http://net-studio.org >> Patch>

Virtual Maid Fix (Virtual Maid.dll, searchmaid.com)


	Patchs for virus
	Tutorials
	Tips
	Forum
	Windows Optimum
	USB FireWall
	Boost Google Search

	Information
	Un virus s'intégrant dans Internet Explorer et modifie les paramètres d'Internet Explorer comme la page d'accueil ou les paramètres de sécurité. Peut aussi ouvrir des popups. Ce fix supprime le virus Virtual Maid et restaure les paramètres d'Internet Explorer. Alias : Adware.Virtual_Maid [PCTools] not-a-virus:AdWare.Win32.MaidBar.d [Kaspersky Lab] Adware.SearchMaid [Symantec]
	Fichier
	<System>\perfcii.ini <Program Files >\Virtual Maid\1.bmp <Program Files >\Virtual Maid\2.bmp <Program Files >\Virtual Maid\logo.bmp <Program Files >\Virtual Maid\uninstall.bat <Program Files >\Virtual Maid\Virtual Maid.dll <Program Files >\Virtual Maid\Virtual Maid.xml
	Registre
	Clés créées HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented Categories HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\InprocServer32 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\TypeLib HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\VersionIndependentProgID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\InprocServer32 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\TypeLib HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\VersionIndependentProgID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid32 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\TypeLib HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid32 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\TypeLib HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0\win32 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\FLAGS HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\HELPDIR HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem\CurVer HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem.1\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj\CurVer HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj.1\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virtual Maid HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&RSDN Search HKEY_CURRENT_USER\Software\Virtual Maid HKEY_CURRENT_USER\Software\Virtual Maid\Virtual Maid HKEY_CURRENT_USER\Software\Virtual Maid\Virtual Maid\Historyfiles HKEY_CURRENT_USER\Software\Virtual Maid\Virtual Maid\Historys1 Valeurs créées [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\VersionIndependentProgID] (Default) = "VM.VMObj" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\TypeLib] (Default) = "{42C7653A-5834-45a1-899A-ED0DFA370D21}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgID] (Default) = "VM.VMObj.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\InprocServer32] (Default) ="C:\PROGRAM FILES\VIRTUAL MAID\VIRTUAL MAID.DLL" ThreadingModel = "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}] (Default) = "Virtual Maid" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\VersionIndependentProgID] (Default) = "GoVM.ContextItem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\TypeLib] (Default) = "{48DA6120-A779-4c12-8584-47B625EFB469}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgID] (Default) = "GoVM.ContextItem.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\InprocServer32] (Default) = "C:\PROGRAM FILES\VIRTUAL MAID\VIRTUAL MAID.DLL" ThreadingModel = "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}] (Default) = "ContextItem Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\TypeLib] (Default) = "{42C7653A-5834-45A1-899A-ED0DFA370D21}" Version = "1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid32] (Default) = "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid] (Default) = "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}] (Default) = "IContextItem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\TypeLib] (Default) = "{42C7653A-5834-45A1-899A-ED0DFA370D21}" Version = "1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid32] (Default) = "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid] (Default) = "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}] (Default) = "IVMObj" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0\win32] (Default) = "%ProgramFiles%\Virtual Maid\Virtual Maid.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\HELPDIR] (Default) = "%ProgramFiles%\Virtual Maid\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\FLAGS] (Default) = "0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0] (Default) = "VM 1.0 Type Library" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem\CurVer] (Default) = "GoVM.ContextItem.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem\CLSID] (Default) = "{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem] (Default) = "ContextItem Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem.1\CLSID] (Default) = "{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoVM.ContextItem.1] (Default) = "ContextItem Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj\CurVer] (Default) = "VM.VMObj.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj\CLSID] (Default) = "{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj] (Default) = "Virtual Maid" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj.1\CLSID] (Default) = "{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VM.VMObj.1] (Default) = "Virtual Maid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] Local Page = "http://www.search[supprimez ceci]maid.com/" Search Bar = "http://searchmaid.com/bar/index.html" Use Search Asst = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C} = "Virtual Maid" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion] guid = "AA8214E9-C7E6-4b66-A049-19AD20944CBF" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virtual MaidVirtual Maid] DisplayName = "Virtual Maid" UninstallString = ""%ProgramFiles%\Virtual Maid\uninstall.bat" "%ProgramFiles%\Virtual Maid"" [HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current] (Default) = "" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] Default_Page_URL = "http://www.search[supprimez ceci]maid.com/" Search Bar = "http://searchmaid.com/bar/index.html" Use Search Asst = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" Default_Search_URL = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] (Default) = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] {77B2F8DE-CB3F-4B6B-839B-807DD1ADBA1C} = DE F8 B2 77 3F CB 6B 4B 83 9B 80 7D D1 AD BA 1C [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&RSDN Search] (Default) = "res://C:\PROGRA~1\VIRTUA~1\VIRTUA~1.DLL/GoVM.dll.htm" Contexts = 0x00000030 [HKEY_CURRENT_USER\Software\Virtual Maid\Virtual Maid\Historyfiles] C:\PROGRA~1\VIRTUA~1\Virtual Maid.xml = 0x00000001 C:\PROGRA~1\VIRTUA~1\2.bmp = 0x00000001 C:\PROGRA~1\VIRTUA~1\1.bmp = 0x00000001 [HKEY_CURRENT_USER\Software\Virtual Maid\Virtual Maid] gUpdate = "0" NID = "" toolbar_id = "" Virtual Maid.xml = "168967278" 2.bmp = "53294105" 1.bmp = "535982682" showcorrupted = "1" updateVer = "" scope = "-1" OpenNew = "0" AutoComplete = "1" KeepHistory = "1" RunSearchAutomatically = "1" RunSearchDragAutomatically = "1" DescriptiveText = "1" ShowHighlightButton = "1" MicrosoftWeb = "1" GoogleWeb = "1" ShowFindButtons = "1" (Default) = "1" UpdateBegin = "0" LastCheckTime = 0x469C649B Valeurs supprimées [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] Local Page = "%SystemRoot%\system32\blank.htm" [HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current] (Default) = "%SystemRoot%\media\Windows XP Menu Démarrer.wav" Valeurs modifiées [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] Default_Page_URL = "http://www.search[supprimez ceci]maid.com/" Default_Search_URL = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" Search Page = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" Start Page = "http://www.search[supprimez ceci]maid.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] SearchAssistant = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" CustomizeSearch = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] Local Page = "http://www.search[supprimez ceci]maid.com/" Start Page = "http://www.search[supprimez ceci]maid.com/" Search Page = "http://www.search[supprimez ceci]maid.com/search.php?qq=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] {0E5CBF21-D15F-11D0-8301-00AA005B4383} = 21 BF 5C 0E 5F D1 D0 11 83 01 00 AA 00 5B 43 83 22 00 1C 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4C 00 00 00 01 14 02 00 00 00 00 00 C0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 CE 10 18 3F 01 CE C6 01 58 61 AE 8 ITBarLayout = 11 00 00 00 36 00 00 00 00 00 00 00 34 00 00 00 1F 00 01 00 56 00 00 00 01 00 00 00 20 07 00 00 A0 0F 00 00 05 00 00 00 62 05 00 00 26 00 00 00 02 00 00 00 21 07 00 00 A0 0F 00 00 04 00 00 00 21 01 00 00 A0 0F 00 00 03 00 00 00 20 03 00 00 00 00 00 0
	ATTENTION
	Même si vous arrivez à supprimer ce virus à l'aide une application Antivirus, cette dernière ne restaure pas les paramètres d'Internet Explorer d'où l'interêt d'utiliser un patch.

	Liens

Les derniers Patchs:

Antivirus 360 (av360.exe)
Spyware Guard (spywareguard.exe, Mal/EncPk-CZ, Rootkit.Win32.TDSS, SpywareGuard2008, Program:Win32/FakeSpyguard)
Brastk (Win32/Wantvi.I, Brastk.exe)
Braviax (Win32/Wantvi.I, Braviax.exe)
XP AntiSpyware 2009 (XP_AntiSpyware.exeL, Downloader.Win32.Agent.bs,New Malware.aj)
FlashGuard.exe (DriveGuard.exe,Win32.Worm.Autoit.AL, AUTORUN.TZ)
cradle of filth (cradle_of_filth.vbe, Notre Gates qui est à Seattle)

COPYRIGHT (C) 2008 NET STUDIO, ALL RIGHT RESERVED