Infecté par un Virus Porn.Win32.Instant Acces
polokrew
Messages postés
37
Statut
Membre
-
polokrew -
polokrew -
Bonjour,
J'ai été infecté par ce virus et je ne sais pas quoi faire , a l'aide des autres topics j'ai fais un Hijack mais pour la suite je ne sais pas quoi faire ! Merci d'avance :)
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\StartupMonitor.exe
J'ai été infecté par ce virus et je ne sais pas quoi faire , a l'aide des autres topics j'ai fais un Hijack mais pour la suite je ne sais pas quoi faire ! Merci d'avance :)
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\StartupMonitor.exe
A voir également:
- Infecté par un Virus Porn.Win32.Instant Acces
- Acces rapide - Guide
- Virus mcafee - Accueil - Piratage
- Accès refusé - Guide
- Accès presse papier - Guide
- Messagerie free aucun code d'accès n'a été configuré - Forum Free mobile
51 réponses
http://www.cijoint.fr/cjlink.php?file=cj200908/cijtJjoFFm.txt
Pas eu de fichier "extra" cette fois ci !
Pas eu de fichier "extra" cette fois ci !
bien ben il me faut le extra txt refais OTL , et colonne de gauche tu mets tout sur "all" + les trois cases bien sur
le extra devrait apparaitre sur le bureau
le extra devrait apparaitre sur le bureau
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
pour afideg :
hello , OTLI est pour OTlistIt2 , non ?
Polokrew :
supprime List'em , retelecharge-le et repasse-le stp
hello , OTLI est pour OTlistIt2 , non ?
Polokrew :
supprime List'em , retelecharge-le et repasse-le stp
Bonsoir gen-hackman,
OTLI (OTListIt2.exe) et OTL n'est-ce pas la même liste ?
Je suis confus.
Albert
OTLI (OTListIt2.exe) et OTL n'est-ce pas la même liste ?
Je suis confus.
Albert
OK,
Merci
J'en ai lancé un là-bas; pour voir les différences.
Pourras-tu donner un coup de mains, SVP ?
Je ne connais rien de cette infection.
Merci
Bonne soirée
Al.
Merci
J'en ai lancé un là-bas; pour voir les différences.
Pourras-tu donner un coup de mains, SVP ?
Je ne connais rien de cette infection.
Merci
Bonne soirée
Al.
404 Not Found pour Listem ...
De plus je viens de re-avoir une alerte virus par "F-Secure" , qui m'informe que je suis infecté par un porn-dialer , Win32-Instant Access
De plus je viens de re-avoir une alerte virus par "F-Secure" , qui m'informe que je suis infecté par un porn-dialer , Win32-Instant Access
J'ai réussi l'OTL !
http://www.cijoint.fr/cjlink.php?file=cj200908/cij4sUGNbh.txt
http://www.cijoint.fr/cjlink.php?file=cj200908/cijbllDjMx.txt
http://www.cijoint.fr/cjlink.php?file=cj200908/cij4sUGNbh.txt
http://www.cijoint.fr/cjlink.php?file=cj200908/cijbllDjMx.txt
ok : oui le lien pour list'em a changé avant car l outil a evolué et donc changé de nom :
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau</gras>
Il ne necessite pas d'installation
▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
le rapport va s'afficher , une fois le scan fini
▶colle le contenu dans ta prochaine réponse
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau</gras>
Il ne necessite pas d'installation
▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
le rapport va s'afficher , une fois le scan fini
▶colle le contenu dans ta prochaine réponse
Exact , Thanks !
List'em by g3n-h@ckm@n 1.0.2.6
updated on 19.08.2009 ::::: 13.00
Microsoft Windows XP [version 5.1.2600]
19/08/2009 19:00:27,40
Infections :
========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
List'em by g3n-h@ckm@n 1.0.2.6
updated on 19.08.2009 ::::: 13.00
Microsoft Windows XP [version 5.1.2600]
19/08/2009 19:00:27,40
Infections :
========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
Voila le rapport en mode Sans échec :
List'em by g3n-h@ckm@n 1.0.2.6
updated on 19.08.2009 ::::: 13.00
Microsoft Windows XP [version 5.1.2600]
20/08/2009 12:56:58,71
Infections :
========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
List'em by g3n-h@ckm@n 1.0.2.6
updated on 19.08.2009 ::::: 13.00
Microsoft Windows XP [version 5.1.2600]
20/08/2009 12:56:58,71
Infections :
========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
ok il y avait un beug que j ai corrigé cette nuit :)
supprime-le , retelecharge-le et refais l option 1 stp
supprime-le , retelecharge-le et refais l option 1 stp
Voila :
List'em by g3n-h@ckm@n 1.0.2.6
updated on 20.08.2009 ::::: 00.30
Microsoft Windows XP [version 5.1.2600]
20/08/2009 16:56:39,48
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
ACRORD32.EXE-13285B88.pf
ACRORD32INFO.EXE-013EA364.pf
ALERTMODULE.EXE-2A9DA7CC.pf
APPLEMOBILEDEVICESERVICE.EXE-2220AFA1.pf
CARTMA~1.EXE-339E6165.pf
CARTMA~1.SCR-2C7C46DD.pf
CHROME.EXE-13E994FB.pf
CMD.EXE-087B4001.pf
CSC.EXE-01730C27.pf
CVTRES.EXE-2329DCD5.pf
DEFRAG.EXE-273F131E.pf
DFRGNTFS.EXE-269967DF.pf
DRWTSN32.EXE-2B4B52AC.pf
DWWIN.EXE-30875ADC.pf
EXPLORER.EXE-082F38A9.pf
E_FAMTACE.EXE-1C9136DF.pf
E_FARNACE.EXE-1883ED8A.pf
E_FATIACE.EXE-2716F377.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
FIRSTSTART.EXE-12EE79C6.pf
FLASHGOT.EXE-2DF20D2E.pf
FREEZER.EXE-2B02849F.pf
FSAV32.EXE-2A9144A6.pf
FSAVAUI.EXE-05AC73F8.pf
FSAVGUI.EXE-2C498904.pf
FSAVSTRT.EXE-31381D88.pf
FSBLSRV.EXE-39ED7A2E.pf
FSGUIDLL.EXE-079EEB38.pf
FSGUIDLL.EXE-11ADAD4A.pf
FSM32.EXE-10D3C894.pf
FSM32.EXE-2B7DA5CD.pf
GOOGLEUPDATE.EXE-06EFF037.pf
GP5.EXE-20FA1F68.pf
GREP.COM-30632777.pf
HELPSVC.EXE-2878DDA2.pf
IMAPI.EXE-0BF740A4.pf
JAVA.EXE-3934C371.pf
JUCHECK.EXE-0276A1EC.pf
JUSCHED.EXE-27E1FBBB.pf
LAUNCHER.EXE-13840303.pf
Layout.ini
LICMGR.EXE-1E5C95AB.pf
LIMEWIRE.EXE-1944953E.pf
LIST_KILLEM.EXE-0A53E82D.pf
LOGONUI.EXE-0AF22957.pf
MODE.COM-31685BAE.pf
MONITOR.EXE-0BB70F8D.pf
NIRCMD.COM-35BF857A.pf
NOTEPAD.EXE-189578DA.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
OTL.EXE-18A7D33E.pf
PROCESS.COM-0458B762.pf
QUICKSTART.EXE-24C38DA1.pf
QUICKSTART.EXE-25314AF2.pf
READER_SL.EXE-3614FA6E.pf
REG.EXE-0D2A95F7.pf
REGISTER.EXE-0500711D.pf
RUNDLL32.EXE-118EE008.pf
RUNDLL32.EXE-1857459C.pf
RUNDLL32.EXE-1EA810BC.pf
RUNDLL32.EXE-239C1C98.pf
RUNDLL32.EXE-31610E45.pf
RUNDLL32.EXE-35A483DA.pf
RUNDLL32.EXE-3AF10E20.pf
RUNDLL32.EXE-408F228F.pf
RUNDLL32.EXE-415F88EC.pf
RUNDLL32.EXE-4489B61B.pf
RUNDLL32.EXE-451FC2C0.pf
SED.COM-281CC846.pf
SESSIONMANAGER.EXE-21029BE8.pf
SHAREPOD.EXE-12FE3A3A.pf
SNDVOL32.EXE-383480B7.pf
SOFFICE.BIN-01E25E9C.pf
SOFFICE.EXE-2317C747.pf
SOFFICE.EXE-358D937C.pf
STARTUPMONITOR.EXE-0203E42A.pf
SWREG.COM-3A277B41.pf
SWSC.COM-0DAE31A0.pf
SYSTRAYAPP.EXE-2AA773D0.pf
TASKMGR.EXE-20256C55.pf
TNBUTIL.EXE-2F90F74A.pf
UNINS000.EXE-0D621247.pf
UNINS000.EXE-158585C3.pf
UPDATER.EXE-2271B561.pf
USERINIT.EXE-30B18140.pf
VERCLSID.EXE-3667BD89.pf
VLC.EXE-22DF01AA.pf
WGATRAY.EXE-0ED38BED.pf
WINRAR.EXE-39C6DAD9.pf
WMIPRVSE.EXE-28F301A9.pf
WMPNETWK.EXE-2C0727AF.pf
WSCNTFY.EXE-1B24F5EB.pf
WUAUCLT.EXE-399A8E72.pf
_IU14D2N.TMP-2CB926C8.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
List'em by g3n-h@ckm@n 1.0.2.6
updated on 20.08.2009 ::::: 00.30
Microsoft Windows XP [version 5.1.2600]
20/08/2009 16:56:39,48
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
ACRORD32.EXE-13285B88.pf
ACRORD32INFO.EXE-013EA364.pf
ALERTMODULE.EXE-2A9DA7CC.pf
APPLEMOBILEDEVICESERVICE.EXE-2220AFA1.pf
CARTMA~1.EXE-339E6165.pf
CARTMA~1.SCR-2C7C46DD.pf
CHROME.EXE-13E994FB.pf
CMD.EXE-087B4001.pf
CSC.EXE-01730C27.pf
CVTRES.EXE-2329DCD5.pf
DEFRAG.EXE-273F131E.pf
DFRGNTFS.EXE-269967DF.pf
DRWTSN32.EXE-2B4B52AC.pf
DWWIN.EXE-30875ADC.pf
EXPLORER.EXE-082F38A9.pf
E_FAMTACE.EXE-1C9136DF.pf
E_FARNACE.EXE-1883ED8A.pf
E_FATIACE.EXE-2716F377.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
FIRSTSTART.EXE-12EE79C6.pf
FLASHGOT.EXE-2DF20D2E.pf
FREEZER.EXE-2B02849F.pf
FSAV32.EXE-2A9144A6.pf
FSAVAUI.EXE-05AC73F8.pf
FSAVGUI.EXE-2C498904.pf
FSAVSTRT.EXE-31381D88.pf
FSBLSRV.EXE-39ED7A2E.pf
FSGUIDLL.EXE-079EEB38.pf
FSGUIDLL.EXE-11ADAD4A.pf
FSM32.EXE-10D3C894.pf
FSM32.EXE-2B7DA5CD.pf
GOOGLEUPDATE.EXE-06EFF037.pf
GP5.EXE-20FA1F68.pf
GREP.COM-30632777.pf
HELPSVC.EXE-2878DDA2.pf
IMAPI.EXE-0BF740A4.pf
JAVA.EXE-3934C371.pf
JUCHECK.EXE-0276A1EC.pf
JUSCHED.EXE-27E1FBBB.pf
LAUNCHER.EXE-13840303.pf
Layout.ini
LICMGR.EXE-1E5C95AB.pf
LIMEWIRE.EXE-1944953E.pf
LIST_KILLEM.EXE-0A53E82D.pf
LOGONUI.EXE-0AF22957.pf
MODE.COM-31685BAE.pf
MONITOR.EXE-0BB70F8D.pf
NIRCMD.COM-35BF857A.pf
NOTEPAD.EXE-189578DA.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
OTL.EXE-18A7D33E.pf
PROCESS.COM-0458B762.pf
QUICKSTART.EXE-24C38DA1.pf
QUICKSTART.EXE-25314AF2.pf
READER_SL.EXE-3614FA6E.pf
REG.EXE-0D2A95F7.pf
REGISTER.EXE-0500711D.pf
RUNDLL32.EXE-118EE008.pf
RUNDLL32.EXE-1857459C.pf
RUNDLL32.EXE-1EA810BC.pf
RUNDLL32.EXE-239C1C98.pf
RUNDLL32.EXE-31610E45.pf
RUNDLL32.EXE-35A483DA.pf
RUNDLL32.EXE-3AF10E20.pf
RUNDLL32.EXE-408F228F.pf
RUNDLL32.EXE-415F88EC.pf
RUNDLL32.EXE-4489B61B.pf
RUNDLL32.EXE-451FC2C0.pf
SED.COM-281CC846.pf
SESSIONMANAGER.EXE-21029BE8.pf
SHAREPOD.EXE-12FE3A3A.pf
SNDVOL32.EXE-383480B7.pf
SOFFICE.BIN-01E25E9C.pf
SOFFICE.EXE-2317C747.pf
SOFFICE.EXE-358D937C.pf
STARTUPMONITOR.EXE-0203E42A.pf
SWREG.COM-3A277B41.pf
SWSC.COM-0DAE31A0.pf
SYSTRAYAPP.EXE-2AA773D0.pf
TASKMGR.EXE-20256C55.pf
TNBUTIL.EXE-2F90F74A.pf
UNINS000.EXE-0D621247.pf
UNINS000.EXE-158585C3.pf
UPDATER.EXE-2271B561.pf
USERINIT.EXE-30B18140.pf
VERCLSID.EXE-3667BD89.pf
VLC.EXE-22DF01AA.pf
WGATRAY.EXE-0ED38BED.pf
WINRAR.EXE-39C6DAD9.pf
WMIPRVSE.EXE-28F301A9.pf
WMPNETWK.EXE-2C0727AF.pf
WSCNTFY.EXE-1B24F5EB.pf
WUAUCLT.EXE-399A8E72.pf
_IU14D2N.TMP-2CB926C8.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Ferme toutes tes fenetres(y compris internet et windows live messenger) , puis :
▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil
apres les verifications , un rapport va s'ouvrir.
▶ ferme-le.
un deuxieme rapport va s'ouvrir ,
▶ colle son contenu dans ta reponse
ensuite :
Télécharge Navilog1 depuis-ce lien
▶ Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
▶ Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
▶ Au menu principal, Fais le choix 1 >> Recherche / suppression automatique
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
>>>>> Le fix peut durer une dizaine de minutes ;)
▶ Appuie sur une touche le bloc note va s'ouvrir.
▶ Copie-colle le rapport ici.
▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil
apres les verifications , un rapport va s'ouvrir.
▶ ferme-le.
un deuxieme rapport va s'ouvrir ,
▶ colle son contenu dans ta reponse
ensuite :
Télécharge Navilog1 depuis-ce lien
▶ Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
▶ Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
▶ Au menu principal, Fais le choix 1 >> Recherche / suppression automatique
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
>>>>> Le fix peut durer une dizaine de minutes ;)
▶ Appuie sur une touche le bloc note va s'ouvrir.
▶ Copie-colle le rapport ici.
Hop :
Kill'em by g3n-h@ckm@n 1.0.2.6
updated on 20.08.2009 ::::: 00.30
Microsoft Windows XP [version 5.1.2600]
20/08/2009 17:07:33,78
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
pack.epk.Kill'em
rfwosx_nav.dat.Kill'em
rfwosx_navps.dat.Kill'em
tmlpcert2007.Kill'em
tmp7E.tmp.Kill'em
tmp7F.tmp.Kill'em
tmp80.tmp.Kill'em
tmp84.tmp.Kill'em
tmp94.tmp.Kill'em
tmp95.tmp.Kill'em
tmp9B.tmp.Kill'em
tmp9C.tmp.Kill'em
tmp9D.tmp.Kill'em
tmpA2.tmp.Kill'em
tmpA3.tmp.Kill'em
tmpA4.tmp.Kill'em
tmpA6.tmp.Kill'em
tmpA7.tmp.Kill'em
tmpA8.tmp.Kill'em
tmpA9.tmp.Kill'em
tmpAB.tmp.Kill'em
tmpAC.tmp.Kill'em
tmpAD.tmp.Kill'em
tmpAE.tmp.Kill'em
tmpAF.tmp.Kill'em
tmpB0.tmp.Kill'em
tmpB1.tmp.Kill'em
tmpB2.tmp.Kill'em
tmpB3.tmp.Kill'em
tmpB4.tmp.Kill'em
tmpB5.tmp.Kill'em
tmpB6.tmp.Kill'em
tmpB7.tmp.Kill'em
tmpB8.tmp.Kill'em
tmpB9.tmp.Kill'em
tmpBA.tmp.Kill'em
tmpD19.tmp.Kill'em
tmpD1D.tmp.Kill'em
tmpD1E.tmp.Kill'em
tmpD1F.tmp.Kill'em
tmpD26.tmp.Kill'em
tmpD27.tmp.Kill'em
tmpD28.tmp.Kill'em
tmpD29.tmp.Kill'em
tmpD2A.tmp.Kill'em
tmpD2B.tmp.Kill'em
tmpD2C.tmp.Kill'em
tmpD2E.tmp.Kill'em
¤¤¤¤¤¤¤¤¤¤ Verification :
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-0D2A95F7.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Kill'em by g3n-h@ckm@n 1.0.2.6
updated on 20.08.2009 ::::: 00.30
Microsoft Windows XP [version 5.1.2600]
20/08/2009 17:07:33,78
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\WINDOWS\pack.epk"
C:\WINDOWS\System32\rfwosx_nav.dat
C:\WINDOWS\System32\rfwosx_navps.dat
"C:\WINDOWS\tmlpcert2007"
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp7F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp80.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp84.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp94.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp95.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmp9D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpA9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAB.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAC.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAD.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAE.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpAF.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB0.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB1.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB2.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB3.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB4.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB5.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB6.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB7.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB8.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpB9.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpBA.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD19.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1D.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1E.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD1F.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD26.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD27.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD28.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD29.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2A.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2B.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2C.tmp
C:\Documents and Settings\Paul Moutard-Martin\LOCAL Settings\Temp\tmpD2E.tmp
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
pack.epk.Kill'em
rfwosx_nav.dat.Kill'em
rfwosx_navps.dat.Kill'em
tmlpcert2007.Kill'em
tmp7E.tmp.Kill'em
tmp7F.tmp.Kill'em
tmp80.tmp.Kill'em
tmp84.tmp.Kill'em
tmp94.tmp.Kill'em
tmp95.tmp.Kill'em
tmp9B.tmp.Kill'em
tmp9C.tmp.Kill'em
tmp9D.tmp.Kill'em
tmpA2.tmp.Kill'em
tmpA3.tmp.Kill'em
tmpA4.tmp.Kill'em
tmpA6.tmp.Kill'em
tmpA7.tmp.Kill'em
tmpA8.tmp.Kill'em
tmpA9.tmp.Kill'em
tmpAB.tmp.Kill'em
tmpAC.tmp.Kill'em
tmpAD.tmp.Kill'em
tmpAE.tmp.Kill'em
tmpAF.tmp.Kill'em
tmpB0.tmp.Kill'em
tmpB1.tmp.Kill'em
tmpB2.tmp.Kill'em
tmpB3.tmp.Kill'em
tmpB4.tmp.Kill'em
tmpB5.tmp.Kill'em
tmpB6.tmp.Kill'em
tmpB7.tmp.Kill'em
tmpB8.tmp.Kill'em
tmpB9.tmp.Kill'em
tmpBA.tmp.Kill'em
tmpD19.tmp.Kill'em
tmpD1D.tmp.Kill'em
tmpD1E.tmp.Kill'em
tmpD1F.tmp.Kill'em
tmpD26.tmp.Kill'em
tmpD27.tmp.Kill'em
tmpD28.tmp.Kill'em
tmpD29.tmp.Kill'em
tmpD2A.tmp.Kill'em
tmpD2B.tmp.Kill'em
tmpD2C.tmp.Kill'em
tmpD2E.tmp.Kill'em
¤¤¤¤¤¤¤¤¤¤ Verification :
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-0D2A95F7.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
