/2007|20:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM

[18/06/2006|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead

[16/11/2006|20:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL

[06/12/2006|22:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer

[23/08/2007|13:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft

[07/09/2007|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon

[06/12/2006|21:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent

[01/02/2006|18:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire

[14/04/2008|18:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure

[25/11/2006|15:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google

[16/08/2006|16:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\GTek

[29/01/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help

[04/05/2008|08:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP

[01/01/2003|15:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities

[27/02/2008|15:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield

[01/01/2003|17:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust

[29/01/2006|19:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia

[06/12/2006|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Micro Application

[22/11/2007|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[17/08/2008|22:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla

[22/02/2007|21:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6

[23/03/2007|14:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\NCH Swift Sound

[30/07/2008|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Panasonic

[09/04/2008|12:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX

[17/08/2008|21:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

[01/01/2003|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView

[18/02/2006|17:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic

[02/02/2006|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun

[24/02/2006|22:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec

[09/06/2007|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback

[11/07/2007|21:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\TaoUSign

[11/02/2008|22:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Titledeletewipe

[29/11/2007|16:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\TomTom

[09/02/2006|20:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software

[10/04/2007|23:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent

[09/07/2007|14:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\VideoEgg

[26/06/2008|23:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc

[28/09/2007|08:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Desktop Search

[27/09/2007|12:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Live Writer

[01/02/2008|02:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView

[09/02/2006|21:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\yahoo!

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[17/09/2008 11:56][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job

[17/09/2008 22:59][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job

[17/09/2008 21:39][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[17/09/2008 12:00][--a------] C:\WINDOWS\tasks\Nettoyage de disque.job

[03/08/2003 12:17][-rah-c---] C:\WINDOWS\tasks\desktop.ini

[17/09/2008 22:54][--ah-----] C:\WINDOWS\tasks\SA.DAT

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[29/01/2006|17:48] C:\Program Files\3ivx

[05/07/2008|19:19] C:\Program Files\Adobe

[29/01/2006|17:39] C:\Program Files\Ahead

[16/02/2008|23:50] C:\Program Files\Alwil Software

[18/03/2006|20:27] C:\Program Files\Anniversaires

[11/02/2008|21:18] C:\Program Files\AOL

[09/09/2007|16:07] C:\Program Files\AOL Pictures

[19/03/2008|14:19] C:\Program Files\AOL Security Toolbar

[27/03/2006|20:57] C:\Program Files\AOL Toolbar

[27/01/2007|12:36] C:\Program Files\Apple Software Update

[23/08/2007|13:31] C:\Program Files\ArcSoft

[18/03/2007|21:27] C:\Program Files\Atari

[28/07/2008|14:39] C:\Program Files\AxBx

[09/02/2006|20:03] C:\Program Files\BaseDVDivX

[13/02/2007|23:31] C:\Program Files\CCleaner

[12/02/2008|00:13] C:\Program Files\Circle Developement

[11/07/2007|21:38] C:\Program Files\DAEMON Tools

[23/05/2006|15:26] C:\Program Files\DIFX

[29/12/2006|23:27] C:\Program Files\DivX

[29/01/2006|17:44] C:\Program Files\DVD Decrypter

[29/01/2006|17:57] C:\Program Files\DVD Shrink

[12/04/2007|23:22] C:\Program Files\EA GAMES

[02/09/2007|20:48] C:\Program Files\Easy Internet signup

[11/02/2006|18:05] C:\Program Files\Eidos Interactive

[10/04/2007|22:07] C:\Program Files\Electronic Arts

[04/09/2008|22:59] C:\Program Files\eMule

[02/02/2006|18:52] C:\Program Files\fdjeux

[31/08/2008|18:00] C:\Program Files\Fichiers communs

[08/04/2006|10:14] C:\Program Files\FileZilla

[16/11/2006|12:13] C:\Program Files\Free

[11/07/2007|21:30] C:\Program Files\Free Audio Pack

[02/01/2008|14:47] C:\Program Files\Google

[01/02/2008|15:32] C:\Program Files\Graphex3

[11/02/2008|22:13] C:\Program Files\Grisoft

[22/09/2007|12:14] C:\Program Files\Hewlett-Packard

[29/01/2006|17:08] C:\Program Files\HighMAT CD Writing Wizard

[01/01/2003|17:10] C:\Program Files\HP

[11/07/2007|21:31] C:\Program Files\IKEA HomePlanner

[29/01/2006|17:51] C:\Program Files\Illustrate

[06/08/2008|11:48] C:\Program Files\IncrediMail

[30/07/2008|11:43] C:\Program Files\InstallShield Installation Information

[13/08/2008|16:49] C:\Program Files\Internet Explorer

[29/01/2006|15:59] C:\Program Files\InterVideo

[23/08/2007|13:41] C:\Program Files\ISL

[06/08/2008|11:53] C:\Program Files\Java

[09/02/2006|20:03] C:\Program Files\Java Web Start

[28/03/2007|14:25] C:\Program Files\JeCreeMaCuisineAvecLeroyMerlin

[06/05/2006|20:12] C:\Program Files\Jeux classiques

[20/10/2007|14:16] C:\Program Files\Kodak

[29/01/2006|16:33] C:\Program Files\Learn2.com

[01/02/2006|18:54] C:\Program Files\Logitech

[19/04/2008|15:01] C:\Program Files\Ludiclub

[28/04/2007|14:11] C:\Program Files\MegaWorld

[13/08/2008|16:55] C:\Program Files\Messenger

[29/01/2008|09:15] C:\Program Files\Messenger Plus! Live

[18/03/2008|00:50] C:\Program Files\Micro Application

[12/08/2006|10:05] C:\Program Files\Microsoft

[11/07/2007|21:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[01/01/2003|15:51] C:\Program Files\microsoft frontpage

[08/03/2006|22:42] C:\Program Files\Microsoft Money

[01/01/2008|23:01] C:\Program Files\Microsoft Office

[22/11/2007|22:04] C:\Program Files\Microsoft Picture It! 7

[27/09/2007|12:24] C:\Program Files\Microsoft SQL Server Compact Edition

[21/08/2006|08:45] C:\Program Files\Microsoft Works

[01/01/2003|17:12] C:\Program Files\Microsoft Works Suite 2003

[06/08/2008|16:09] C:\Program Files\Movie Maker

[17/09/2008|21:37] C:\Program Files\Mozilla Firefox

[11/07/2007|21:26] C:\Program Files\Mozilla Firefox(2)(2)

[01/01/2008|23:00] C:\Program Files\MSECache

[22/02/2007|21:21] C:\Program Files\MSN

[01/01/2003|15:46] C:\Program Files\MSN Gaming Zone

[23/12/2007|19:32] C:\Program Files\MSN Messenger

[23/10/2007|21:51] C:\Program Files\MSN Pictures Displayer

[11/07/2007|21:31] C:\Program Files\MSN Reaper

[18/11/2006|10:51] C:\Program Files\MSXML 4.0

[22/07/2008|03:10] C:\Program Files\Multi Virus Cleaner 2008

[29/01/2006|15:57] C:\Program Files\Multimedia Card Reader

[20/04/2007|13:45] C:\Program Files\MUSK Codec Pack v5

[27/02/2008|14:42] C:\Program Files\NETGEAR

[06/08/2008|15:58] C:\Program Files\NetMeeting

[26/06/2008|22:53] C:\Program Files\Neuf

[11/07/2007|21:27] C:\Program Files\Norton Security Scan

[16/03/2006|16:50] C:\Program Files\Nullsoft

[29/01/2006|17:48] C:\Program Files\On2 Technologies

[06/08/2008|16:44] C:\Program Files\Outlook Express

[09/04/2008|13:25] C:\Program Files\Pack Securite

[30/07/2008|11:44] C:\Program Files\Panasonic

[13/04/2007|16:55] C:\Program Files\PhotoBox

[11/07/2007|21:27] C:\Program Files\Picasa2

[14/12/2006|20:50] C:\Program Files\PIXELA

[14/04/2006|07:12] C:\Program Files\PixVillage

[26/05/2007|00:06] C:\Program Files\PopCap Games

[10/03/2007|12:33] C:\Program Files\QuickTime

[29/01/2006|18:02] C:\Program Files\QuickZip

[29/01/2006|16:31] C:\Program Files\Real

[01/01/2003|17:32] C:\Program Files\RecordNow!

[30/07/2008|11:46] C:\Program Files\Ringo

[24/10/2007|22:25] C:\Program Files\Samsung

[01/01/2003|18:04] C:\Program Files\Services en ligne

[11/07/2007|21:40] C:\Program Files\Simple DNS Plus

[07/03/2007|22:56] C:\Program Files\Skype

[05/03/2007|20:40] C:\Program Files\Spybot - Search & Destroy

[11/07/2007|21:26] C:\Program Files\Spyware Doctor

[06/08/2008|11:54] C:\Program Files\Sun

[07/08/2006|19:40] C:\Program Files\T‚l‚chargement PHOTOWAYS

[29/01/2006|19:37] C:\Program Files\Temp

[02/01/2008|05:58] C:\Program Files\Titledeletewipe

[25/04/2007|21:03] C:\Program Files\TomTom DesktopSuite

[29/11/2007|16:20] C:\Program Files\TomTom HOME

[28/03/2008|14:46] C:\Program Files\TomTom HOME 2

[21/08/2006|14:07] C:\Program Files\ToniArts

[08/06/2007|21:07] C:\Program Files\Ubi Soft

[01/01/2003|15:56] C:\Program Files\Uninstall Information

[20/03/2007|17:22] C:\Program Files\VideoEgg

[26/06/2008|23:08] C:\Program Files\VideoLAN

[08/06/2007|15:23] C:\Program Files\Weight Watchers FlexiPoints

[09/04/2007|23:05] C:\Program Files\Windows Defender

[27/09/2007|12:23] C:\Program Files\Windows Desktop Search

[27/02/2008|14:46] C:\Program Files\Windows Live

[30/11/2007|07:44] C:\Program Files\Windows Live Favorites

[30/11/2007|07:44] C:\Program Files\Windows Live Toolbar

[15/12/2006|00:13] C:\Program Files\Windows Media Connect 2

[06/08/2008|15:58] C:\Program Files\Windows Media Player

[06/08/2008|15:58] C:\Program Files\Windows NT

[29/01/2006|16:43] C:\Program Files\WindowsUpdate

[11/04/2007|08:05] C:\Program Files\WinRAR

[01/01/2003|15:51] C:\Program Files\xerox

[01/02/2008|00:52] C:\Program Files\XnView

[15/05/2008|12:56] C:\Program Files\XoftSpySE

[29/12/2006|23:28] C:\Program Files\XviD

[24/04/2006|22:13] C:\Program Files\Yahoo!

[28/12/2006|22:58] C:\Program Files\Zero G Registry

[11/07/2007|21:34] C:\Program Files\Zuma Deluxe

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[13/02/2008|14:35] C:\Program Files\Fichiers communs\Adobe

[29/01/2006|17:39] C:\Program Files\Fichiers communs\Ahead

[28/12/2006|22:54] C:\Program Files\Fichiers communs\AOL

[29/01/2006|16:33] C:\Program Files\Fichiers communs\aolback

[17/11/2006|20:22] C:\Program Files\Fichiers communs\aolshare

[07/07/2008|13:54] C:\Program Files\Fichiers communs\Canon

[01/01/2003|17:14] C:\Program Files\Fichiers communs\Designer

[01/02/2006|18:54] C:\Program Files\Fichiers communs\FotoWire

[22/09/2007|12:12] C:\Program Files\Fichiers communs\Hewlett-Packard

[22/09/2007|12:20] C:\Program Files\Fichiers communs\HP

[29/01/2006|17:50] C:\Program Files\Fichiers communs\InstallShield

[29/01/2006|17:54] C:\Program Files\Fichiers communs\Java

[01/02/2006|18:52] C:\Program Files\Fichiers communs\Logitech

[06/12/2006|17:20] C:\Program Files\Fichiers communs\Micro Application Shared

[19/03/2008|14:25] C:\Program Files\Fichiers communs\Microsoft Shared

[01/01/2003|15:47] C:\Program Files\Fichiers communs\MSSoap

[29/01/2006|16:32] C:\Program Files\Fichiers communs\Nullsoft

[01/01/2003|15:41] C:\Program Files\Fichiers communs\ODBC

[15/03/2006|20:49] C:\Program Files\Fichiers communs\PC SOFT

[31/08/2008|17:58] C:\Program Files\Fichiers communs\Real

[30/01/2006|13:53] C:\Program Files\Fichiers communs\Scanner

[01/01/2003|23:26] C:\Program Files\Fichiers communs\Services

[01/01/2003|17:33] C:\Program Files\Fichiers communs\Sonic

[22/09/2007|12:21] C:\Program Files\Fichiers communs\Sonic Shared

[01/01/2003|15:41] C:\Program Files\Fichiers communs\SpeechEngines

[11/07/2007|19:36] C:\Program Files\Fichiers communs\Symantec Shared

[06/08/2008|16:44] C:\Program Files\Fichiers communs\System

[14/11/2007|14:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[24/01/2008|23:07] C:\Program Files\Fichiers communs\Wise Installation Wizard

[31/08/2008|18:00] C:\Program Files\Fichiers communs\xing shared

 

--------------------\\ Process

 

( 69 Processes )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\Program Files\Circle Developement

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-17 23:17:19

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 865

 

--------------------\\ Recherche d'autres infections

 

 

C:\WINDOWS\System32\yzjvnwet.dat

C:\WINDOWS\System32\yzjvnwet_nav.dat

C:\WINDOWS\System32\yzjvnwet_navps.dat

==> EGDACCESS <==

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\XoftSpySE 4.29.191+ crack.torrent

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92

C:\DOCUME~1\PROPRI~1\Mes documents\generator cle ea games\Keygen ea games.exe

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92\crack nocd

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92\crack nocd\csi-miami.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Architecte 3D (Plan Maison Architecture) + crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Zuma Deluxe! v1.0 (crack).exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\3d\temp\KEYGEN.EXE

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\filemap.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsdiags.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\hardware

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\mccroix_s_OF_1.0.rar

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\pes6-keygen.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\pes6.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win.ini

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\Xtras

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic\osver.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic\set.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\apppaths-reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\common

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fc-filelist3.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\filelist-fstnb.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\filesystem1.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsav

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsavcs.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsbw.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsma.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fssc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\ie.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logfile.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.bpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.ipf.bak

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\reg_df.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\sidegrade

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\classes.3.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\classes.4.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\f_secure_home_acl.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\common\dfuninst.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\channelstate.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-content-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-header-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-program-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-root-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-segrules-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-subscriptions-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua.dbg

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsav\services.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui\list.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui\reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\ie_extensions_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\list_root.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\lsp_list_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fssc\identities_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs\fsma

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs\fsma\fsma.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc\fsbwupst.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc\fsld.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\ih8.config.xml.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\ilaunchr.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs\custom

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs\custom\custinstall.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\sidegrade\2492.3164.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua\registry-config.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua\registry-handlers.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\hardware\hardware.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\ipconfig.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netstart.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netstat.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netuse.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\nic.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\nslookup.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\ping.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\route.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\application.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\security.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\system.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_rename.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_run.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_srv.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\Xtras\INetURL.x32

C:\DOCUME~1\PROPRI~1\Mes documents\trivial\Crack

 

 

[F:71][D:65]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp

[F:91][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies

[F:72][D:10]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 17/09/2008|23:21 - Option : [1]

 

--------------------\\ Fin du rapport a 23:21:01

chrifleur Full Patch Member

chrifleur

Posté(e)
Posté(e) (modifié)

je te conseille de supprimer tous tes cracks et keygen ==>sources d'infections

 

1

Clique sur ce lien :

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Clique sur Navilog1.zip pour télécharger Navilog1

Choisis Enregistrer

 

et enregistre-le sur ton Bureau.

 

Ensuite double clique sur Navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, le fix s'exécutera automatiquement.

(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le Bureau).

 

Laisse-toi guider. Au menu principal, choisis 1 et valides.

(Ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

 

Patiente jusqu'au message :

*** Analyse Termine le ..... ***

Appuie sur une touche comme demandé, le bloc note va s'ouvrir.

Copie-colle l'intégralité dans une réponse. Referme le bloc note.

Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

 

Double clique sur le raccourci Navilog1 présent sur le Bureau et laisse-toi guider.

Au menu principal, choisis 2 et valide.

 

Le fix va t'informer qu'il va alors redémarrer ton PC

Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts

Appuie sur une touche comme demandé.

(Si ton Pc ne redémarre pas automatiquement, fais-le toi-même)

Au redémarrage de ton PC, choisis ta session habituelle.

 

Patiente jusqu'au message :

*** Nettoyage Termine le ..... ***

Le bloc note va s'ouvrir.

Sauvegarde le rapport de manière à le retrouver

Referme le bloc note. Ton Bureau va réapparaître

 

relance Lop S&D option 2 et scanne ton PC

 

2

recherche et supprime si présent dans ajout suppression de programmes

Titledeletewipe

s'il n'y est pas recherche ce dossier

C:\Program Files\Titledeletewipe

cherche à l'interieur de ce dossier un "uninstall" et exécute le

3

 

Télécharge OTMoveIT (de Old_Timer) sur ton Bureau.

 

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

 

Clique double sur OTMoveIT.exe pour le lancer.

copie la liste qui se trouve en citation ci-dessous,

 

C:\DOCUME~1\PROPRI~1\APPLIC~1\Titledeletewipe

C:\DOCUME~1\ALLUSE~1\APPLIC~1\mediaknobbowsmapi

C:\DOCUME~1\ALLUSE~1\APPLIC~1\play gpl wait idol

C:\Program Files\Titledeletewipe

EmptyTemp

 

 

et colle-la dans le cadre de gauche de OTMoveIT :

 

Paste List of Files/Folders to be moved.

 

 

 

Clique sur MoveIt! pour lancer la suppression.

le résultat apparaîtra dans le cadre Results.

Clique sur Exit pour fermer.

Poste le rapport situé dans C:\\\_OTMoveIT\MovedFiles.

 

Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.

si c'est le cas accepte par Yes.

 

 

 

 

 

poste les rapports de Navilog, Lop S&D OTMoveIT ainsi qu'un rapport hijack this

Modifié par chrifleur
nicolas72800 Junior Member

nicolas72800

Posté(e)
  • Auteur
Posté(e)

Boinjour et tout d abord merci chrisfleur de ton aide

il y a un peu de changement deja

désolé de pas être trop réactif a tes réponses dur semaine mais enfin le wk donc c est bon

voici les rapports demandes:

----------------------------

1 navilog

 

Search Navipromo version 3.6.5 commencé le 20/09/2008 à 15:09:26,67

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "Propriétaire"

 

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.11

Système de fichiers : NTFS

 

Recherche executé en mode normal

 

*** Recherche Programmes installés ***

 

 

*** Recherche dossiers dans "C:\WINDOWS" ***

 

 

*** Recherche dossiers dans "C:\Program Files" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

 

 

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***

 

 

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***

pour + d'infos : http://www.gmer.net

 

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!

!!! A vérifier impérativement avant toute suppression manuelle !!!

 

* Recherche dans "C:\WINDOWS\system32" *

 

* Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

 

 

 

*** Recherche fichiers ***

 

 

 

*** Recherche clés spécifiques dans le Registre ***

 

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche nouveaux fichiers Instant Access :

 

 

2)Recherche Heuristique :

 

* Dans "C:\WINDOWS\system32" :

 

yzjvnwet.dat trouvé !

yzjvnwet_nav.dat trouvé !

yzjvnwet_navps.dat trouvé !

 

* Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :

 

 

3)Recherche Certificats :

 

Certificat Egroup trouvé !

Certificat Electronic-Group absent !

Certificat Montorgueil absent !

Certificat OOO-Favorit absent !

Certificat Sunny-Day-Design-Ltd absent !

 

4)Recherche fichiers connus :

 

 

 

*** Analyse terminée le 20/09/2008 à 15:22:13,20 ***

--------------------------------

2 navilog clean

 

Clean Navipromo version 3.6.5 commencé le 20/09/2008 à 15:24:20,53

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "Propriétaire"

 

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.11

Système de fichiers : NTFS

 

Mode suppression automatique

avec prise en charge résultats Catchme et GNS

 

 

Nettoyage exécuté au redémarrage de l'ordinateur

 

 

*** fsbl1.txt non trouvé ***

(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

 

 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

 

* Suppression dans "C:\WINDOWS\System32" *

 

 

* Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

 

 

 

*** Suppression dossiers dans "C:\WINDOWS" ***

 

 

*** Suppression dossiers dans "C:\Program Files" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

 

 

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***

 

 

 

*** Suppression fichiers ***

 

 

*** Suppression fichiers temporaires ***

 

Nettoyage contenu C:\WINDOWS\Temp effectué !

Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué !

 

*** Traitement Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

 

2)Recherche, création sauvegardes et suppression Heuristique :

 

 

* Dans "C:\WINDOWS\system32" *

 

 

yzjvnwet.dat trouvé !

Copie yzjvnwet.dat réalisée avec succès !

yzjvnwet.dat supprimé !

 

yzjvnwet_nav.dat trouvé !

Copie yzjvnwet_nav.dat réalisée avec succès !

yzjvnwet_nav.dat supprimé !

 

yzjvnwet_navps.dat trouvé !

Copie yzjvnwet_navps.dat réalisée avec succès !

yzjvnwet_navps.dat supprimé !

 

 

* Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *

 

 

*** Sauvegarde du Registre vers dossier Safebackup ***

 

sauvegarde du Registre réalisée avec succès !

 

*** Nettoyage Registre ***

 

Nettoyage Registre Ok

 

 

*** Certificats ***

 

Certificat Egroup supprimé !

Certificat Electronic-Group absent !

Certificat Montorgueil absent !

Certificat OOO-Favorit absent !

Certificat Sunny-Day-Design-Ltdt absent !

 

*** Nettoyage terminé le 20/09/2008 à 15:30:04,93 ***

 

---------------------------------------------------

3 lop SD

 

 

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.60GHz )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : Propriétaire ( Administrator )

BOOT : Normal boot

Antivirus : Pack Securite Plus 7.00 7.00 (Activated)

Firewall : Norton Internet Security 2006 2006 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total : 152 Go Free : 31 Go

D:\ (CD or DVD)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (USB)

 

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )

Option : [2] ( 20/09/2008|15:33 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

 

Supprime! - C:\Program Files\Circle Developement

-

[ Fichier Hosts ] .. Restaure!

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[13/02/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[11/02/2008|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[17/11/2006|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads

[06/12/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[16/02/2008|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7

[07/09/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon

[30/08/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink

[09/04/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure

[09/04/2008|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg

[11/07/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[11/07/2007|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater

[16/08/2006|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek

[01/01/2003|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard

[06/02/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP

[06/08/2008|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM

[06/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail

[01/01/2003|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo

[20/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak

[19/02/2006|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mediaknobbowsmapi

[30/01/2006|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[22/07/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[11/07/2007|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla

[22/02/2007|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6

[23/03/2007|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound

[24/02/2006|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[30/01/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\play gpl wait idol

[13/02/2006|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[30/07/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ringo

[01/01/2003|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[22/09/2007|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic

[05/03/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[17/08/2008|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[09/02/2006|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software

[20/03/2007|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoEgg

[29/01/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/11/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[11/07/2007|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller

[14/11/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[09/02/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[25/04/2006|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[06/05/2006|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

 

[01/01/2003|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[01/01/2003|15:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[01/01/2003|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust

[01/01/2003|17:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[01/01/2003|17:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView

[01/01/2003|17:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[02/01/2003|00:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[13/06/2006|16:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\AOL

[16/02/2008|23:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[16/02/2008|23:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 

[22/07/2007|21:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\3M

[04/05/2006|19:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\acccore

[19/06/2008|14:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe

[10/01/2007|20:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM

[18/06/2006|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead

[16/11/2006|20:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL

[06/12/2006|22:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer

[23/08/2007|13:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft

[07/09/2007|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Babylon

[06/12/2006|21:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent

[01/02/2006|18:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire

[14/04/2008|18:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure

[25/11/2006|15:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google

[16/08/2006|16:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\GTek

[29/01/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help

[04/05/2008|08:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP

[01/01/2003|15:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities

[27/02/2008|15:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield

[01/01/2003|17:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust

[29/01/2006|19:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia

[06/12/2006|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Micro Application

[22/11/2007|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[17/08/2008|22:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla

[22/02/2007|21:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6

[23/03/2007|14:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\NCH Swift Sound

[30/07/2008|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Panasonic

[09/04/2008|12:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX

[17/08/2008|21:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

[01/01/2003|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView

[18/02/2006|17:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic

[02/02/2006|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun

[24/02/2006|22:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec

[09/06/2007|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback

[11/07/2007|21:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\TaoUSign

[11/02/2008|22:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Titledeletewipe

[29/11/2007|16:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\TomTom

[09/02/2006|20:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software

[10/04/2007|23:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent

[09/07/2007|14:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\VideoEgg

[26/06/2008|23:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc

[28/09/2007|08:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Desktop Search

[27/09/2007|12:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Live Writer

[01/02/2008|02:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\XnView

[09/02/2006|21:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\yahoo!

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[20/09/2008 10:15][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job

[20/09/2008 15:32][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job

[20/09/2008 14:39][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[20/09/2008 12:00][--a------] C:\WINDOWS\tasks\Nettoyage de disque.job

[03/08/2003 12:17][-rah-c---] C:\WINDOWS\tasks\desktop.ini

[20/09/2008 15:28][--ah-----] C:\WINDOWS\tasks\SA.DAT

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[29/01/2006|17:48] C:\Program Files\3ivx

[05/07/2008|19:19] C:\Program Files\Adobe

[29/01/2006|17:39] C:\Program Files\Ahead

[16/02/2008|23:50] C:\Program Files\Alwil Software

[18/03/2006|20:27] C:\Program Files\Anniversaires

[11/02/2008|21:18] C:\Program Files\AOL

[09/09/2007|16:07] C:\Program Files\AOL Pictures

[19/03/2008|14:19] C:\Program Files\AOL Security Toolbar

[27/03/2006|20:57] C:\Program Files\AOL Toolbar

[27/01/2007|12:36] C:\Program Files\Apple Software Update

[23/08/2007|13:31] C:\Program Files\ArcSoft

[18/03/2007|21:27] C:\Program Files\Atari

[28/07/2008|14:39] C:\Program Files\AxBx

[09/02/2006|20:03] C:\Program Files\BaseDVDivX

[13/02/2007|23:31] C:\Program Files\CCleaner

[11/07/2007|21:38] C:\Program Files\DAEMON Tools

[23/05/2006|15:26] C:\Program Files\DIFX

[29/12/2006|23:27] C:\Program Files\DivX

[29/01/2006|17:44] C:\Program Files\DVD Decrypter

[29/01/2006|17:57] C:\Program Files\DVD Shrink

[12/04/2007|23:22] C:\Program Files\EA GAMES

[02/09/2007|20:48] C:\Program Files\Easy Internet signup

[11/02/2006|18:05] C:\Program Files\Eidos Interactive

[10/04/2007|22:07] C:\Program Files\Electronic Arts

[04/09/2008|22:59] C:\Program Files\eMule

[02/02/2006|18:52] C:\Program Files\fdjeux

[31/08/2008|18:00] C:\Program Files\Fichiers communs

[08/04/2006|10:14] C:\Program Files\FileZilla

[16/11/2006|12:13] C:\Program Files\Free

[11/07/2007|21:30] C:\Program Files\Free Audio Pack

[02/01/2008|14:47] C:\Program Files\Google

[01/02/2008|15:32] C:\Program Files\Graphex3

[11/02/2008|22:13] C:\Program Files\Grisoft

[22/09/2007|12:14] C:\Program Files\Hewlett-Packard

[29/01/2006|17:08] C:\Program Files\HighMAT CD Writing Wizard

[01/01/2003|17:10] C:\Program Files\HP

[11/07/2007|21:31] C:\Program Files\IKEA HomePlanner

[29/01/2006|17:51] C:\Program Files\Illustrate

[06/08/2008|11:48] C:\Program Files\IncrediMail

[30/07/2008|11:43] C:\Program Files\InstallShield Installation Information

[13/08/2008|16:49] C:\Program Files\Internet Explorer

[29/01/2006|15:59] C:\Program Files\InterVideo

[23/08/2007|13:41] C:\Program Files\ISL

[06/08/2008|11:53] C:\Program Files\Java

[09/02/2006|20:03] C:\Program Files\Java Web Start

[28/03/2007|14:25] C:\Program Files\JeCreeMaCuisineAvecLeroyMerlin

[06/05/2006|20:12] C:\Program Files\Jeux classiques

[20/10/2007|14:16] C:\Program Files\Kodak

[29/01/2006|16:33] C:\Program Files\Learn2.com

[01/02/2006|18:54] C:\Program Files\Logitech

[19/04/2008|15:01] C:\Program Files\Ludiclub

[28/04/2007|14:11] C:\Program Files\MegaWorld

[13/08/2008|16:55] C:\Program Files\Messenger

[29/01/2008|09:15] C:\Program Files\Messenger Plus! Live

[18/03/2008|00:50] C:\Program Files\Micro Application

[12/08/2006|10:05] C:\Program Files\Microsoft

[11/07/2007|21:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[01/01/2003|15:51] C:\Program Files\microsoft frontpage

[08/03/2006|22:42] C:\Program Files\Microsoft Money

[01/01/2008|23:01] C:\Program Files\Microsoft Office

[22/11/2007|22:04] C:\Program Files\Microsoft Picture It! 7

[27/09/2007|12:24] C:\Program Files\Microsoft SQL Server Compact Edition

[21/08/2006|08:45] C:\Program Files\Microsoft Works

[01/01/2003|17:12] C:\Program Files\Microsoft Works Suite 2003

[06/08/2008|16:09] C:\Program Files\Movie Maker

[20/09/2008|14:58] C:\Program Files\Mozilla Firefox

[11/07/2007|21:26] C:\Program Files\Mozilla Firefox(2)(2)

[01/01/2008|23:00] C:\Program Files\MSECache

[22/02/2007|21:21] C:\Program Files\MSN

[01/01/2003|15:46] C:\Program Files\MSN Gaming Zone

[23/12/2007|19:32] C:\Program Files\MSN Messenger

[23/10/2007|21:51] C:\Program Files\MSN Pictures Displayer

[11/07/2007|21:31] C:\Program Files\MSN Reaper

[18/11/2006|10:51] C:\Program Files\MSXML 4.0

[22/07/2008|03:10] C:\Program Files\Multi Virus Cleaner 2008

[29/01/2006|15:57] C:\Program Files\Multimedia Card Reader

[20/04/2007|13:45] C:\Program Files\MUSK Codec Pack v5

[20/09/2008|15:30] C:\Program Files\Navilog1

[27/02/2008|14:42] C:\Program Files\NETGEAR

[06/08/2008|15:58] C:\Program Files\NetMeeting

[26/06/2008|22:53] C:\Program Files\Neuf

[11/07/2007|21:27] C:\Program Files\Norton Security Scan

[16/03/2006|16:50] C:\Program Files\Nullsoft

[29/01/2006|17:48] C:\Program Files\On2 Technologies

[06/08/2008|16:44] C:\Program Files\Outlook Express

[09/04/2008|13:25] C:\Program Files\Pack Securite

[30/07/2008|11:44] C:\Program Files\Panasonic

[13/04/2007|16:55] C:\Program Files\PhotoBox

[11/07/2007|21:27] C:\Program Files\Picasa2

[14/12/2006|20:50] C:\Program Files\PIXELA

[14/04/2006|07:12] C:\Program Files\PixVillage

[26/05/2007|00:06] C:\Program Files\PopCap Games

[10/03/2007|12:33] C:\Program Files\QuickTime

[29/01/2006|18:02] C:\Program Files\QuickZip

[29/01/2006|16:31] C:\Program Files\Real

[01/01/2003|17:32] C:\Program Files\RecordNow!

[30/07/2008|11:46] C:\Program Files\Ringo

[24/10/2007|22:25] C:\Program Files\Samsung

[01/01/2003|18:04] C:\Program Files\Services en ligne

[11/07/2007|21:40] C:\Program Files\Simple DNS Plus

[07/03/2007|22:56] C:\Program Files\Skype

[05/03/2007|20:40] C:\Program Files\Spybot - Search & Destroy

[11/07/2007|21:26] C:\Program Files\Spyware Doctor

[06/08/2008|11:54] C:\Program Files\Sun

[07/08/2006|19:40] C:\Program Files\T‚l‚chargement PHOTOWAYS

[29/01/2006|19:37] C:\Program Files\Temp

[02/01/2008|05:58] C:\Program Files\Titledeletewipe

[25/04/2007|21:03] C:\Program Files\TomTom DesktopSuite

[29/11/2007|16:20] C:\Program Files\TomTom HOME

[28/03/2008|14:46] C:\Program Files\TomTom HOME 2

[21/08/2006|14:07] C:\Program Files\ToniArts

[08/06/2007|21:07] C:\Program Files\Ubi Soft

[01/01/2003|15:56] C:\Program Files\Uninstall Information

[20/03/2007|17:22] C:\Program Files\VideoEgg

[26/06/2008|23:08] C:\Program Files\VideoLAN

[08/06/2007|15:23] C:\Program Files\Weight Watchers FlexiPoints

[09/04/2007|23:05] C:\Program Files\Windows Defender

[27/09/2007|12:23] C:\Program Files\Windows Desktop Search

[27/02/2008|14:46] C:\Program Files\Windows Live

[30/11/2007|07:44] C:\Program Files\Windows Live Favorites

[30/11/2007|07:44] C:\Program Files\Windows Live Toolbar

[15/12/2006|00:13] C:\Program Files\Windows Media Connect 2

[06/08/2008|15:58] C:\Program Files\Windows Media Player

[06/08/2008|15:58] C:\Program Files\Windows NT

[29/01/2006|16:43] C:\Program Files\WindowsUpdate

[11/04/2007|08:05] C:\Program Files\WinRAR

[01/01/2003|15:51] C:\Program Files\xerox

[01/02/2008|00:52] C:\Program Files\XnView

[15/05/2008|12:56] C:\Program Files\XoftSpySE

[29/12/2006|23:28] C:\Program Files\XviD

[24/04/2006|22:13] C:\Program Files\Yahoo!

[28/12/2006|22:58] C:\Program Files\Zero G Registry

[11/07/2007|21:34] C:\Program Files\Zuma Deluxe

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[13/02/2008|14:35] C:\Program Files\Fichiers communs\Adobe

[29/01/2006|17:39] C:\Program Files\Fichiers communs\Ahead

[28/12/2006|22:54] C:\Program Files\Fichiers communs\AOL

[29/01/2006|16:33] C:\Program Files\Fichiers communs\aolback

[17/11/2006|20:22] C:\Program Files\Fichiers communs\aolshare

[07/07/2008|13:54] C:\Program Files\Fichiers communs\Canon

[01/01/2003|17:14] C:\Program Files\Fichiers communs\Designer

[01/02/2006|18:54] C:\Program Files\Fichiers communs\FotoWire

[22/09/2007|12:12] C:\Program Files\Fichiers communs\Hewlett-Packard

[22/09/2007|12:20] C:\Program Files\Fichiers communs\HP

[29/01/2006|17:50] C:\Program Files\Fichiers communs\InstallShield

[29/01/2006|17:54] C:\Program Files\Fichiers communs\Java

[01/02/2006|18:52] C:\Program Files\Fichiers communs\Logitech

[06/12/2006|17:20] C:\Program Files\Fichiers communs\Micro Application Shared

[19/03/2008|14:25] C:\Program Files\Fichiers communs\Microsoft Shared

[01/01/2003|15:47] C:\Program Files\Fichiers communs\MSSoap

[29/01/2006|16:32] C:\Program Files\Fichiers communs\Nullsoft

[01/01/2003|15:41] C:\Program Files\Fichiers communs\ODBC

[15/03/2006|20:49] C:\Program Files\Fichiers communs\PC SOFT

[31/08/2008|17:58] C:\Program Files\Fichiers communs\Real

[30/01/2006|13:53] C:\Program Files\Fichiers communs\Scanner

[01/01/2003|23:26] C:\Program Files\Fichiers communs\Services

[01/01/2003|17:33] C:\Program Files\Fichiers communs\Sonic

[22/09/2007|12:21] C:\Program Files\Fichiers communs\Sonic Shared

[01/01/2003|15:41] C:\Program Files\Fichiers communs\SpeechEngines

[11/07/2007|19:36] C:\Program Files\Fichiers communs\Symantec Shared

[06/08/2008|16:44] C:\Program Files\Fichiers communs\System

[14/11/2007|14:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[24/01/2008|23:07] C:\Program Files\Fichiers communs\Wise Installation Wizard

[31/08/2008|18:00] C:\Program Files\Fichiers communs\xing shared

 

--------------------\\ Process

 

( 66 Processes )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-20 15:36:10

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 865

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\XoftSpySE 4.29.191+ crack.torrent

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92

C:\DOCUME~1\PROPRI~1\Mes documents\generator cle ea games\Keygen ea games.exe

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92\crack nocd

C:\DOCUME~1\PROPRI~1\Mes documents\Les Experts Miami - Jeux Pc Fr - 3Cds Crack Par Tieuma92\crack nocd\csi-miami.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Architecte 3D (Plan Maison Architecture) + crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Zuma Deluxe! v1.0 (crack).exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\3d\temp\KEYGEN.EXE

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\filemap.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsdiags.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\hardware

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\mccroix_s_OF_1.0.rar

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\pes6-keygen.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\pes6.exe

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win.ini

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\Xtras

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic\osver.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\basic\set.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\apppaths-reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\common

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fc-filelist3.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\filelist-fstnb.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\filesystem1.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsav

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsavcs.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsbw.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsma.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc.dpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fssc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\ie.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logfile.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.bpf

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.ipf.bak

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\policy.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\reg_df.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\sidegrade

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\classes.3.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\classes.4.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\access_control\f_secure_home_acl.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\common\dfuninst.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\channelstate.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-content-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-header-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-program-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-root-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-segrules-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua-subscriptions-list.txt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua.dbg

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsaua\fsaua.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsav\services.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui\list.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fsgui\reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\ie_extensions_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\list_root.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fspc\lsp_list_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\fssc\identities_reg.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs\fsma

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\logs\fsma\fsma.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc\fsbwupst.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\misc\fsld.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\ih8.config.xml.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\ilaunchr.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs\custom

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\setup\fstnb\f-secure\logs\custom\custinstall.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\f-secure\sidegrade\2492.3164.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua\registry-config.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\fsaua\registry-handlers.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\hardware\hardware.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\ipconfig.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netstart.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netstat.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\netuse.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\nic.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\nslookup.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\ping.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\network\route.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\application.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\security.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\eventlog\system.evt

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_rename.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_run.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\win\registry\reg_srv.log

C:\DOCUME~1\PROPRI~1\Mes documents\NICO\Crack\Xtras\INetURL.x32

C:\DOCUME~1\PROPRI~1\Mes documents\trivial\Crack

 

 

[F:7][D:3]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp

[F:112][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies

[F:5059][D:14]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 17/09/2008|23:21 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 20/09/2008|15:40 - Option : [2]

 

--------------------\\ Fin du rapport a 15:40:36

 

-------------------------

4/ move it

C:\DOCUME~1\PROPRI~1\APPLIC~1\Titledeletewipe moved successfully.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\mediaknobbowsmapi moved successfully.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\play gpl wait idol moved successfully.

File/Folder C:\Program Files\Titledeletewipe not found.

< EmptyTemp >

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF7A64.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF7DCA.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFF7A5.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~WRF0000.tmp scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\nvcbin.def.2F610BFA.TMP scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5e4.dat scheduled to be deleted on reboot.

Temp folders emptied.

IE temp folders emptied.

 

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09202008_154446

 

Files moved on Reboot...

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\hpodvd09.log moved successfully.

File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF7A64.tmp not found!

File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF7DCA.tmp not found!

File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFF7A5.tmp not found!

File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~WRF0000.tmp not found!

File move failed. C:\WINDOWS\temp\nvcbin.def.2F610BFA.TMP scheduled to be moved on reboot.

C:\WINDOWS\temp\Perflib_Perfdata_5e4.dat moved successfully.

 

----------------------------

4 hijack this

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:02:30, on 20/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

C:\Program Files\Pack Securite\Common\FSMA32.EXE

C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Pack Securite\Common\FSMB32.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Pack Securite\Common\FCH32.EXE

C:\Program Files\Pack Securite\Common\FAMEH32.EXE

C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe

C:\Program Files\Pack Securite\FSPC\fspc.exe

C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe

C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

C:\Program Files\Pack Securite\FSAUA\program\fsus.exe

C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Pack Securite\Common\FSM32.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Pack Securite\FSGUI\fsguidll.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\Neuf\Widget Neuf\9widget.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\NETGEAR\WG111T\wlan111t.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Propriétaire\Mes documents\NICO\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {98C3BDF2-BC1E-8E2E-CFDE-1E24FBAB6796} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Anniversaires] C:\Program Files\Anniversaires\Rappel.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\Propriétaire\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe

O4 - HKCU\..\Run: [sizedrv] C:\DOCUME~1\PROPRI~1\APPLIC~1\TITLED~1\AUDIOTONSSIGN.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab

O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://nicofanny.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} (AOL Newport Editor Ctrl) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.6.0.6.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149827349843

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nicofanny.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.servicesalacarte.wanad...gamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer = 192.168.1.1

O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe (file missing)

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)

 

--

End of file - 15414 bytes

 

bonne chnace

nico

nicolas72800 Junior Member

nicolas72800

Posté(e)
  • Auteur
Posté(e)

salut chrifleur et meric pour ton aide

j ai un ordi qui commence a ressembler a un ordi

pour le msg du dessus j'ai du faire une fausse manip

voici les rapports demandes

 

Malwarebytes' Anti-Malware 1.28

Version de la base de données: 1184

Windows 5.1.2600 Service Pack 3

 

21/09/2008 22:48:38

mbam-log-2008-09-21 (22-48-37).txt

 

Type de recherche: Examen complet (C:\|)

Eléments examinés: 184477

Temps écoulé: 5 hour(s), 27 minute(s), 9 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 27

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 33

Fichier(s) infecté(s): 998

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\winantispyware 2006 free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\notes (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\Program Files\VideoEgg\Loader\2663\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Mes documents\LOGICIEL\win rar\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Casino\Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\msvcp71.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\msvcr71.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\shfolder.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\UNWISE.INI (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\vistaelevator.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\zlib1.dll (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\beta_build_number.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_extra.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\fcs_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\fcs_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\fc_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\gamelimits.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\oh_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\oh_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\panel_top_messages.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_actions.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\sc_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tel_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\cache\729\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\allin_popup_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\beta_build_number.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\bkg_playerlist.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\bkg_playernotes.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_extra.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_game.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_join.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_join_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_timebank.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\but_timebank_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\chatpanel_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\fcs_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\fcs_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\fc_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gamelimits.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gre_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\icon_mute_unmute_notes.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\input_additional_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\menu_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\menu_window_headers.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\oh_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\oh_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_game_small.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_game_small_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\panel_top_messages.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_bkg_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_font_10p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_makechoice_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\poker_pucks_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\pol_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\popupbkg.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_actions.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_actions_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_active.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_active_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_inactive.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_inactive_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\pot_bets.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\rus_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\sc_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tablelimits_bkg_mini.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tablelimits_header.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tablelimits_minmax.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tab_ladder.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tab_promos.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tel_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\timeslider_mini.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tournamentinfo_bkg.png (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tur_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0648.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0649.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0701.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0702.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0703.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0704.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0705.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0706.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0707.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0709.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0710.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0711.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0712.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0713.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0714.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0715.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0717.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0718.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0719.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0720.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0721.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0722.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0728.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0734.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\history_0735.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session-1.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session107052027.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session107054522.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session107057577.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session110253164.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session39123578.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session39124392.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session39914520.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session39915874.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session40309926.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session44750847.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session44755379.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session44756386.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session44759038.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session44813417.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session46646506.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session46649508.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session46656264.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session46657140.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47015708.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47019856.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47024584.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47028508.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47031341.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47142126.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47142603.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47291287.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47565418.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47670560.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47671967.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47673211.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47735108.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47747948.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47751279.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47756900.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47757135.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47763293.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session47887583.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48087963.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48228904.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48629224.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48828069.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48830430.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session48834495.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49014746.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49083786.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49225030.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49410751.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49911305.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49917352.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session49921470.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session50233244.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session50238261.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session50312085.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session50711868.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session51428829.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session51664921.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session53440722.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session53442139.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session53481617.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session53691605.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session53783886.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session60756625.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session61903048.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63122725.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63188043.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63321405.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63323441.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63329338.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63329901.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63417204.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63424424.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63426311.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63788843.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63906610.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session63909947.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64116234.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64261810.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64599613.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64604311.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64766957.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64770467.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64854212.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64856608.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session64861938.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session65037630.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session65038283.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66210618.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66228118.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66429057.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66515088.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66522753.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66617890.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66912127.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66912803.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session66916049.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67015411.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67292661.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67368270.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67385570.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67784336.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67785975.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67790060.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67792746.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67872283.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67882496.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67892874.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67896715.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67903801.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67990795.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session67997933.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session68682607.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session70139279.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session70147172.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session77527995.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session77531639.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session79130416.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80111454.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80112406.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80127780.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80129691.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80137212.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80143709.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80229988.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80234252.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80287823.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80335429.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80474629.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80747322.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session80878081.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session81168576.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session81176171.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session81261997.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session82437594.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session82604059.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session82608296.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session84095808.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session84352289.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session84362297.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session84367406.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session84539705.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session86330120.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session86331706.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session86552929.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session97186851.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\session97507087.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\647809\stats_GAME_THM.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\history_0809.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\history_0810.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\session161621507.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\session161630287.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\session165408321.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\history\660258\stats_GAME_THM.xml (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\notes\647809.txt (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\100k-weekly.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\banner_boss_deauville.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\banner_boss_irish_245x360.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\banner_boss_montecarlo.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\banner_boss_wsop_245x360.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\New-World.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\players_club_software.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\pp_client_360.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\pp_client_360_sept.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\pp_client_montecarlo_245x180.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\RUSH_client.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\promo\wsop_2008_software.jpg (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\sfx\p_welcome.mp3 (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\game_common_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\game_panel_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\omaha_main_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\texas_main_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\dataCollection.tmp (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\remoteblacklist (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\Application Data\VideoEgg\Updater\4458\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Propriétaire\results.txt (Malware.Trace) -> Quarantined and deleted successfully.

-------------------------------------

et le hijack

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:57:39, on 21/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

C:\Program Files\Pack Securite\Common\FSMA32.EXE

C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Pack Securite\Common\FSMB32.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Pack Securite\Common\FCH32.EXE

C:\Program Files\Pack Securite\Common\FAMEH32.EXE

C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe

C:\Program Files\Pack Securite\FSPC\fspc.exe

C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Pack Securite\Common\FSM32.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Pack Securite\FSGUI\fsguidll.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Pack Securite\FSAUA\program\fsus.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\NETGEAR\WG111T\wlan111t.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Documents and Settings\Propriétaire\Mes documents\NICO\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {98C3BDF2-BC1E-8E2E-CFDE-1E24FBAB6796} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1163787723\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Anniversaires] C:\Program Files\Anniversaires\Rappel.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\Propriétaire\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe

O4 - HKCU\..\Run: [sizedrv] C:\DOCUME~1\PROPRI~1\APPLIC~1\TITLED~1\AUDIOTONSSIGN.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_6_0\Ghost (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab

O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.5.0.4.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://nicofanny.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} (AOL Newport Editor Ctrl) - http://o.aolcdn.com/pictures/ap/Resources/...ns.10.6.0.6.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149827349843

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://nicofanny.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.servicesalacarte.wanad...gamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BFFEA0CC-6D3F-422F-A726-864FF39DDA19}: NameServer = 192.168.1.1

O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe (file missing)

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)

 

--

End of file - 15225 bytes

merci pour ta perseverence et bon courage.

nico

chrifleur Full Patch Member

chrifleur

Posté(e)
Posté(e)

Clique sur « Démarrer » > « Exécuter » ; ensuite, dans la lucarne de saisie, coller ce qui est en gras (recommencer pour chacune des trois commandes suivantes) :

1°- sc stop WLTRYSVC

valide avec [OK]

2°- sc config WLTRYSVC start= disabled

[OK]

3°- sc delete WLTRYSVC

[OK]

 

 

lance hijackt his pour un scan toutes applications fermées et hors internet et coche ces lignes si encore présentes

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKCU\..\Run: [sizedrv] C:\DOCUME~1\PROPRI~1\APPLIC~1\TITLED~1\AUDIOTONSSIGN.exe

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)

clique sur fix checked

Télécharge OTMoveIT (de Old_Timer) sur ton Bureau.

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

Clique double sur OTMoveIT.exe pour le lancer.

copie la liste qui se trouve en citation ci-dessous,

c:\program files\titled~1\audiotonssign.exe

c:\windows\system32\wltrysvc.exe

c:\program files\titled~1

EmptyTemp

 

 

et colle-la dans le cadre de gauche de OTMoveIT :

Paste List of Files/Folders to be moved.

 

Clique sur MoveIt! pour lancer la suppression.

le résultat apparaîtra dans le cadre Results.

Clique sur Exit pour fermer.

Poste le rapport situé dans C:\\\_OTMoveIT\MovedFiles.

 

Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.

si c'est le cas accepte par Yes.

 

 

suis ce tutoriel et poste le rapport obtenu

http://forum.pcastuces.com/bitdefender_onl...oriel-f31s2.htm

nicolas72800 Junior Member

nicolas72800

Posté(e)
  • Auteur
Posté(e)

salut chrifleur

comme demandes je t envoie les rapports mais j'espère que cela va convenir car j ai suivi le tutorial de bit defender mais j ai pas pu régler activeX comme demandés car j avais pas accès aux options internet (icone vide)

 

rapport OT MOVE IT

File/Folder c:\program files\titled~1\audiotonssign.exe not found.

File/Folder c:\windows\system32\wltrysvc.exe not found.

File/Folder c:\program files\titled~1 not found.

< EmptyTemp >

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFB00F.tmp scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\AVP21D2.tmp scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\AVP21D3.tmp scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\nvcbin.def.2F610BFA.TMP scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_250.dat scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\TMP000005AC3821D8EDAB498B17 scheduled to be deleted on reboot.

Temp folders emptied.

IE temp folders emptied.

 

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09262008_174743

 

RAPPORT BIT DEFENDER

 

 

BitDefender Online Scanner

 

 

 

 

 

 

 

Rapport d'analyse généré à: Fri, Sep 26, 2008 - 20:52:17

 

 

 

 

 

 

 

 

 

Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Statistiques

 

Temps

 

 

01:11:45

 

Fichiers

 

 

130463

 

Directoires

 

 

12736

 

Secteurs de boot

 

 

0

 

Archives

 

 

2940

 

Paquets programmes

 

 

9285

 

 

 

 

 

 

 

Résultats

 

Virus identifiés

 

 

2

 

Fichiers infectés

 

 

3

 

Fichiers suspects

 

 

0

 

Avertissements

 

 

0

 

Désinfectés

 

 

0

 

Fichiers effacés

 

 

3

 

 

 

 

 

 

 

Info sur les moteurs

 

Définition virus

 

 

1815679

 

Version des moteurs

 

 

AVCORE v1.7 (build 8314.19) (i386) (Sep 10 2008 19:37:42)

 

Analyse des plugins

 

 

16

 

Archive des plugins

 

 

43

 

Unpack des plugins

 

 

7

 

E-mail plugins

 

 

6

 

Système plugins

 

 

4

 

 

 

 

 

 

 

Paramètres d'analyse

 

Première action

 

 

Désinfecté

 

Seconde Action

 

 

Supprimé

 

Heuristique

 

 

Oui

 

Acceptez les avertissements

 

 

Oui

 

Extensions analysées

 

 

exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;pp

t;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm

;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

 

Excludez les extensions

 

 

 

 

Analyse d'emails

 

 

Oui

 

Analyse des Archives

 

 

Oui

 

Analyser paquets programmes

 

 

Oui

 

Analyse des fichiers

 

 

Oui

 

Analyse de boot

 

 

Oui

 

 

 

 

 

 

 

 

Fichier analysé

 

 

Statut

 

C:\Documents and Settings\Propriétaire\Mes documents\trivial\GAMESPY ARCADE\ArcadeInstall.EXE=>wise0012

 

 

Détecté avec: Adware.Gamespyarcade.F

 

C:\Documents and Settings\Propriétaire\Mes documents\trivial\GAMESPY ARCADE\ArcadeInstall.EXE=>wise0012

 

 

Supprimé

 

C:\Documents and Settings\Propriétaire\Mes documents\trivial\GAMESPY ARCADE\ArcadeInstall.EXE

 

 

Echec de la mise à jour

 

C:\hp\bin\Terminator.exe

 

 

Détecté avec: Application.Prockill.B

 

C:\hp\bin\Terminator.exe

 

 

Echec de la désinfection

 

C:\hp\bin\Terminator.exe

 

 

Supprimé

 

C:\System Volume Information\_restore{BCBB538F-4B22-4C6E-BAFD-9A806D251BB2}\RP1121\A0262012.exe

 

 

Détecté avec: Application.Prockill.B

 

C:\System Volume Information\_restore{BCBB538F-4B22-4C6E-BAFD-9A806D251BB2}\RP1121\A0262012.exe

 

 

Echec de la désinfection

 

C:\System Volume Information\_restore{BCBB538F-4B22-4C6E-BAFD-9A806D251BB2}\RP1121\A0262012.exe

 

 

Supprimé

 

 

 

j espere que c'est la bonne forme d'affichage du rapport.

merci de ton aide a bientot

nico

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...