Il y a actuellement 403 visiteurs
Dimanche 22 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

infesté par Win32: Rootkit-gen (Rtk) Bis

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 18:06

Bonjour,
J'ai le meme probleme !
J'ai fait ce qu'a dit bernard53.
Je copie colle le compte rendu
ComboFix 10-02-12.01 - Cécilia 17/02/2010 17:46:40.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1022.463 [GMT 1:00]
Lancé depuis: c:\documents and settings\Cécilia\Mes documents\Téléchargements\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 100217-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Automated Content Enhancer
c:\program files\Automated Content Enhancer\4.1.0.5290\ACECommon.dll
c:\program files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll
c:\program files\Automated Content Enhancer\4.1.0.5290\ACEpx.exe
c:\program files\Automated Content Enhancer\4.1.0.5290\Data\config.md
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome.manifest
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\ACEAddOn.jar
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\content\ACEAddOn.js
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\content\ACEAddOn.xul
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.dll
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.xpt
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFHelperComponent.js
c:\program files\Automated Content Enhancer\4.1.0.5290\FF\install.rdf
c:\program files\Automated Content Enhancer\4.1.0.5290\lri.dll
c:\program files\Automated Content Enhancer\4.1.0.5290\protectEXE20091215.log
c:\program files\Automated Content Enhancer\4.1.0.5290\unins000.dat
c:\program files\Automated Content Enhancer\4.1.0.5290\unins000.exe
c:\program files\Customized Platform Advancer
c:\program files\Customized Platform Advancer\4.1.0.1960\CPACommon.dll
c:\program files\Customized Platform Advancer\4.1.0.1960\CPAHelper.exe
c:\program files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll
c:\program files\Customized Platform Advancer\4.1.0.1960\CPApx.exe
c:\program files\Customized Platform Advancer\4.1.0.1960\Data\config.md
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome.manifest
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\content\CPAAddOn.js
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\content\CPAAddOn.xul
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\CPAAddOn.jar
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.dll
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.xpt
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFHelperComponent.js
c:\program files\Customized Platform Advancer\4.1.0.1960\FF\install.rdf
c:\program files\Customized Platform Advancer\4.1.0.1960\lri.dll
c:\program files\Customized Platform Advancer\4.1.0.1960\protectEXE20091215.log
c:\program files\Customized Platform Advancer\4.1.0.1960\unins000.dat
c:\program files\Customized Platform Advancer\4.1.0.1960\unins000.exe
c:\program files\Web Search Operator
c:\program files\Web Search Operator\4.1.0.2080\Data\config.md
c:\program files\Web Search Operator\4.1.0.2080\FF\chrome.manifest
c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\content\WSOAddOn.js
c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\content\WSOAddOn.xul
c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\WSOAddOn.jar
c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.dll
c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.xpt
c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFHelperComponent.js
c:\program files\Web Search Operator\4.1.0.2080\FF\install.rdf
c:\program files\Web Search Operator\4.1.0.2080\lri.dll
c:\program files\Web Search Operator\4.1.0.2080\unins000.dat
c:\program files\Web Search Operator\4.1.0.2080\unins000.exe
c:\program files\Web Search Operator\4.1.0.2080\wso.dll------
c:\program files\Web Search Operator\4.1.0.2080\WSO.dll
c:\program files\Web Search Operator\4.1.0.2080\WSOCommon.dll
c:\program files\Web Search Operator\4.1.0.2080\WSOpx.exe
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe
c:\windows\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe
c:\windows\system32\18467.exe
c:\windows\system32\afsjriuu.ini
c:\windows\system32\ayadd.ini
c:\windows\system32\qtutv.bak1
c:\windows\system32\qtutv.bak2
c:\windows\system32\qtutv.ini
c:\windows\system32\qtutv.tmp
c:\windows\system32\rqtwa.ini
c:\windows\system32\smss32.exe
c:\windows\system32\swhaulbr.ini
c:\windows\system32\vvmdwwur.ini

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-17 au 2010-02-17 ))))))))))))))))))))))))))))))))))))
.

2010-02-17 16:17 . 2010-02-17 16:17 -------- d--h--w- c:\windows\PIF
2010-02-17 16:09 . 2010-02-17 16:09 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Windows Search
2010-02-17 16:02 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-02-17 16:02 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-02-17 16:02 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-17 16:02 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-17 16:01 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-17 16:01 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\dllcache\changer.sys
2010-02-17 16:00 . 2010-02-17 16:00 -------- d-----w- c:\program files\Securityessentials2010
2010-02-17 16:00 . 2008-04-13 18:51 59904 ----a-w- c:\windows\system32\drivers\atmarpc.sys
2010-02-17 16:00 . 2008-04-13 18:51 59904 ----a-w- c:\windows\system32\dllcache\atmarpc.sys
2010-02-17 15:59 . 2010-02-17 16:00 1496576 ----a-w- c:\windows\system32\ES15.exe
2010-02-17 15:59 . 2010-02-17 15:59 24576 ----a-w- c:\windows\system32\helpers32.dll
2010-02-14 17:31 . 2010-02-14 17:38 -------- d-----w- c:\program files\Navilog1
2010-02-14 15:57 . 2007-05-30 12:10 10872 ----a-w- c:\windows\system32\drivers\AvgAsCln.sys
2010-02-14 15:57 . 2010-02-14 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Grisoft
2010-02-14 15:44 . 2010-02-14 15:44 -------- d-----w- c:\program files\CCleaner
2010-02-02 18:29 . 2010-02-02 18:29 -------- d-----w- c:\program files\neuf Talk

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 15:57 . 2010-02-17 15:57 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\cqfyto.dat
2010-02-15 19:05 . 2006-11-21 17:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-10 20:20 . 2008-10-24 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-22 11:28 . 2006-11-17 10:54 -------- d-----w- c:\program files\QuickTime
2010-01-22 11:25 . 2006-02-19 22:44 -------- d-----w- c:\program files\Java
2010-01-22 11:18 . 2009-07-05 17:26 -------- d-----w- c:\program files\RegCure
2010-01-07 20:21 . 2010-01-07 20:21 61268 ----a-w- c:\windows\system32\sndvol32.zip
2010-01-05 09:56 . 2004-08-05 08:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:56 . 2004-08-05 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:56 . 2004-08-05 08:00 17408 ------w- c:\windows\system32\corpol.dll
2010-01-02 15:51 . 2006-10-05 16:34 -------- d-----w- c:\program files\Sony
2010-01-02 15:49 . 2006-06-02 16:44 -------- d-----w- c:\program files\Fichiers communs\Nikon
2010-01-02 15:48 . 2006-02-19 23:18 -------- d-----w- c:\program files\Google
2010-01-02 15:47 . 2006-02-19 22:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-02 15:47 . 2006-06-02 16:45 -------- d-----w- c:\program files\Nikon
2010-01-02 15:01 . 2007-11-07 20:53 -------- d-----w- c:\program files\DivX
2010-01-02 14:58 . 2008-09-10 18:14 -------- d-----w- c:\program files\adslTV
2009-12-31 16:50 . 2004-08-05 08:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-26 18:35 . 2009-12-26 18:25 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-12-26 18:33 . 2009-12-26 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2009-12-26 18:32 . 2009-12-26 18:30 -------- d-----w- c:\program files\Epson Software
2009-12-26 18:32 . 2009-12-26 18:25 -------- d-----w- c:\program files\epson
2009-12-26 18:30 . 2009-12-26 18:29 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-12-26 10:11 . 2009-12-15 18:42 -------- d-----w- c:\program files\QuestService
2009-12-17 07:41 . 2008-04-14 02:34 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2004-08-05 08:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 13:06 . 2009-12-15 18:44 46456 ----a-w- c:\documents and settings\All Users\Application Data\QuestService\questservice111.exe
2009-12-09 10:09 . 2004-08-05 08:00 2068096 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:09 . 2004-08-05 08:00 2191232 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-04 18:22 . 2004-08-05 08:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:13 . 2004-08-05 08:00 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 17:13 . 2004-08-05 08:00 1297920 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 16:08 . 2004-08-05 08:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:08 . 2004-08-05 08:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:08 . 2004-08-05 08:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:08 . 2004-08-05 08:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:08 . 2004-08-05 08:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 15:58 . 2004-08-05 08:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2006-05-05 18:08 . 2006-05-05 18:08 22 -csha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
2009-12-15 13:14 1323008 ----a-w- c:\program files\Content Management Wizard\1.1.0.1990\CMWIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
2009-12-09 16:49 376832 ----a-w- c:\program files\Textual Content Provider\1.1.0.1810\TCPIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Security essentials 2010"="c:\program files\Securityessentials2010\SE2010.exe" [2010-02-17 1496576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 344064]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2005-12-12 94208]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2003-12-16 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2003-12-16 77824]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"TVPService"="c:\program files\HP\TVPlay\TVPService.exe" [2005-12-16 135168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\documents and settings\C‚cilia\Menu D‚marrer\Programmes\D‚marrage\
monnid32.exe [2008-4-14 28160]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 ----a-w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe]
2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2008-12-04 12:24 665424 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-09-15 00:27 1015808 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-15 00:29 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\TVPlay\\TVPlay.exe"=
"c:\\Program Files\\HP\\TVPlay\\TVPService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\neuf Talk\\neuf Talk.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31/03/2008 05:55 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31/03/2008 05:55 20560]
R2 CyberLink Media Library Service(HP TVPlay);CyberLink Media Library Service(HP TVPlay);c:\program files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe [30/09/2007 18:08 1073152]
R2 TVPCapSvc;CyberLink Background Capture Service (CBCS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe [30/09/2007 18:09 258147]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [22/08/2005 10:06 231424]
R3 MODBDA2;DiBcom MOD3000 TV receiver;c:\windows\system32\drivers\modbda2.sys [04/06/2005 01:56 30464]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19/06/2009 16:14 721904]
S2 QuestService Service;QuestService Service;c:\documents and settings\All Users\Application Data\QuestService\questservice111.exe [15/12/2009 19:44 46456]
S2 TVPSched;CyberLink Task Scheduler (CTS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPSched.exe [30/09/2007 18:09 114785]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2010-02-15 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 07:23]

2010-02-17 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2009-12-11 19:00]

2010-02-17 c:\windows\Tasks\RegCure Startup.job
- c:\program files\RegCure\RegCure.exe [2009-12-11 19:00]

2010-01-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2009-12-11 19:00]

2009-01-19 c:\windows\Tasks\shutdown.job
- c:\windows\system32\shutdown.exe [2004-08-05 02:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.theprizeday.com/today.php
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?18e9f3ecc3354fdfb91ef1e7995a08ac
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?18e9f3ecc3354fdfb91ef1e7995a08ac
LSP: c:\windows\system32\helpers32.dll
Trusted Zone: buy-security-essentials.com
Trusted Zone: download-soft-package.com
Trusted Zone: download-software-package.com
Trusted Zone: get-key-se10.com
Trusted Zone: is-software-download.com
Trusted Zone: buy-security-essentials.com
Trusted Zone: get-key-se10.com
FF - ProfilePath - c:\documents and settings\Cécilia\Application Data\Mozilla\Firefox\Profiles\1a52zefv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|ht ... orange.fr/
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - component: c:\documents and settings\Cécilia\Application Data\Mozilla\Firefox\Profiles\1a52zefv.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{42C7C39F-3128-4a17-BDB7-91C46032B5B9} - c:\program files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll
BHO-{8AF32A69-1372-4C4E-B657-94DA8D58FFC0} - (no file)
BHO-{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - c:\program files\Web Search Operator\4.1.0.2080\wso.dll
WebBrowser-{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - (no file)
HKCU-Run-smss32.exe - c:\windows\system32\smss32.exe
Notify-vtutq - c:\windows\system32\vtutq.dll
SafeBoot-AVG Anti-Spyware Driver



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 17:54
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe??????????s?n??|?????? ???B?????????????hLC? ??????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2010-02-17 17:57:38
ComboFix-quarantined-files.txt 2010-02-17 16:57

Avant-CF: 17 895 985 152 octets libres
Après-CF: 17 867 370 496 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

- - End Of File - - C87F4B17F8C04A657C867FAB3925513F
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 


Re: infesté par Win32: Rootkit-gen (Rtk)

Message le 17 Fév 2010 19:45

bonsoir Naulen

Ce post appartiens a quelqu'un d'autres donc j'ai fait une demande pour qu'il soit déplacé et ainsi moi ou une autre personne viendra d'aider.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Message le 17 Fév 2010 19:51

Topic divisé et titre légèrement modifié.

Bonne continuation ;).
Avatar de l'utilisateur
Skynet
Moderateur
Moderateur
 
Messages: 14807
Inscription: 19 Juil 2007 21:12
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 19:57

Merci Skynet

Naulen je regarde ton rapport et te donne la suite.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 20:01

ok. Merci
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 20:14

ceci a suivre

Ouvre le Menu Démarrer > Exécuter (Touche Windows+ R : en raccourci)

Dans la boîte de dialogue, copie/colle tout ce qui est en citation ci-dessous :
fsutil file createnew "%userprofile%\bureau\CFScript.txt" 0



Puis valide

2/ Ouvre CFScript.txt (sur ton Bureau) . > copie dedans cette nouvelle citation :
File::
c:\windows\system32\ES15.exe
c:\windows\system32\helpers32.dll
c:\windows\system32\config\systemprofile\Application Data\cqfyto.dat
c:\windows\Tasks\RegCure Program Check.job
c:\windows\Tasks\RegCure Startup.job
c:\windows\Tasks\RegCure.job
Folder::
c:\program files\Securityessentials2010
c:\program files\RegCure
c:\program files\QuestService
c:\documents and settings\All Users\Application Data\QuestService
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Security essentials 2010"=-




Fait un glisser/déposer de ce fichier CFScript.txt sur le fichier ComboFix.exe comme sur la capture:

Image


Une fenêtre bleue va apparaître et ComboFix vas de nouveau faire une analyse.

Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 20:40

Des le départ j'ai un problème, lorsque je copie colle dans la boite de dialogue et que je valide, une fenetre s'ouvre aussitot pour se refermer sans que je puisse voir quoique ce soit
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 20:41

tu as réussi a créé CFScript.txt ou pas!
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 21:28

J'ai réussi à tout faire.
Voici le nouveau rapport
ComboFix 10-02-12.01 - Cécilia 17/02/2010 21:04:23.2.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1022.520 [GMT 1:00]
Lancé depuis: c:\documents and settings\Cécilia\Mes documents\Téléchargements\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Cécilia\Bureau\CFScript.txt
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

FILE ::
"c:\windows\system32\config\systemprofile\Application Data\cqfyto.dat"
"c:\windows\system32\ES15.exe"
"c:\windows\system32\helpers32.dll"
"c:\windows\Tasks\RegCure Program Check.job"
"c:\windows\Tasks\RegCure Startup.job"
"c:\windows\Tasks\RegCure.job"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\QuestService
c:\documents and settings\All Users\Application Data\QuestService\questservice111.exe
c:\program files\QuestService
c:\program files\QuestService\questservice.exe
c:\program files\QuestService\uninstall.exe
c:\program files\RegCure
c:\program files\RegCure\0_days.htm
c:\program files\RegCure\1_days.htm
c:\program files\RegCure\15_days.htm
c:\program files\RegCure\2_days.htm
c:\program files\RegCure\30_days.htm
c:\program files\RegCure\5_days.htm
c:\program files\RegCure\Animated-Bar.gif
c:\program files\RegCure\AutoUpdate.dll
c:\program files\RegCure\blue_duo.jpg
c:\program files\RegCure\buttonfill.jpg
c:\program files\RegCure\buttonfill_expire.jpg
c:\program files\RegCure\buttonfill_mo.jpg
c:\program files\RegCure\buttonfill_mo_expire.jpg
c:\program files\RegCure\BuyNags.htm
c:\program files\RegCure\center_gradient.jpg
c:\program files\RegCure\container_content_bkimg.gif
c:\program files\RegCure\container_content_leftimg.gif
c:\program files\RegCure\container_content_rightimg.gif
c:\program files\RegCure\contentwrapper.gif
c:\program files\RegCure\email.htm
c:\program files\RegCure\expire.css
c:\program files\RegCure\footerbar.gif
c:\program files\RegCure\green_duo.jpg
c:\program files\RegCure\help.chm
c:\program files\RegCure\info_bubble.jpg
c:\program files\RegCure\left_gradient.jpg
c:\program files\RegCure\logo.jpg
c:\program files\RegCure\Logs\SystemInfo.zip
c:\program files\RegCure\LogSettings.xml
c:\program files\RegCure\main.css
c:\program files\RegCure\main_nag.css
c:\program files\RegCure\main_showstats.css
c:\program files\RegCure\package_titlebar_bkimg.jpg
c:\program files\RegCure\process-animation.gif
c:\program files\RegCure\RegCure.exe
c:\program files\RegCure\regcure.gif
c:\program files\RegCure\right_gradient.jpg
c:\program files\RegCure\settings.xml
c:\program files\RegCure\showstats.htm
c:\program files\RegCure\small_vbxregcure.jpg
c:\program files\RegCure\special_offer.jpg
c:\program files\RegCure\special_offer_nag.jpg
c:\program files\RegCure\subtitlebar.gif
c:\program files\RegCure\tile_titlebar.jpg
c:\program files\RegCure\Tip1.html
c:\program files\RegCure\Tip10.html
c:\program files\RegCure\Tip11.html
c:\program files\RegCure\Tip12.html
c:\program files\RegCure\Tip13.html
c:\program files\RegCure\Tip14.html
c:\program files\RegCure\Tip15.html
c:\program files\RegCure\Tip2.html
c:\program files\RegCure\Tip3.html
c:\program files\RegCure\Tip4.html
c:\program files\RegCure\Tip5.html
c:\program files\RegCure\Tip6.html
c:\program files\RegCure\Tip7.html
c:\program files\RegCure\Tip8.html
c:\program files\RegCure\Tip9.html
c:\program files\RegCure\titlebar_left.jpg
c:\program files\RegCure\titlebar_right.jpg
c:\program files\RegCure\tp.css
c:\program files\RegCure\TrialPay.htm
c:\program files\RegCure\underline.gif
c:\program files\RegCure\uninst.exe
c:\program files\RegCure\zlibwapi.dll
c:\program files\Securityessentials2010
c:\program files\Securityessentials2010\SE2010.exe
c:\windows\system32\config\systemprofile\Application Data\cqfyto.dat
c:\windows\system32\ES15.exe
c:\windows\system32\helpers32.dll
c:\windows\Tasks\RegCure Program Check.job
c:\windows\Tasks\RegCure Startup.job
c:\windows\Tasks\RegCure.job

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_QuestService_Service
-------\Service_QuestService Service


((((((((((((((((((((((((((((( Fichiers créés du 2010-01-17 au 2010-02-17 ))))))))))))))))))))))))))))))))))))
.

2010-02-17 19:03 . 2010-02-17 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-17 16:17 . 2010-02-17 16:17 -------- d--h--w- c:\windows\PIF
2010-02-17 16:09 . 2010-02-17 16:09 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Windows Search
2010-02-17 16:02 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-02-17 16:02 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-02-17 16:02 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-17 16:02 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-17 16:01 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-17 16:01 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\dllcache\changer.sys
2010-02-17 16:00 . 2008-04-13 18:51 59904 ----a-w- c:\windows\system32\drivers\atmarpc.sys
2010-02-17 16:00 . 2008-04-13 18:51 59904 ----a-w- c:\windows\system32\dllcache\atmarpc.sys
2010-02-14 17:31 . 2010-02-17 17:14 -------- d-----w- c:\program files\Navilog1
2010-02-14 15:57 . 2007-05-30 12:10 10872 ----a-w- c:\windows\system32\drivers\AvgAsCln.sys
2010-02-14 15:57 . 2010-02-14 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Grisoft
2010-02-14 15:44 . 2010-02-14 15:44 -------- d-----w- c:\program files\CCleaner
2010-02-02 18:29 . 2010-02-02 18:29 -------- d-----w- c:\program files\neuf Talk

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 20:19 . 2010-02-17 20:19 0 ----a-w- c:\windows\system32\41.exe
2010-02-17 20:19 . 2010-02-17 20:19 -------- d-----w- c:\program files\Securityessentials2010
2010-02-17 20:19 . 2010-02-17 20:19 1496576 ----a-w- c:\windows\system32\ES15.exe
2010-02-17 20:19 . 2010-02-17 20:19 24576 ----a-w- c:\windows\system32\helpers32.dll
2010-02-17 20:19 . 2010-02-17 20:19 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-02-17 20:17 . 2010-02-17 20:18 39936 ----a-w- c:\windows\system32\winlogon32.exe
2010-02-17 20:17 . 2010-02-17 20:18 39936 ----a-w- c:\windows\system32\smss32.exe
2010-02-17 20:17 . 2010-02-17 20:17 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\cqfyto.dat
2010-02-17 19:19 . 2006-11-21 17:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-17 19:18 . 2006-12-18 18:10 -------- d-----w- c:\program files\Alwil Software
2010-02-11 18:53 . 2006-12-18 18:10 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2006-12-18 18:10 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:42 . 2006-12-18 18:10 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2008-03-31 04:55 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2006-12-18 18:10 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2006-12-18 18:10 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2006-12-18 18:10 94800 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2008-03-31 04:55 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2006-12-18 18:10 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-10 20:20 . 2008-10-24 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-22 11:28 . 2006-11-17 10:54 -------- d-----w- c:\program files\QuickTime
2010-01-22 11:25 . 2006-02-19 22:44 -------- d-----w- c:\program files\Java
2010-01-07 20:21 . 2010-01-07 20:21 61268 ----a-w- c:\windows\system32\sndvol32.zip
2010-01-05 09:56 . 2004-08-05 08:00 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:56 . 2004-08-05 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:56 . 2004-08-05 08:00 17408 ------w- c:\windows\system32\corpol.dll
2010-01-02 15:51 . 2006-10-05 16:34 -------- d-----w- c:\program files\Sony
2010-01-02 15:49 . 2006-06-02 16:44 -------- d-----w- c:\program files\Fichiers communs\Nikon
2010-01-02 15:48 . 2006-02-19 23:18 -------- d-----w- c:\program files\Google
2010-01-02 15:47 . 2006-02-19 22:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-02 15:47 . 2006-06-02 16:45 -------- d-----w- c:\program files\Nikon
2010-01-02 15:01 . 2007-11-07 20:53 -------- d-----w- c:\program files\DivX
2010-01-02 14:58 . 2008-09-10 18:14 -------- d-----w- c:\program files\adslTV
2009-12-31 16:50 . 2004-08-05 08:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-26 18:35 . 2009-12-26 18:25 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-12-26 18:33 . 2009-12-26 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2009-12-26 18:32 . 2009-12-26 18:30 -------- d-----w- c:\program files\Epson Software
2009-12-26 18:32 . 2009-12-26 18:25 -------- d-----w- c:\program files\epson
2009-12-26 18:30 . 2009-12-26 18:29 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-12-17 07:41 . 2008-04-14 02:34 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2004-08-05 08:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:09 . 2004-08-05 08:00 2068096 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:09 . 2004-08-05 08:00 2191232 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-04 18:22 . 2004-08-05 08:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:13 . 2004-08-05 08:00 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 17:13 . 2004-08-05 08:00 1297920 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 16:08 . 2004-08-05 08:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:08 . 2004-08-05 08:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:08 . 2004-08-05 08:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:08 . 2004-08-05 08:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:08 . 2004-08-05 08:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 15:58 . 2004-08-05 08:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2006-05-05 18:08 . 2006-05-05 18:08 22 -csha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"smss32.exe"="c:\windows\system32\smss32.exe" [2010-02-17 39936]
"Security essentials 2010"="c:\program files\Securityessentials2010\SE2010.exe" [2010-02-17 1496576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 344064]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2005-12-12 94208]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2003-12-16 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2003-12-16 77824]
"TVPService"="c:\program files\HP\TVPlay\TVPService.exe" [2005-12-16 135168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"smss32.exe"="c:\windows\system32\smss32.exe" [2010-02-17 39936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\documents and settings\C‚cilia\Menu D‚marrer\Programmes\D‚marrage\
monnid32.exe [2008-4-14 28160]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\winlogon32.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 ----a-w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe]
2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2008-12-04 12:24 665424 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-09-15 00:27 1015808 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-15 00:29 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\TVPlay\\TVPlay.exe"=
"c:\\Program Files\\HP\\TVPlay\\TVPService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\neuf Talk\\neuf Talk.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R?2 TVPCapSvc;CyberLink Background Capture Service (CBCS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe [30/09/2007 18:09 258147]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19/06/2009 16:14 721904]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [31/03/2008 05:55 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31/03/2008 05:55 19024]
R2 CyberLink Media Library Service(HP TVPlay);CyberLink Media Library Service(HP TVPlay);c:\program files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe [30/09/2007 18:08 1073152]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [22/08/2005 10:06 231424]
S2 TVPSched;CyberLink Task Scheduler (CTS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPSched.exe [30/09/2007 18:09 114785]
S3 MODBDA2;DiBcom MOD3000 TV receiver;c:\windows\system32\drivers\modbda2.sys [04/06/2005 01:56 30464]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2010-02-15 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 07:23]

2009-01-19 c:\windows\Tasks\shutdown.job
- c:\windows\system32\shutdown.exe [2004-08-05 02:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.theprizeday.com/today.php
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?18e9f3ecc3354fdfb91ef1e7995a08ac
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?18e9f3ecc3354fdfb91ef1e7995a08ac
LSP: c:\windows\system32\helpers32.dll
Trusted Zone: buy-security-essentials.com
Trusted Zone: download-soft-package.com
Trusted Zone: download-software-package.com
Trusted Zone: get-key-se10.com
Trusted Zone: is-software-download.com
Trusted Zone: buy-security-essentials.com
Trusted Zone: get-key-se10.com
FF - ProfilePath - c:\documents and settings\Cécilia\Application Data\Mozilla\Firefox\Profiles\1a52zefv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|ht ... orange.fr/
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - component: c:\documents and settings\Cécilia\Application Data\Mozilla\Firefox\Profiles\1a52zefv.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-QuestService - c:\program files\QuestService\uninstall.exe
AddRemove-RegCure - c:\program files\RegCure\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 21:17
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????0?3?1?0??????? ???B?????????????hLC? ??????

Recherche de fichiers cachés ...


c:\windows\system32\smss32.exe 39936 bytes executable
c:\windows\system32\winlogon32.exe 39936 bytes executable
c:\windows\system32\warnings.html 4278 bytes
c:\windows\system32\helpers32.dll 24576 bytes executable
c:\windows\system32\fjhdyfhsn.bat 116 bytes

Scan terminé avec succès
Fichiers cachés: 5

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spmn.sys >>UNKNOWN [0x86F8D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75c2f28
\Driver\ACPI -> ACPI.sys @ 0xf731bcb8
\Driver\atapi -> atapi.sys @ 0xf72b8b40
IoDeviceObjectType -> SecurityProcedure -> ntkrnlpa.exe @ 0x80579208
\Device\Harddisk0\DR0 -> SecurityProcedure -> ntkrnlpa.exe @ 0x80579208
NDIS: Broadcom 802.11b/g WLAN -> SendCompleteHandler -> NDIS.sys @ 0xf71aebb0
PacketIndicateHandler -> NDIS.sys @ 0xf71bba21
SendHandler -> NDIS.sys @ 0xf719987b
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(888)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'Explorer.EXE'(2216)
c:\windows\system32\eappprxy.dll
c:\windows\system32\MSCTF.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LVComS.exe
c:\progra~1\hpq\Shared\HPQTOA~1.EXE
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2010-02-17 21:25:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-02-17 20:25
ComboFix2.txt 2010-02-17 16:57

Avant-CF: 17 765 629 952 octets libres
Après-CF: 17 604 558 848 octets libres

- - End Of File - - 6F3E03634FE5B15924A67EC225852FE4
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 21:54

et j'ai toujours ce fameux virus localisé je pense dans C:\ windows - system 32 - divers et indélogeable pour le moment
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 17 Fév 2010 22:11

Naulen a écrit:et j'ai toujours ce fameux virus localisé je pense dans C:\ windows - system 32 - divers et indélogeable pour le moment


Oui je constate que les intrus reviennent sous d'autres lignes.

Si tu as installés un cracks ou autres logiciels crackés, il faut commencer par le ou les supprimer car ils réinfectent ton pc au fur et a mesure que le les supprimes.


Refait ceci.

Télécharge CCLEANER

TUTO

Fait un nettoyage comme cela :

**Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 24 Heures

Recocher cette case une fois le premier nettoyage effectué

1-Élimine les fichiers temporaires et les traces ( onglet nettoyeur ) Imageque vous laissez en naviguant sur Internet ou bien en ouvrant simplement des fichiers avec n'importe quel logiciel sous Windows : le Lecteur Windows Media, Emule, Office, Nero, Adobe Reader, etc.


Puis de nouveau cela::


Ouvre le Menu Démarrer > Exécuter (Touche Windows+ R : en raccourci)

Dans la boîte de dialogue, copie/colle tout ce qui est en citation ci-dessous :
fsutil file createnew "%userprofile%\bureau\CFScript.txt" 0



Puis valide

2/ Ouvre CFScript.txt (sur ton Bureau) . > copie dedans cette nouvelle citation :
killall::

File::
c:\windows\system32\smss32.exe
c:\windows\system32\winlogon32.exe
Folder::
c:\program files\Securityessentials2010

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"smss32.exe"=-
"Security essentials 2010"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"smss32.exe"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"=-





Fait un glisser/déposer de ce fichier CFScript.txt sur le fichier ComboFix.exe comme sur la capture:

Image


Une fenêtre bleue va apparaître et ComboFix vas de nouveau faire une analyse.

Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

ensuite ceci:
Installe Malewarebytes' Antimalware,
Téléchargement et tuto

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 18 Fév 2010 19:39

Je continue à faire ce que vous avez indiqué.
Je suis passé en mode sans échec pour pouvoir faire tout cela sinon en mode normal tout est bloqué
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 18 Fév 2010 20:14

Naulen a écrit:Je continue à faire ce que vous avez indiqué.
Je suis passé en mode sans échec pour pouvoir faire tout cela sinon en mode normal tout est bloqué


Ok mets les rapports a suivre s.t.p
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 18 Fév 2010 20:32

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3756
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.11

18/02/2010 20:32:04
mbam-log-2010-02-18 (20-32-04).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 247556
Temps écoulé: 52 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 18
Fichier(s) infecté(s): 343

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\helpers32.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SE2010 (Rogue.Securityessentials2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Web Search Operator\4.1.0.2080 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\helpers32.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Cécilia\Menu Démarrer\Programmes\Démarrage\monnid32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Mes documents\programme\tuneup 2008\TU2008 Keymaker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\tcppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\QuestService\questservice111.exe.vir (Adware.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Automated Content Enhancer\4.1.0.5290\ACEpx.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Customized Platform Advancer\4.1.0.1960\CPAHelper.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Customized Platform Advancer\4.1.0.1960\CPApx.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QuestService\questservice.exe.vir (Adware.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\QuestService\uninstall.exe.vir (Adware.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Securityessentials2010\SE2010.exe.vir (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Web Search Operator\4.1.0.2080\WSOpx.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ES15.exe.vir (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\helpers32.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\smss32.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon32.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP768\A0152321.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152367.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152370.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152371.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152372.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152373.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152380.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152381.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152382.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152383.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152385.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152391.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152392.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152393.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152399.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152401.exe (Adware.ColorSoft) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152402.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152403.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152404.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152406.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152415.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP769\A0152480.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP776\A0152600.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158472.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158510.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158516.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158518.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158529.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP798\A0158535.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158906.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158928.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158931.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158932.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158933.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158938.exe (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158939.exe (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0158940.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0159070.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0160064.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0160071.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0161064.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0161071.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0162063.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0162236.exe (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0162238.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\dfghfghgfj[1].dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\SetupIS2010[1].exe (Rogue.SecurityEssentials) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\protectEXE20091215.log (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1260\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\TP_DomainInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1810\data\TP_KeywordInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1990\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091215-194033.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091215-194357.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-063432.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-140506.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-171455.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-171536.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-171812.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-171816.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-171846.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-185651.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-185815.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091216-190144.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091217-063126.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091218-102803.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091218-114629.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091226-111721.582.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091226-193742.629.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091226-195411.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091226-195418.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091227-141136.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091227-141640.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091227-141747.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20091230-170456.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100102-114007.107.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100103-194801.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100104-073850.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100104-170339.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100105-063420.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100105-162655.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100106-063300.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100106-182939.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100107-063937.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100107-165852.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100107-165856.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100107-201411.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100108-063540.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100110-205652.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100111-063118.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100111-181223.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100111-181410.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100111-223400.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100112-063400.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100112-180205.902.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100113-063216.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100113-173722.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100118-162614.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100119-063228.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100119-175407.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100120-063451.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100121-202509.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-083925.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-085209.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-102959.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-120935.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-121059.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-121212.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-121242.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-121431.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-122014.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-122223.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-122549.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-122553.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-140234.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-140236.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-165807.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100122-170456.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100123-091504.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100124-200555.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100125-063245.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100125-154220.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100126-092744.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100126-161924.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100127-083448.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100127-175302.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100128-063718.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100128-175634.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100128-214632.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100128-221615.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100129-065329.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100131-225740.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100201-073159.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100201-154828.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100201-211633.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100202-063308.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100202-165828.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100203-063522.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100203-172828.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100204-063529.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100204-173302.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100204-181852.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100205-063338.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100207-132144.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100208-073354.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100208-163013.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100208-220812.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100208-221040.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100209-063406.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100209-151304.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100210-073309.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100210-180308.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100211-063440.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100211-065142.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100211-181918.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100212-063509.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100213-191127.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100214-113448.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100214-161801.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100214-165219.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100214-180406.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100214-183951.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100215-063758.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100215-165311.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100215-165512.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100215-201217.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100216-063738.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100216-180314.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100217-073627.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100217-164002.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\NP_20100217-171005.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5290\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091215-194050.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091215-194357.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-063432.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-140508.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-171455.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-171536.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-171812.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-171816.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-171846.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-185651.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-185815.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091216-190145.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091217-063126.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091218-102803.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091218-114638.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091226-111722.551.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091226-193742.691.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091226-195412.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091226-195418.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091227-141136.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091227-141640.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091227-141747.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20091230-170456.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100102-114007.544.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100103-194802.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100104-073850.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100104-170339.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100105-063420.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100105-162655.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100106-063300.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100106-182940.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100107-063937.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100107-165852.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100107-165856.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100107-201412.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100108-063540.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100110-205652.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100111-063118.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100111-181223.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100111-181412.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100111-223400.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100112-063400.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100112-180206.027.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100113-063216.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100113-173722.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100118-162614.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100119-063228.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100119-175407.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100120-063452.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100121-202509.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-083925.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-085209.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-102959.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-120935.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-121100.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-121212.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-121242.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-121431.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-122014.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-122223.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-122550.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-122553.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-140234.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-140236.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-165807.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100122-170456.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100123-091504.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100124-200555.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100125-063245.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100125-154220.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100126-092746.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100126-161927.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100127-083449.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100127-175303.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100128-063719.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100128-175635.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100128-214632.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100128-221615.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100129-065333.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100131-225741.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100201-073200.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100201-154829.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100201-211633.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100202-063308.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100202-165828.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100203-063522.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100203-172828.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100204-063530.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100204-173302.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100204-181852.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100205-063338.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100207-132147.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100208-073354.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100208-163013.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100208-220813.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100208-221040.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100209-063406.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100209-151304.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100210-073309.358.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100210-180308.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100211-063440.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100211-065142.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100211-181918.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100212-063510.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100213-191127.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100214-113448.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100214-161801.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100214-165219.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100214-180407.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100214-183955.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100215-063759.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100215-165316.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100215-165514.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100215-201217.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100216-063738.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100216-180314.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100217-073627.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100217-164002.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\HJHP_20100217-171006.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Customized Platform Advancer\4.1.0.1960\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data\TP_DomainInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Textual Content Provider\1.1.0.1810\Data\TP_KeywordInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Local Settings\Application Data\Web Search Operator\4.1.0.2080\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\warnings.html (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchPlugins\questservice111.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Cécilia\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.


impossible de trouver celui de combofit en mode echec
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Re: infesté par Win32: Rootkit-gen (Rtk) Bis

Message le 18 Fév 2010 20:37

petite info supplémentaire il se pourrait que le nom du virus (si c'est bien un virus) soit security essentials 2010
Naulen
Visiteur
Visiteur
 
Messages: 8
Inscription: 17 Fév 2010 18:00
 

Suivante


Sujets similaires

Message [Résolu] Ordinateur infecté par : Program:Win32/Uwasson.A!ml
Bonjour, Je me permet de vous contacter car je n'arrive pas à me débarrasser d'un virus sur mon ordinateur, je n'arrive pas à la supprimer ou mettre en quarantaine.Si j'ai bien compris le fichier porteur n'est plus sur l'ordinateur mais la menace est toujours là.Merci de votre aide.
Réponses: 7

Message Démarrage étrange + Win32:Evo-gen [Susp]
Bonjour ! J'ai besoin d'aide pour mon PC :/Ce matin il a fait un truc assez étrange :Quand je l'ai allumé l?écran restait noir au lieu de 'démarrer windows' ( alors que le petit voyant de l?écran était vert ).J'ai donc redémarré le PC et pareil, écran noir, pas de démarrage de windows. Par hasard j' ...
Réponses: 12

Message [Résolu] Win32/Bitrep.A
Bonjour,Tous les samedis soir, je fais une analyse de mon PC avec "MS Sécurité Essential".Ce matin il m'a trouvé "Bitrep.A" qualifié de grave. Je l'ai donc supprimer, mais la rapidité a laquelle ça se fait me fait douter de l'efficacité.Pourriez-vous me dire si il y a des manips ...
Réponses: 15

Message .EXE N EST PAS UNE COMMANDE WIN32 VALIDE
Bonsoir Boulehya,boulehya a écrit:revoila les rapports demandépar contre j ai bien essayé d obtenir windows 10 mais j ai le meme message une fois que je veut l installé exe. n est pas une commande win 32 valideOn s'occupe déjà du problème et on voit pour Windows 10 en fin de désinfection.========== ...
Réponses: 11

Message win32:evo-gen [susp]
Bonjour,Depuis quelque temps, Avast me détecte: Win32:Evo-gen[Susp]J'ai lu attentivement un post ancien: resolu-win32evo-gen-susp-vt-70523.htmlJ'ai fait l'analyse avec http://malwarebytes.org/products/malwarebytes_freeou puis-je trouver le rapport final SVP ?Je ne suis pas allée plus loin.Merci pour ...
Réponses: 1

Message Fenêtres qui sautent / PC infesté de virus
Bonjour à tous,Je suis déjà venue sur ce site qui avait réglé mes problèmes de virus il y a quelques mois, alors je retente ma chance !Vendredi dernier, je trouvais que mon ordinateur était lent. Je décide donc de faire un scan avec AdwCleanerLe scan s'effectue très bien, et mon ordinateur lance le ...
Réponses: 6

Message win32 supprimer, No hard disk detected
Bonjour a tous, tout d'abord j'ai lu pas mal de post et de site internet a ce sujet et aucun ne répond vraiment a ma question et m'aider réellement donc j'ai décider de m'inscrire sur votre forum.Hier j'ai voulu installer un jeux sur mon autre ordinateur et celui ci ne voulais pas s'installer et il ...
Réponses: 5


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 5 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.