Antivir détecte TR/Vundo.Gen

Sylkhin -  
 Sylkhin -
Bonjour,
depuis quelques temps mon PC est très lent. J'ai des redirections de pages sur internet, ma boite hotmail envoie des spams à tous mes contacts... bref c'est la cata. J'ai essayé d'installer adaware mais un message d'erreur apparait automatiquement au bout de quelques secondes et il se ferme. Impossible de faire un scan en ligne. J'ai installé Antivir qui s'affole et détecte Tr/Vundo.gen toutes les 4 secondes.
Y aurait-il quelqu'un(e) pour m'aider s'il vous plait?

45 réponses

Réponse 1 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
penses a vider la quarantaine de MBAM et refais un RSIT comme au post 1, tu n'auras qu'un rapport , c'est normal .

As tu réinstallé ton antivir, si non, ca urge, si oui, fais un scan avec stp et poste le rapport aussi ;)
2
Réponse 2 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
slt

Pour analyser ton pc : télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 3 / 45
Sylkhin
 
A l'étape de téléchargement de HijackThis, ça s'arrete, j'ai une fenêtre qui s'ouvre et me met ça

Propriétaire.exe – Composant introuvable
Cette application n’a pas pu démarrer car MSVBVN60.DLL est introuvable. La réinstallation de cette application peut corriger ce problème.

Et il y a un bouton OK

J'ai préféré ne pas cliquer pour ne pas faire de bêtise. Que dois-je faire?
0
Réponse 4 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
fais ok
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 45
Sylkhin
 
Contenu de log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-11-13 14:36:07
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 18 GB (46%) free of 40 GB
Total RAM: 511 MB (36% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0DB0EAE3-2F03-42DA-9361-E905B48269A9}]
C:\WINDOWS\System32\dfsshlex32.dll [2009-11-13 145408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FE11622-554C-B016-D765-D531A05DE9A3}]
ShoppingImprovementsTipCenter - C:\Program Files\ShoppingImprovementsTipCenter\ShoppingImprovementsTipCenter.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2004-07-15 4112384]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2004-07-15 81920]
"nForce Tray Options"=sstray.exe /r []
"EM_EXEC"=C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-01 28672]
"WireLessKeyboard"=C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe [2005-11-30 94208]
"StandardInstall"= []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ASUS Probe"=C:\Program Files\ASUS\Probe\AsusProb.exe [2002-12-06 617984]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-20 15360]
"cdoosoft"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\herss.exe [2009-09-20 115061]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\System32\FEELIT32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\34a5c81e670]
C:\WINDOWS\System32\FEELIT32.dll [2009-09-20 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C5F43BEF-CE2F-46D8-AFE6-A647BACD1F09}"=C:\WINDOWS\system32\Bitkv1.dll [2007-06-13 69632]
"{BB4C402F-882A-4526-8C08-51278EA437C1}"=C:\WINDOWS\system32\e8main0.dll [2007-06-13 65455]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\reception e mule\eMule\LimeWire\LimeWire.exe"="F:\reception e mule\eMule\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Enabled:PMC.Service.Main.exe"
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14c3e2c4-b877-11db-b373-00112f49f551}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15bcdf4c-31b0-11dd-b63f-00112f49f551}]
shell\Auto\command - G:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{990ffa4a-da2d-11db-b3ee-00112f49f551}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa838271-0e78-11d9-85ef-806d6172696f}]
shell\AutoRun\command - D:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa838274-0e78-11d9-85ef-806d6172696f}]
shell\AutoRun\command - C:\cqb6wo.exe
shell\open\command - C:\cqb6wo.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa838275-0e78-11d9-85ef-806d6172696f}]
shell\AutoRun\command - F:\cqb6wo.exe
shell\open\command - F:\cqb6wo.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab8d6b64-437f-11dd-b660-00112f49f551}]
shell\AutoRun\command - G:\cqb6wo.exe
shell\open\command - G:\cqb6wo.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1f9cbdc-0e3b-11d9-aa7e-806d6172696f}]
shell\AutoRun\command - D:\Bin\asusqfe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd8c0260-a86e-11db-b333-00112f49f551}]
shell\AutoRun\command - G:\m88coaim.exe
shell\explore\command - G:\m88coaim.exe
shell\open\command - G:\m88coaim.exe


======List of files/folders created in the last 1 months======

2009-11-13 14:36:08 ----D---- C:\Program Files\trend micro
2009-11-13 14:36:07 ----D---- C:\rsit
2009-11-13 12:16:49 ----D---- C:\Program Files\Avira
2009-11-13 12:16:49 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-11-13 11:49:56 ----D---- C:\Program Files\Lavasoft
2009-11-13 11:37:07 ----A---- C:\WINDOWS\system32\dfsshlex32.dll
2009-11-13 11:37:04 ----A---- C:\WINDOWS\system32\HTZhLmBDnIf0i.vbs
2009-11-12 23:13:38 ----A---- C:\WINDOWS\GnuHashes.ini
2009-11-12 23:12:05 ----D---- C:\Program Files\Panda Security
2009-11-12 23:06:00 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-11-12 23:03:00 ----A---- C:\WINDOWS\system32\avicap3232.dll
2009-11-12 23:02:56 ----A---- C:\WINDOWS\system32\dOH5FxK.vbs
2009-11-12 23:01:52 ----SHD---- C:\WINDOWS\system32\LocalService
2009-11-12 23:00:54 ----ASH---- C:\WINDOWS\system32\D1.tmp
2009-11-12 22:52:33 ----D---- C:\Nouveau dossier
2009-11-12 22:16:33 ----D---- C:\Documents and Settings\Propriétaire\Application Data\HouseCall 6.6
2009-11-12 18:53:42 ----SHD---- C:\WINDOWS\system32\LocalService(5)
2009-11-12 18:53:27 ----ASH---- C:\WINDOWS\system32\A2.tmp
2009-11-12 17:37:33 ----HDC---- C:\Documents and Settings\All Users\Application Data\~0
2009-11-12 13:51:55 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
2009-11-12 13:29:36 ----A---- C:\WINDOWS\imsins.BAK
2009-11-12 13:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-11-12 13:19:02 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-12 13:03:10 ----SHD---- C:\WINDOWS\system32\LocalService(4)
2009-11-12 12:30:46 ----ASH---- C:\WINDOWS\system32\2.tmp
2009-11-11 17:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-11-11 17:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-11-11 17:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-11-11 17:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-11-11 17:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-11-11 17:46:47 ----DC---- C:\WINDOWS\$NtUninstallKB975025$
2009-11-11 17:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-11-11 17:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-11-11 17:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-11-11 17:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-11-11 17:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 19:29:38 ----SHD---- C:\WINDOWS\system32\LocalService(3)
2009-11-10 19:29:10 ----ASH---- C:\WINDOWS\system32\4.tmp
2009-10-20 00:52:37 ----N---- C:\WINDOWS\system32\SETD.tmp
2009-10-20 00:52:37 ----A---- C:\WINDOWS\system32\SETC.tmp
2009-10-19 16:40:28 ----D---- C:\Program Files\Solo2000(2)
2009-10-19 16:34:30 ----D---- C:\Program Files\psdmi
2009-10-16 22:23:00 ----D---- C:\Program Files\Controle Parental

======List of files/folders modified in the last 1 months======

2009-11-13 14:36:21 ----D---- C:\WINDOWS\Prefetch
2009-11-13 14:36:08 ----D---- C:\Program Files
2009-11-13 14:28:12 ----D---- C:\Program Files\Mozilla Firefox
2009-11-13 13:00:27 ----D---- C:\WINDOWS\Temp
2009-11-13 12:59:07 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-13 12:28:35 ----D---- C:\WINDOWS
2009-11-13 12:26:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-13 12:16:56 ----HD---- C:\WINDOWS\inf
2009-11-13 12:16:56 ----D---- C:\WINDOWS\system32\drivers
2009-11-13 12:15:16 ----SHD---- C:\WINDOWS\Installer
2009-11-13 12:15:16 ----D---- C:\WINDOWS\WinSxS
2009-11-13 12:15:16 ----D---- C:\Config.Msi
2009-11-13 12:08:04 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-13 12:08:03 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-13 12:02:34 ----SD---- C:\WINDOWS\Tasks
2009-11-13 11:37:07 ----D---- C:\WINDOWS\system32
2009-11-13 11:24:45 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-13 11:21:39 ----RSD---- C:\WINDOWS\assembly
2009-11-13 10:45:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-13 10:42:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-13 10:36:52 ----D---- C:\WINDOWS\Help
2009-11-12 23:14:09 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-12 23:09:02 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-12 23:05:32 ----A---- C:\WINDOWS\system32\MRT.INI
2009-11-12 23:03:27 ----D---- C:\WINDOWS\Debug
2009-11-12 23:00:44 ----A---- C:\WINDOWS\win.ini
2009-11-12 22:56:51 ----D---- C:\WINDOWS\system32\config
2009-11-12 22:56:44 ----D---- C:\WINDOWS\system32\wbem
2009-11-12 22:56:44 ----D---- C:\WINDOWS\Registration
2009-11-12 22:55:58 ----D---- C:\Program Files\OrangeHSS
2009-11-12 22:52:33 ----D---- C:\Program Files\CCleaner
2009-11-12 13:16:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2009-11-05 09:36:22 ----AC---- C:\WINDOWS\system32\MRT.exe
2009-10-27 22:21:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-27 22:19:53 ----D---- C:\Program Files\RALINK
2009-10-27 22:19:49 ----D---- C:\Program Files\Satsuki Decoder Pack
2009-10-20 00:52:37 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 16:34:31 ----D---- C:\WINDOWS\system

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-29 21419]
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 ASPIXNT;ASPIXNT; C:\WINDOWS\system32\drivers\ASPIXNT.sys [1999-02-16 6336]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-04-24 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-04-24 55936]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264]
R3 DCamUSBEMPIA;PCTV USB2 2821 Capture; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
R3 emAudio;PCTV USB2 2821 Audio; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
R3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.sys [2002-07-02 23854]
R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\system32\drivers\LHidUsb.Sys [2002-07-02 40508]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-02 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-02 70382]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-07-15 2459712]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-08-13 36864]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2003-06-06 70656]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-08-13 311552]
R3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WFsys;WinFox Control I/O Driver; C:\WINDOWS\system32\DRIVERS\wfsys.sys [2002-04-22 13692]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonwxp.sys [2003-10-01 174336]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2004-07-15 114755]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Contenu de info.txt

info.txt logfile of random's system information tool 1.06 2009-11-13 15:04:36

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Illustrator 9.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Illustrator 9.0\Uninst.isu" -c"C:\Program Files\Adobe\Illustrator 9.0\Uninst.dll"
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS Probe V2.21.08-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Cossacks - European Wars-->C:\WINDOWS\uncsetup.exe
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet 3840-->msiexec /x{B1591C79-1C35-4E09-AA15-F7D6923AFB96}
HP Software Update-->MsiExec.exe /X{B81023A5-71ED-46EB-BE3B-9F974D1155F1}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
InterVideo WinDVD 5-->"C:\Program Files\InstallShield Installation Information\{1B399A41-C1D0-40A2-9E4F-095868EFAF01}\setup.exe" REMOVEALL
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jeu de Tir-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40DD2EE5-AF2E-4FBF-A3F2-75B266A81DFB}\setup.exe" -l0x40c -removeonly
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 5.1.2-->"F:\reception e mule\eMule\LimeWire\uninstall.exe"
Logitech MouseWare 9.70 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE /s C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG
Mafia Game-->C:\WINDOWS\system32\MafiaSetup.exe
MEDA MP3 Splitter 2.1.3-->"F:\docs clé usb\MEDA MP3 Splitter\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Motocross Madness 2-->"C:\Program Files\Microsoft Games\Motocross Madness 2\Uninstal.exe" /runtemp /addremove
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MS Access 97 SP2-->C:\Program Files\Microsoft Office\setup\setup.exe
MSN Gaming Zone-->C:\Program Files\MSN Gaming Zone\ZSetup.exe /Uninstall
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Keyboard Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{31C63A8A-D9AB-4300-828B-86B41F59FAE1}
Multimedia Mouse Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DB28FC86-D05E-4992-A8B4-A00AF3D777B8}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
NVIDIA nForce Drivers-->C:\WINDOWS\system32\NVUninst.exe Uninstall C:\WINDOWS\system32\NVU003.nvu,NVIDIA nForce Drivers
NVIDIA WDM Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\Setup.exe"
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pinnacle MediaCenter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -l0x40c UNINSTALL
PlayMP3z-->C:\Program Files\PlayMP3z\uninstall.exe uninstall=playmp3z
Power Tab Editor 1.7-->C:\PROGRA~1\PTSOFT~1\PTEDIT~1\UNWISE.EXE C:\PROGRA~1\PTSOFT~1\PTEDIT~1\INSTALL.LOG
Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x40c -removeonly
Satsuki Decoder Pack 4301-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SigmaTel MSCN Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}\setup.exe" -l0x40c
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: AntiVir Desktop (disabled) (outdated)

======System event log======

Computer Name: CHANTELARD
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 5870
Source Name: Service Control Manager
Time Written: 20091018191024.000000+120
Event Type: Informations
User:

Computer Name: CHANTELARD
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 5869
Source Name: Service Control Manager
Time Written: 20091018191024.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: CHANTELARD
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service NVSvc à une transaction.

Record Number: 5868
Source Name: Service Control Manager
Time Written: 20091018191024.000000+120
Event Type: erreur
User:

Computer Name: CHANTELARD
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 5867
Source Name: Service Control Manager
Time Written: 20091018190954.000000+120
Event Type: Informations
User:

Computer Name: CHANTELARD
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 5866
Source Name: Service Control Manager
Time Written: 20091018190954.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: CHANTELARD
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x001419fc.

Record Number: 526
Source Name: Application Error
Time Written: 20080929160544.000000+120
Event Type: erreur
User:

Computer Name: CHANTELARD
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x001419fc.

Record Number: 525
Source Name: Application Error
Time Written: 20080929155544.000000+120
Event Type: erreur
User:

Computer Name: CHANTELARD
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x001419fc.

Record Number: 524
Source Name: Application Error
Time Written: 20080929154544.000000+120
Event Type: erreur
User:

Computer Name: CHANTELARD
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x001419fc.

Record Number: 523
Source Name: Application Error
Time Written: 20080929153544.000000+120
Event Type: erreur
User:

Computer Name: CHANTELARD
Event Code: 1001
Message: Échec de détection du produit '{43DCF766-6838-4F9A-8C91-D92DA586DFA7}', fonctionnalité 'DefaultFeature' lors de la demande du composant '{A4AD656D-72E9-43A7-9DD0-E5F6AF438E72}'

Record Number: 522
Source Name: MsiInstaller
Time Written: 20080929153122.000000+120
Event Type: Avertissement
User: CHANTELARD\Propriétaire

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 6 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
je veux pas t'inquiéter mais la y'a du boulot et surtout un beau rootkit , on va sans doute utiliser plusieurs outils ^^

/!\ Le logiciel qui suit n'est pas à utiliser à la légère ! Ne le faites que si un helpeur vous l'a recommandé. /!\

Ce logiciel est très puissant et une mauvaise utilisation peut faire des dégâts... Suis exactement cette procedure :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !). Pour cela, fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " et tape C-Fix dans la fenêtre qui s'ouvre et valide.

Déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES, antivirus...
(qui pourraient gêner fortement l'outil...Tu les réactiveras donc après ! )


Tuto ici pour installer la Console de récupération (important en cas de problème) : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

postes le rapport stp

(ne touche a rien pendant que l'outil travaille pour ne pas figer ton pc)
0
Réponse 7 / 45
Sylkhin
 
voici le rapport

ComboFix 09-11-13.06 - Propriétaire 13/11/2009 16:14.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.246 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Bureau\C-Fix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\060ptrm.com
C:\08dgu.com
C:\0c9k.exe
C:\0w.com
C:\1f.bat
C:\1mteolu9.com
C:\1xniph.bat
C:\28b6ry9r.exe
C:\2a.exe
C:\2FIJI.COM
C:\2nuk.com
C:\2u.com
C:\3.cmd
C:\3c.exe
C:\3j2h0tf.bat
C:\3rl3lqbq.bat
C:\68.exe
C:\6phx.com
C:\8.exe
C:\86.exe
C:\86l2qw.bat
C:\8dtyjjf.exe
C:\8gig0ofk.com
C:\8paf1d.com
C:\8rcahp.exe
C:\9.cmd
C:\9dlvtiil.exe
C:\9j.exe
C:\9kretct.exe
C:\abk.bat
C:\aieh8r.bat
C:\autorun.inf
C:\b.bat
C:\b.com
C:\b.exe
C:\be2trf.bat
C:\bo1dhu.bat
C:\cahpcg.cmd
C:\cfrdbyrp.bat
C:\cj1m.com
C:\cv8j.exe
C:\d9c.bat
c:\docume~1\PROPRI~1\LOCALS~1\Temp\cvasds0.dll
C:\dogyx90.exe
C:\e.cmd
C:\ev60a2.cmd
C:\ewqij.bat
C:\f.bat
C:\frg89pi.bat
C:\fsaht.cmd
C:\g1.bat
C:\gbm6n.exe
C:\gclwpivc.cmd
C:\gpcdt.cmd
C:\hifdmgt.com
C:\i0yva6.exe
C:\icxpa.cmd
C:\ij.bat
C:\itsduel.exe
C:\ix8bmwx.bat
C:\j39y2.bat
C:\lad.bat
C:\lky.exe
C:\m.com
C:\m.exe
C:\m2nl.bat
C:\m9ma.exe
C:\metdgv.bat
C:\mjafm.exe
C:\ml.com
C:\mt2.exe
C:\n0euybx.exe
C:\n68mqcra.exe
C:\ncyrf.bat
C:\nkbd1v.exe
C:\o1.com
C:\o9bxu.exe
C:\p.exe
C:\p0ijj.bat
C:\Pkkwng.exe
C:\pnt.com
c:\program files\PlayMP3z
c:\program files\PlayMP3z\PlayMP3.exe
c:\program files\PlayMP3z\uninstall.exe
c:\program files\zango
c:\program files\zango\bin\10.3.85.0\HostOE.dll
C:\pv6mxu.bat
C:\Q1ALX.EXE
C:\q9.cmd
C:\qkjxl.exe
C:\qothmn.cmd
C:\qv9qc9f.exe
C:\s.exe
C:\sm.exe
C:\sq.com
C:\sv8c2bjw.bat
C:\uhoxajc.cmd
C:\ukvr.bat
C:\uo10sn.cmd
C:\upx.bat
C:\w9hw8.exe
c:\windows\AhnRpta.exe
c:\windows\GnuHashes.ini
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000021_.tmp.dll
c:\windows\system32\_000022_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_006427_.tmp.dll
c:\windows\system32\_006428_.tmp.dll
c:\windows\system32\_006429_.tmp.dll
c:\windows\system32\_006430_.tmp.dll
c:\windows\system32\_006437_.tmp.dll
c:\windows\system32\_006438_.tmp.dll
c:\windows\system32\_006439_.tmp.dll
c:\windows\system32\_006440_.tmp.dll
c:\windows\system32\_006442_.tmp.dll
c:\windows\system32\_006443_.tmp.dll
c:\windows\system32\_006446_.tmp.dll
c:\windows\system32\_006447_.tmp.dll
c:\windows\system32\_006449_.tmp.dll
c:\windows\system32\_006450_.tmp.dll
c:\windows\system32\_006451_.tmp.dll
c:\windows\system32\_006453_.tmp.dll
c:\windows\system32\_006456_.tmp.dll
c:\windows\system32\_006457_.tmp.dll
c:\windows\system32\_006461_.tmp.dll
c:\windows\system32\_006462_.tmp.dll
c:\windows\system32\_006464_.tmp.dll
c:\windows\system32\_006467_.tmp.dll
c:\windows\system32\_006469_.tmp.dll
c:\windows\system32\_006470_.tmp.dll
c:\windows\system32\_006471_.tmp.dll
c:\windows\system32\_006472_.tmp.dll
c:\windows\system32\_006473_.tmp.dll
c:\windows\system32\_006476_.tmp.dll
c:\windows\system32\_006477_.tmp.dll
c:\windows\system32\_006478_.tmp.dll
c:\windows\system32\_006479_.tmp.dll
c:\windows\system32\_006480_.tmp.dll
c:\windows\system32\_006485_.tmp.dll
c:\windows\system32\0zIKY5twWuUFQ.vbs
c:\windows\system32\2.tmp
c:\windows\system32\4.tmp
c:\windows\system32\avicap3232.dll
c:\windows\system32\Bitkv0.dll
c:\windows\system32\BiTKv1.dll
c:\windows\system32\ckvo.exe
c:\windows\system32\ckvo0.dll
c:\windows\system32\ckvo1.dll
c:\windows\system32\dfsshlex32.dll
c:\windows\system32\dOH5FxK.vbs
c:\windows\system32\e8main0.dll
c:\windows\system32\e8main1.dll
c:\windows\system32\e8main2.dll
c:\windows\system32\gasretyw0.dll
c:\windows\system32\gasretyw1.dll
c:\windows\system32\gasretyw2.dll
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\HTZhLmBDnIf0i.vbs
c:\windows\system32\I8CWJCr6c2i2e.vbs
c:\windows\system32\kamsoft(2).exe
c:\windows\system32\LocalService\329.crack.zip
c:\windows\system32\LocalService\329.crack.zip.kwd
c:\windows\system32\LocalService\330.keygen.zip
c:\windows\system32\LocalService\330.keygen.zip.kwd
c:\windows\system32\LocalService\331.serial.zip
c:\windows\system32\LocalService\331.serial.zip.kwd
c:\windows\system32\LocalService\332.setup.zip
c:\windows\system32\LocalService\332.setup.zip.kwd
c:\windows\system32\LocalService\333.music.au
c:\windows\system32\LocalService\333.music.au.kwd
c:\windows\system32\LocalService\334.music2.au
c:\windows\system32\LocalService\334.music2.au.kwd
c:\windows\system32\LocalService\335.music3.au
c:\windows\system32\LocalService\335.music3.au.kwd
c:\windows\system32\LocalService\336.music4.au
c:\windows\system32\LocalService\336.music4.au.kwd
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\nmdfgds2.dll
c:\windows\system32\olhrwef.exe
c:\windows\system32\sstray.exe
c:\windows\system32\SYv28Oj.vbs
c:\windows\system32\vbsdfe0.dll
c:\windows\whAgent.inf
c:\windows\whInstaller.ini
C:\xbvv6o.com
C:\xdglur.bat
C:\xh319r9b.bat
C:\xhah66s.cmd
C:\xmcckw.bat
C:\xs6kpr0.exe
C:\y.bat
C:\y6yol.exe
C:\yudald.bat
F:\08dgu.com
F:\0w.com
F:\1f.bat
F:\1xniph.bat
F:\2a.exe
F:\2fiji.com
F:\2u.com
F:\3.cmd
F:\3c.exe
F:\3j2h0tf.bat
F:\3rl3lqbq.bat
F:\68.exe
F:\8.exe
F:\86l2qw.bat
F:\8gig0ofk.com
F:\8rcahp.exe
F:\9.cmd
F:\9dlvtiil.exe
F:\abk.bat
F:\aieh8r.bat
F:\Autorun.inf
F:\b.bat
F:\b.com
F:\b.exe
F:\be2trf.bat
F:\bo1dhu.bat
F:\cahpcg.cmd
F:\cfrdbyrp.bat
F:\d9c.bat
F:\dogyx90.exe
F:\e.cmd
F:\ev60a2.cmd
F:\ewqij.bat
F:\f.bat
F:\frg89pi.bat
F:\fsaht.cmd
F:\g1.bat
F:\gbm6n.exe
F:\gclwpivc.cmd
F:\gpcdt.cmd
F:\hifdmgt.com
F:\i0yva6.exe
F:\icxpa.cmd
F:\ij.bat
F:\itsduel.exe
F:\ix8bmwx.bat
F:\j39y2.bat
F:\lad.bat
F:\lky.exe
F:\m.com
F:\m.exe
F:\m2nl.bat
F:\m9ma.exe
F:\metdgv.bat
F:\mjafm.exe
F:\mt2.exe
F:\n68mqcra.exe
F:\n6t1h.cmd
F:\ncyrf.bat
F:\nq0cq.cmd
F:\o9bxu.exe
F:\p.exe
F:\p0ijj.bat
F:\pkkwng.exe
F:\pnt.com
F:\pv6mxu.bat
F:\q1alx.exe
F:\q9.cmd
F:\qothmn.cmd
F:\qv9qc9f.exe
F:\rcukd.cmd
F:\sm.exe
F:\sq.com
F:\sv8c2bjw.bat
F:\t0k3c.cmd
F:\uhoxajc.cmd
F:\ukvr.bat
F:\uo10sn.cmd
F:\upx.bat
F:\w9hw8.exe
F:\xdglur.bat
F:\xh319r9b.bat
F:\xhah66s.cmd
F:\xih9.cmd
F:\xmcckw.bat
F:\y.bat
F:\y6yol.exe
F:\yannh.cmd
F:\yudald.bat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_KAVSYS
-------\Legacy_TDSSSERV
-------\Service_AVPsys
-------\Service_TDSSserv


((((((((((((((((((((((((((((( Fichiers créés du 2009-10-13 au 2009-11-13 ))))))))))))))))))))))))))))))))))))
.

2009-11-13 13:36 . 2009-11-13 13:36 -------- d-----w- c:\program files\trend micro
2009-11-13 13:36 . 2009-11-13 14:04 -------- d-----w- C:\rsit
2009-11-13 11:16 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-11-13 11:16 . 2009-03-24 15:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-13 11:16 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-11-13 11:16 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-11-13 11:16 . 2009-11-13 11:16 -------- d-----w- c:\program files\Avira
2009-11-13 11:16 . 2009-11-13 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-11-13 10:52 . 2009-11-13 10:52 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-13 10:50 . 2009-10-03 08:15 2924848 -c----w- c:\documents and settings\All Users\Application Data\~0\Ad-AwareInstallation.exe
2009-11-13 10:49 . 2009-11-13 10:49 -------- d-----w- c:\program files\Lavasoft
2009-11-12 22:12 . 2009-11-12 22:12 -------- d-----w- c:\program files\Panda Security
2009-11-12 22:06 . 2009-11-12 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-11-12 22:01 . 2009-11-13 15:20 -------- d-sh--w- c:\windows\system32\LocalService
2009-11-12 21:56 . 2009-11-12 21:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-12 21:52 . 2009-11-12 21:52 -------- d-----w- C:\Nouveau dossier
2009-11-12 17:53 . 2009-11-12 17:54 -------- d-sh--w- c:\windows\system32\LocalService(5)
2009-11-12 16:37 . 2009-11-13 11:08 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0
2009-11-12 12:19 . 2009-11-12 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-12 12:03 . 2009-11-12 12:03 -------- d-sh--w- c:\windows\system32\LocalService(4)
2009-11-10 18:29 . 2009-11-10 18:30 -------- d-sh--w- c:\windows\system32\LocalService(3)
2009-10-20 17:01 . 2009-10-20 17:01 64072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.736\French\setup.exe
2009-10-19 15:40 . 2009-10-27 21:20 -------- d-----w- c:\program files\Solo2000(2)
2009-10-19 15:34 . 2009-10-27 21:21 -------- d-----w- c:\program files\psdmi
2009-10-16 21:23 . 2009-10-27 21:21 -------- d-----w- c:\program files\Controle Parental

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-13 11:08 . 2008-09-29 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-12 22:14 . 2003-04-24 12:00 565788 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-12 22:14 . 2003-04-24 12:00 109758 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-12 22:01 . 2009-11-12 22:00 523776 --sha-w- c:\windows\system32\D1.tmp
2009-11-12 21:55 . 2009-05-18 09:56 -------- d-----w- c:\program files\OrangeHSS
2009-11-12 21:52 . 2009-09-18 07:20 -------- d-----w- c:\program files\CCleaner
2009-11-12 17:53 . 2009-11-12 17:53 523776 --sha-w- c:\windows\system32\A2.tmp
2009-10-27 21:21 . 2004-09-24 15:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-27 21:19 . 2009-08-29 15:45 -------- d-----w- c:\program files\RALINK
2009-10-27 21:19 . 2009-09-13 11:24 -------- d-----w- c:\program files\Satsuki Decoder Pack
2009-10-19 23:52 . 2009-10-19 23:52 3091968 ----a-w- c:\windows\system32\SETC.tmp
2009-10-19 23:52 . 2009-10-19 23:52 3091968 ------w- c:\windows\system32\SETD.tmp
2009-09-28 05:26 . 2009-09-28 05:26 0 ----a-w- c:\windows\system32\44.tmp
2009-09-28 05:26 . 2009-09-28 05:26 0 ----a-w- c:\windows\system32\43.tmp
2009-09-25 22:10 . 2009-09-25 22:10 523264 --sha-w- c:\windows\system32\12A.tmp
2009-09-25 05:36 . 2009-09-25 05:36 671232 ----a-w- c:\windows\system32\SET20C.tmp
2009-09-25 05:36 . 2009-09-25 05:36 671232 ----a-w- c:\windows\system32\SET1EE.tmp
2009-09-25 05:36 . 2009-09-25 05:36 671232 ------w- c:\windows\system32\SET39.tmp
2009-09-25 05:36 . 2009-09-25 05:36 628736 ----a-w- c:\windows\system32\SET20D.tmp
2009-09-25 05:36 . 2009-09-25 05:36 628736 ----a-w- c:\windows\system32\SET1EF.tmp
2009-09-25 05:36 . 2009-09-25 05:36 628736 ------w- c:\windows\system32\SET3A.tmp
2009-09-25 05:36 . 2009-09-25 05:36 1510400 ----a-w- c:\windows\system32\SET20F.tmp
2009-09-25 05:36 . 2009-09-25 05:36 1510400 ----a-w- c:\windows\system32\SET1F0.tmp
2009-09-25 05:36 . 2009-09-25 05:36 1510400 ------w- c:\windows\system32\SET3B.tmp
2009-09-25 05:36 . 2009-09-25 05:36 3091968 ----a-w- c:\windows\system32\SET211.tmp
2009-09-25 05:36 . 2009-09-25 05:36 3091968 ----a-w- c:\windows\system32\SET1F1.tmp
2009-09-25 05:36 . 2004-08-19 23:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-25 02:14 . 2009-09-25 02:14 523264 --sha-w- c:\windows\system32\26.tmp
2009-09-24 06:22 . 2009-09-24 06:22 523264 --sha-w- c:\windows\system32\20.tmp
2009-09-22 08:42 . 2009-09-22 08:42 523264 --sha-w- c:\windows\system32\17.tmp
2009-09-20 18:34 . 2009-09-20 18:34 122880 ----a-w- c:\windows\system32\FEELIT32.dll
2009-09-20 17:06 . 2009-09-20 17:06 115061 --sh--r- C:\cqb6wo.exe
2009-09-19 16:15 . 2009-09-19 16:16 117220 --sh--r- C:\2o1ajagt.exe
2009-09-18 14:50 . 2009-09-18 14:50 116114 --sh--r- C:\wrsf.exe
2009-09-17 14:52 . 2009-09-17 14:53 115797 --sh--r- C:\lhh3v.exe
2009-09-16 14:48 . 2009-09-16 14:49 116163 --sh--r- C:\qcod.exe
2009-09-15 15:47 . 2009-09-15 15:48 115942 --sh--r- C:\o8tf6l.exe
2009-09-15 15:30 . 2009-09-15 15:30 114736 --sh--r- C:\3slhl.exe
2009-09-13 15:45 . 2009-09-13 15:46 117106 --sh--r- C:\qcoageh.exe
2009-09-12 14:24 . 2009-09-10 13:50 115742 --sh--r- C:\ph.exe
2009-09-11 14:18 . 2009-09-11 14:18 136192 ----a-w- c:\windows\system32\SETA5.tmp
2009-09-11 14:18 . 2009-09-11 14:18 136192 ----a-w- c:\windows\system32\SETA4.tmp
2009-09-11 14:18 . 2009-09-11 14:18 136192 ------w- c:\windows\system32\SET2E.tmp
2009-09-10 13:32 . 2009-09-10 13:32 114942 --sh--r- C:\q0.exe
2009-09-08 16:14 . 2009-09-08 15:52 116142 --sh--r- C:\10nb.exe
2009-09-08 15:17 . 2009-09-08 15:17 116030 --sh--r- C:\w3.exe
2009-09-04 21:04 . 2009-09-04 21:04 58880 ------w- c:\windows\system32\SET32.tmp
2009-09-04 21:04 . 2009-09-04 21:04 58880 ------w- c:\windows\system32\SET18F.tmp
2009-09-04 21:04 . 2009-09-04 21:04 58880 ------w- c:\windows\system32\SET175.tmp
2009-08-30 14:58 . 2009-08-30 14:58 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-08-30 14:51 . 2009-08-30 14:48 113919 --sh--r- C:\xbvv0.exe
2009-08-30 14:40 . 2009-08-30 14:40 114816 --sh--r- C:\p9dwwa61.exe
2009-08-30 14:20 . 2009-08-30 14:20 0 ----a-w- c:\windows\nsreg.dat
2009-08-29 15:51 . 2009-08-29 15:51 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-08-26 08:01 . 2003-04-24 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\TBMF0.tmp
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-06-16 11:23 . 2009-06-15 14:26 97280 --sh--r- c:\windows\system32\nmdfgds3.dll
.

------- Sigcheck -------

[7] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[7] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[7] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[7] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[7] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[7] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[7] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[7] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[7] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 0DF75FB73F705B011630159A43D7C354 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[7] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[7] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2004-07-15 4112384]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2004-07-15 81920]
"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 28672]
"WireLessKeyboard"="c:\program files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 94208]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-4-24 98304]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-10-9 184320]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-8-29 626688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\34a5c81e670]
2009-09-20 18:34 122880 ----a-w- c:\windows\system32\FEELIT32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\reception e mule\\eMule\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19966:TCP"= 19966:TCP:BitComet 19966 TCP
"19966:UDP"= 19966:UDP:BitComet 19966 UDP

R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [27/08/2004 15:18 97920]
R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [20/05/2004 16:35 10240]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/11/2009 12:16 108289]
R2 ASPIXNT;ASPIXNT;c:\windows\system32\drivers\Aspixnt.sys [05/10/2008 16:23 6336]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [06/07/2009 12:21 55152]
S3 FileObjInfo;STFileDriver;\??\c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys --> c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 17:08 533360]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [01/04/2008 17:51 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [01/04/2008 17:51 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [01/04/2008 17:51 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [01/04/2008 17:52 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [01/04/2008 17:52 100008]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
S3 WFsys;WinFox Control I/O Driver;c:\windows\system32\drivers\wfsys.sys [27/09/2004 23:35 13692]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'

2009-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mappy.com
Trusted Zone: orange.fr
Trusted Zone: voila.fr\rw.search.ke
Trusted Zone: weborama.fr\orange
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\j105yajm.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{0DB0EAE3-2F03-42DA-9361-E905B48269A9} - c:\windows\System32\dfsshlex32.dll
HKLM-Run-nForce Tray Options - sstray.exe
HKLM-Run-StandardInstall - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-13 16:22
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(656)
c:\windows\System32\FEELIT32.dll

- - - - - - - > 'explorer.exe'(2496)
c:\windows\System32\FEELIT32.dll
c:\progra~1\Logitech\MOUSEW~1\SYSTEM\LGMOUSHK.dll
c:\windows\system32\D1.tmp
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-11-13 16:25 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-13 15:25

Avant-CF: 19 015 225 344 octets libres
Après-CF: 18 900 107 264 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

- - End Of File - - 56B4DFE89EC97EF77401B6128EAF7510
0
Réponse 8 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
fais ceci stp :

• Rends toi sur le site https://www.virustotal.com/gui/
• Clique sur Parcourir, et navigue jusqu'au fichier suivant et valide :

c:\windows\system32\FEELIT32.dll


• Clique sur "Envoyer le fichier" : s'il a déjà été analysé, demande une nouvelle analyse.
• Fais un copier/coller du rapport sur le forum.

et refais la meme chose pour celui la : c:\windows\system32\ezsidmv.dat

Si tu ne trouves pas le fichier, fais ceci :
• Menu Démarrer --> Panneau de configuration --> Options des dossiers --> Affichage
• Coche "Afficher les fichiers et dossiers cachés", décoche "Masquer les extensions de fichiers connus", décoche "Masquer les fichiers protégés du Système", puis valide.
• Tu pourras à nouveau masquer les fichiers cachés une fois la manipulation terminée, si tu le souhaites.

ENSUITE

* Telecharge UsbFix (de C_XX & Chiquitine29) sur ton bureau
* tutoriel recherche
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix sur ton bureau, l'installation se fera automatiquement
* Choisi l'option 1 (recherche)
* Laisse travailler l'outil
* Ensuite post le rapport UsbFix.txt qui apparaîtra
* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus
0
Réponse 9 / 45
Sylkhin
 
Merci de te donner autant de mal.

Voici les rapports

Analyse de FEELIT32.dll

Le fichier a déjà été analysé:
MD5: 80b028bf60f810480e83de8548f0e4a7
First received: 2009.09.20 06:37:33 UTC
Date 2009.10.05 23:52:34 UTC [>39D]
Résultats 8/41
Permalink: analisis/ab180560eebb8b27410b438bc8941a76dc0446c94301f5339bf4cfa1530aec67-1254786754

2eme analyse de FEELIT32.dll

Fichier FEELIT32.dll reçu le 2009.11.14 11:00:16 (UTC)
Situation actuelle: terminé
Résultat: 27/41 (65.85%)

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.41 2009.11.14 Trojan-Dropper.Agent!IK
AhnLab-V3 5.0.0.2 2009.11.13 Win32/Nugg.worm.122880
AntiVir 7.9.1.65 2009.11.13 TR/Agent.122880
Antiy-AVL 2.0.3.7 2009.11.13 -
Authentium 5.2.0.5 2009.11.14 -
Avast 4.8.1351.0 2009.11.14 -
AVG 8.5.0.425 2009.11.14 Downloader.Generic8.BXYZ
BitDefender 7.2 2009.11.14 Trojan.Generic.2526904
CAT-QuickHeal 10.00 2009.11.13 Trojan.Agent.ATV
ClamAV 0.94.1 2009.11.14 -
Comodo 2952 2009.11.14 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.11.14 Trojan.Bender.1
eSafe 7.0.17.0 2009.11.12 Suspicious File
eTrust-Vet 35.1.7121 2009.11.14 -
F-Prot 4.5.1.85 2009.11.13 -
F-Secure 9.0.15370.0 2009.11.11 Trojan.Generic.2526904
Fortinet 3.120.0.0 2009.11.14 PossibleThreat
GData 19 2009.11.14 Trojan.Generic.2526904
Ikarus T3.1.1.74.0 2009.11.14 Trojan-Dropper.Agent
Jiangmin 11.0.800 2009.11.12 -
K7AntiVirus 7.10.896 2009.11.13 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.11.14 P2P-Worm.Win32.Nugg.ca
McAfee 5801 2009.11.13 -
McAfee+Artemis 5801 2009.11.13 Artemis!80B028BF60F8
McAfee-GW-Edition 6.8.5 2009.11.14 Trojan.Agent.122880
Microsoft 1.5202 2009.11.14 TrojanDownloader:Win32/Tracur.B
NOD32 4606 2009.11.14 Win32/TrojanDownloader.Agent.PDY
Norman 6.03.02 2009.11.14 -
nProtect 2009.1.8.0 2009.11.14 Worm/W32.Nugg.122880
Panda 10.0.2.2 2009.11.13 Generic Trojan
PCTools 7.0.3.5 2009.11.13 Trojan.Agent
Prevx 3.0 2009.11.14 High Risk Cloaked Malware
Rising 22.21.05.04 2009.11.14 Trojan.Win32.Nodef.xlm
Sophos 4.47.0 2009.11.14 -
Sunbelt 3.2.1858.2 2009.11.12 -
Symantec 1.4.4.12 2009.11.14 Trojan Horse
TheHacker 6.5.0.2.069 2009.11.13 -
TrendMicro 9.0.0.1003 2009.11.14 -
VBA32 3.12.10.11 2009.11.13 P2P-Worm.Win32.Nugg.ca
ViRobot 2009.11.14.2037 2009.11.14 -
VirusBuster 4.6.5.0 2009.11.13 Trojan.Agent.PHHM
Information additionnelle
File size: 122880 bytes
MD5...: 80b028bf60f810480e83de8548f0e4a7
SHA1..: c8ae8b2e52b3a2faacf16c53596e4148a88af9a4
SHA256: ab180560eebb8b27410b438bc8941a76dc0446c94301f5339bf4cfa1530aec67
ssdeep: 3072:6p8SjCBYWNcbTHfV3JxkjLoIb8dnNB4zp:6y/BPKxYoIb85NB4
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1c0d1
timedatestamp.....: 0x48a504af (Fri Aug 15 04:23:11 2008)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x1b15e 0x1b200 7.96 20143af5bd231fd0a6bc249698184f57
DATA 0x1d000 0x2ffc 0x600 3.94 bba96b266ed00d28a547de39e46a9bb1
BSS 0x20000 0xe31 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x21000 0x9ce 0xa00 4.68 593ecfff20924d94c11cee3b5e963920
.reloc 0x22000 0x19f1 0x1a00 6.65 8436674dc4fe3d09d3519b845f45876d

( 9 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc
> kernel32.dll: WriteFile, WaitForSingleObject, VirtualQuery, SetFilePointer, SetEvent, SetEndOfFile, ResetEvent, ReadFile, LeaveCriticalSection, InitializeCriticalSection, GetVersionExA, GetThreadLocale, GetStringTypeExA, GetStdHandle, GetProcAddress, GetOEMCP, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCPInfo, GetACP, FormatMessageA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateFileA, CreateEventA, CompareStringA, CloseHandle
> user32.dll: MessageBoxA, LoadStringA, GetSystemMetrics, CharNextA, CharToOemA
> kernel32.dll: Sleep
> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=80b028bf60f810480e83de8548f0e4a7' target='_blank'>https://www.symantec.com?md5=80b028bf60f810480e83de8548f0e4a7</a>
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=224D3C1B00750262E0C4019D108C0800CF2F4C11' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=224D3C1B00750262E0C4019D108C0800CF2F4C11</a>
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

ANALYSE ezsidmv.dat


Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.41 2009.11.14 -
AhnLab-V3 5.0.0.2 2009.11.13 -
AntiVir 7.9.1.65 2009.11.13 -
Antiy-AVL 2.0.3.7 2009.11.13 -
Authentium 5.2.0.5 2009.11.14 -
Avast 4.8.1351.0 2009.11.14 -
AVG 8.5.0.425 2009.11.14 -
BitDefender 7.2 2009.11.14 -
CAT-QuickHeal 10.00 2009.11.13 -
ClamAV 0.94.1 2009.11.14 -
Comodo 2952 2009.11.14 -
DrWeb 5.0.0.12182 2009.11.14 -
eSafe 7.0.17.0 2009.11.12 -
eTrust-Vet 35.1.7121 2009.11.14 -
F-Prot 4.5.1.85 2009.11.13 -
F-Secure 9.0.15370.0 2009.11.11 -
Fortinet 3.120.0.0 2009.11.14 -
GData 19 2009.11.14 -
Ikarus T3.1.1.74.0 2009.11.14 -
Jiangmin 11.0.800 2009.11.12 -
K7AntiVirus 7.10.896 2009.11.13 -
Kaspersky 7.0.0.125 2009.11.14 -
McAfee 5801 2009.11.13 -
McAfee+Artemis 5801 2009.11.13 -
McAfee-GW-Edition 6.8.5 2009.11.14 -
Microsoft 1.5202 2009.11.14 -
NOD32 4606 2009.11.14 -
Norman 6.03.02 2009.11.14 -
nProtect 2009.1.8.0 2009.11.14 -
Panda 10.0.2.2 2009.11.13 -
PCTools 7.0.3.5 2009.11.13 -
Prevx 3.0 2009.11.14 -
Rising 22.21.05.04 2009.11.14 -
Sophos 4.47.0 2009.11.14 -
Sunbelt 3.2.1858.2 2009.11.12 -
Symantec 1.4.4.12 2009.11.14 -
TheHacker 6.5.0.2.069 2009.11.13 -
TrendMicro 9.0.0.1003 2009.11.14 -
VBA32 3.12.10.11 2009.11.13 -
ViRobot 2009.11.14.2037 2009.11.14 -
VirusBuster 4.6.5.0 2009.11.13 -
Information additionnelle
File size: 56 bytes
MD5...: 675e4f2de92c75ece534b7c3afc03214
SHA1..: 8a78c973bbec04d66083d2b10089ff05d0dc7b5e
SHA256: 900a228743098366bb4ade02e2794e266a627c848244d5dcd205bcfe346efd56
ssdeep: 3:+hXF0CmDzu76Y8kId/:kelni1Id/
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

RAPPORT USBFIX


############################## | UsbFix V6.052 |

User : Propriétaire (Administrateurs) # CHANTELARD
Update on 13/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 12:19:59 | 14/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.26 [ (!) Disabled | (!) Outdated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 39.06 Go (17.59 Go free) # NTFS
D:\ -> Disque CD-ROM # 81.51 Mo (0 Mo free) [livebox] # CDFS
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 113.6 Go (50.61 Go free) # NTFS
G:\ -> Disque amovible # 3.61 Go (3.22 Go free) # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 580
C:\WINDOWS\system32\csrss.exe 632
C:\WINDOWS\system32\winlogon.exe 656
C:\WINDOWS\system32\services.exe 700
C:\WINDOWS\system32\lsass.exe 712
C:\WINDOWS\system32\svchost.exe 880
C:\WINDOWS\system32\svchost.exe 960
C:\WINDOWS\System32\svchost.exe 1056
C:\WINDOWS\System32\svchost.exe 1136
C:\WINDOWS\system32\svchost.exe 1248
C:\WINDOWS\system32\spoolsv.exe 1612
C:\WINDOWS\Explorer.EXE 1740
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1780
C:\WINDOWS\System32\svchost.exe 1864
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE 1976
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 1992
C:\Program Files\ASUS\Probe\AsusProb.exe 2008
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 168
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe 292
C:\Program Files\RALINK\Common\RaUI.exe 368
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe 388
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 764
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1428
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 1476
C:\WINDOWS\System32\nvsvc32.exe 1536
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1728
C:\WINDOWS\System32\svchost.exe 244
C:\WINDOWS\system32\wdfmgr.exe 1948
C:\WINDOWS\system32\wscntfy.exe 2200
C:\WINDOWS\System32\alg.exe 2472
C:\Program Files\Mozilla Firefox\firefox.exe 3204
C:\WINDOWS\system32\wbem\wmiprvse.exe 4068

################## | Fichiers # Dossiers infectieux |

C:\WINDOWS\System32\nmdfgds3.dll
C:\10nb.exe
C:\2o1ajagt.exe
C:\cqb6wo.exe
C:\cqb6wo.exe
C:\lhh3v.exe
C:\nq0cq.cmd
C:\o8tf6l.exe
C:\o8tf6l.exe
C:\p9dwwa61.exe
C:\ph.exe
C:\q0.exe
C:\qcoageh.exe
C:\qcod.exe
C:\rcukd.cmd
C:\rdsfk.com
C:\tknapl.exe
C:\whi.com
C:\wrsf.exe
C:\xbvv0.exe
C:\xih9.cmd
C:\xlk9.com
C:\yannh.cmd
D:\autorun.inf
F:\10nb.exe
F:\1mteolu9.com
F:\28b6ry9r.exe
F:\2nuk.com
F:\2o1ajagt.exe
F:\6phx.com
F:\86.exe
F:\8dtyjjf.exe
F:\8paf1d.com
F:\9j.exe
F:\9kretct.exe
F:\AUTORUN.FCB
F:\cj1m.com
F:\cqb6wo.exe
F:\cqb6wo.exe
F:\cv8j.exe
F:\lhh3v.exe
F:\ml.com
F:\n0euybx.exe
F:\nkbd1v.exe
F:\o1.com
F:\o8tf6l.exe
F:\o8tf6l.exe
F:\p9dwwa61.exe
F:\ph.exe
F:\q0.exe
F:\qcoageh.exe
F:\qcod.exe
F:\rdsfk.com
F:\s.exe
F:\tknapl.exe
F:\whi.com
F:\wrsf.exe
F:\xbvv0.exe
F:\xbvv6o.com
F:\xlk9.com
F:\xs6kpr0.exe
G:\autorun.inf
G:\autorun.inf -> fichier appelé : "G:\cqb6wo.exe" ( Présent ! )
G:\cqb6wo.exe
G:\cqb6wo.exe
G:\yudald.bat

################## | Registre # Clés Run infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{2264e5f6-c452-11de-b871-8a1cbef18eb8}
Shell\AutoRun\command =G:\cqb6wo.exe
Shell\open\Command =G:\cqb6wo.exe

################## | Suspect | https://www.virustotal.com/gui/ |

C:\WINDOWS\System32\TDSSerrors.log

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.052 ! |
0
Réponse 10 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
* tutoriel nettoyage
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix présent sur ton bureau
* choisi l'option 2 ( Suppression )
* Ton bureau disparaîtra et le pc redémarrera .
* Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
* Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

* :!: UsbFix te proposera d'uploader un dossier compressé à cette adresse :>>>ici<<<
* Ce dossier a été créé par UsbFix et est enregistré sur ton bureau.
* Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
* Merci d'avance pour ta contribution !!
0
Réponse 11 / 45
Sylkhin
 
Bon à cette étape, j'ai eu un petit souci. Mon PC ne redémarre pas lorsqu'il y a une clé USB.
J'ai eu ce message
Diss boot failure insert system disk and press enter

Mais finalement il a redémarré (j'ai du retirer la clé USB)

Voici le rapport de USBfix (que j'ai envoyé à l'adresse indiquée)


############################## | UsbFix V6.052 |

User : Propriétaire (Administrateurs) # CHANTELARD
Update on 13/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:38:43 | 14/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.26 [ (!) Disabled | (!) Outdated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 39.06 Go (17.58 Go free) # NTFS
D:\ -> Disque CD-ROM # 526.2 Mo (0 Mo free) [X1AHOEM_FR] # CDFS
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 113.6 Go (50.61 Go free) # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 580
C:\WINDOWS\system32\csrss.exe 632
C:\WINDOWS\system32\winlogon.exe 656
C:\WINDOWS\system32\services.exe 700
C:\WINDOWS\system32\lsass.exe 712
C:\WINDOWS\system32\svchost.exe 880
C:\WINDOWS\system32\svchost.exe 960
C:\WINDOWS\System32\svchost.exe 1056
C:\WINDOWS\System32\svchost.exe 1132
C:\WINDOWS\system32\logonui.exe 1208
C:\WINDOWS\system32\svchost.exe 1392
C:\WINDOWS\system32\spoolsv.exe 1612
C:\WINDOWS\Explorer.EXE 1744
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1764
C:\WINDOWS\System32\svchost.exe 1888
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 596
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 636
C:\WINDOWS\System32\nvsvc32.exe 900
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1016
C:\WINDOWS\System32\svchost.exe 1496
C:\WINDOWS\system32\wdfmgr.exe 1560
C:\WINDOWS\system32\wuauclt.exe 1952
C:\WINDOWS\system32\wbem\wmiprvse.exe 1328
C:\WINDOWS\System32\rundll32.exe 508
C:\WINDOWS\system32\wscntfy.exe 560

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\WINDOWS\System32\nmdfgds3.dll
Supprimé ! C:\10nb.exe
Supprimé ! C:\2o1ajagt.exe
Supprimé ! C:\cqb6wo.exe
Supprimé ! C:\lhh3v.exe
Supprimé ! C:\nq0cq.cmd
Supprimé ! C:\o8tf6l.exe
Supprimé ! C:\p9dwwa61.exe
Supprimé ! C:\ph.exe
Supprimé ! C:\q0.exe
Supprimé ! C:\qcoageh.exe
Supprimé ! C:\qcod.exe
Supprimé ! C:\rcukd.cmd
Supprimé ! C:\rdsfk.com
Supprimé ! C:\tknapl.exe
Supprimé ! C:\whi.com
Supprimé ! C:\wrsf.exe
Supprimé ! C:\xbvv0.exe
Supprimé ! C:\xih9.cmd
Supprimé ! C:\xlk9.com
Supprimé ! C:\yannh.cmd
Non supprimé ! D:\autorun.inf
Supprimé ! F:\10nb.exe
Supprimé ! F:\1mteolu9.com
Supprimé ! F:\28b6ry9r.exe
Supprimé ! F:\2nuk.com
Supprimé ! F:\2o1ajagt.exe
Supprimé ! F:\6phx.com
Supprimé ! F:\86.exe
Supprimé ! F:\8dtyjjf.exe
Supprimé ! F:\8paf1d.com
Supprimé ! F:\9j.exe
Supprimé ! F:\9kretct.exe
Supprimé ! F:\AUTORUN.FCB
Supprimé ! F:\cj1m.com
Supprimé ! F:\cqb6wo.exe
Supprimé ! F:\cv8j.exe
Supprimé ! F:\lhh3v.exe
Supprimé ! F:\ml.com
Supprimé ! F:\n0euybx.exe
Supprimé ! F:\nkbd1v.exe
Supprimé ! F:\o1.com
Supprimé ! F:\o8tf6l.exe
Supprimé ! F:\p9dwwa61.exe
Supprimé ! F:\ph.exe
Supprimé ! F:\q0.exe
Supprimé ! F:\qcoageh.exe
Supprimé ! F:\qcod.exe
Supprimé ! F:\rdsfk.com
Supprimé ! F:\s.exe
Supprimé ! F:\tknapl.exe
Supprimé ! F:\whi.com
Supprimé ! F:\wrsf.exe
Supprimé ! F:\xbvv0.exe
Supprimé ! F:\xbvv6o.com
Supprimé ! F:\xlk9.com
Supprimé ! F:\xs6kpr0.exe

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2264e5f6-c452-11de-b871-8a1cbef18eb8}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[15/09/2009 16:30|-r-hs----|114736] C:\3slhl.exe
[08/12/2006 18:31|--a------|0] C:\AILog.txt
[24/09/2004 15:44|--a------|0] C:\AUTOEXEC.BAT
[25/09/2004 09:04|--a------|216] C:\Boot.bak
[13/11/2009 16:13|-rahs----|286] C:\boot.ini
[24/04/2003 13:00|-rahs----|4952] C:\Bootfont.bin
[15/02/2005 14:00|--a------|7741] C:\caavsetup.log
[07/04/2009 18:13|--a------|201] C:\checkrun.txt
[03/08/2004 23:00|--a------|263488] C:\cmldr
[13/11/2009 16:25|--a------|27117] C:\ComboFix.txt
[24/09/2004 15:44|--a------|0] C:\CONFIG.SYS
[24/05/2008 17:11|--a------|144077] C:\errlgr.txt
[17/06/2007 15:59|--a------|1602825] C:\flash-osx.hqx
[14/10/2009 21:51|--a------|128291] C:\hpfr3840.log
[25/10/2004 18:22|--a------|1091] C:\INSTALL.LOG
[24/09/2004 15:44|-rahs----|0] C:\IO.SYS
[11/06/2008 07:04|-r-hs----|117064] C:\m88coaim.exe
[24/09/2004 15:44|-rahs----|0] C:\MSDOS.SYS
[25/09/2004 09:01|-rahs----|47564] C:\NTDETECT.COM
[29/10/2008 17:31|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[15/06/2009 22:04|--a------|4608] C:\PctvUsb2Timeshift-snk.failed.grf
[24/05/2001 11:59|--a------|162304] C:\UNWISE.EXE
[14/11/2009 18:44|--a------|5168] C:\UsbFix.txt
[08/09/2009 16:17|-r-hs----|116030] C:\w3.exe
[24/04/2003 13:00|-r-------|112] D:\AUTORUN.INF
[24/04/2003 13:00|-r-------|4952] D:\BOOTFONT.BIN
[24/04/2003 13:00|-r-------|3495] D:\LISEZMOI.HTM
[24/04/2003 13:00|-r-------|2580480] D:\SETUP.EXE
[24/04/2003 13:00|-r-------|12530] D:\SPNOTES.HTM
[24/04/2003 13:00|-r-------|10] D:\WIN51
[24/04/2003 13:00|-r-------|10] D:\WIN51IC
[24/04/2003 13:00|-r-------|2] D:\WIN51IC.SP1
[29/06/2009 14:50|-r-hsc---|108386] F:\060ptrm.com
[18/06/2009 03:11|-r-hsc---|106884] F:\0c9k.exe
[15/09/2009 16:47|-r-hsc---|115942] F:\3slhl.exe
[12/06/2009 12:01|--a--c---|72704] F:\CVNicolasCHANTELARD.doc
[07/06/2009 12:42|--a--c---|11289948] F:\GP5DEMO.exe
[05/06/2009 14:56|--a--c---|21504] F:\lettredemotivation.doc
[11/06/2008 07:04|-r-hsc---|117064] F:\m88coaim.exe
[18/05/2009 20:55|--a--c---|42817032] F:\MCM2Trial.exe
[29/06/2009 08:02|-r-hsc---|108530] F:\qkjxl.exe
[04/06/2009 20:40|--a--c---|476696] F:\RealPlayer11GOLD_fr.exe
[08/09/2009 16:17|-r-hsc---|116030] F:\w3.exe

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |

C:\WINDOWS\System32\TDSSerrors.log

################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\PROPRI~1\Bureau\UsbFix_Upload_Me_CHANTELARD.zip : https://www.androidworld.fr/
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.052 ! |
0
Réponse 12 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
dsl pour le delai

/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour sylkhin, il n'est pas transposable sur un autre ordinateur !


Toujours avec toutes les protections désactivées, fais ceci :

• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt


CFScript


• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) comme sur ce lien : comme ceci

• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
0
Réponse 13 / 45
Sylkhin
 
Pas de souci pour le délai (et merci encore)
J'ai supprimé antivir car je n'arrivai pas à le désactiver totalement et combofix le signalait.
Voici le rapport

ComboFix 09-11-16.01 - Propriétaire 15/11/2009 19:18.2.1 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.260 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Bureau\C-Fix.exe
Commutateurs utilisés :: c:\documents and settings\Propriétaire\Bureau\CFScript.txt

FILE ::
"C:\3slhl.exe"
"C:\w3.exe"
"c:\windows\system32\12A.tmp"
"c:\windows\system32\17.tmp"
"c:\windows\system32\20.tmp"
"c:\windows\system32\26.tmp"
"c:\windows\system32\43.tmp"
"c:\windows\system32\44.tmp"
"c:\windows\system32\A2.tmp"
"c:\windows\system32\D1.tmp"
"c:\windows\system32\FEELIT32.dll"
"c:\windows\system32\SET175.tmp"
"c:\windows\system32\SET18F.tmp"
"c:\windows\system32\SET1EE.tmp"
"c:\windows\system32\SET1EF.tmp"
"c:\windows\system32\SET1F0.tmp"
"c:\windows\system32\SET1F1.tmp"
"c:\windows\system32\SET20C.tmp"
"c:\windows\system32\SET20D.tmp"
"c:\windows\system32\SET20F.tmp"
"c:\windows\system32\SET211.tmp"
"c:\windows\system32\SET2E.tmp"
"c:\windows\system32\SET32.tmp"
"c:\windows\system32\SET39.tmp"
"c:\windows\system32\SET3A.tmp"
"c:\windows\system32\SET3B.tmp"
"c:\windows\system32\SETA4.tmp"
"c:\windows\system32\SETA5.tmp"
"c:\windows\system32\TBMF0.tmp"
"c:\windows\System32\TDSSerrors.log"
"F:\0c9k.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\3slhl.exe
C:\w3.exe
c:\windows\GnuHashes.ini
c:\windows\system32\12A.tmp
c:\windows\system32\17.tmp
c:\windows\system32\20.tmp
c:\windows\system32\26.tmp
c:\windows\system32\43.tmp
c:\windows\system32\44.tmp
c:\windows\system32\6.tmp
c:\windows\system32\A2.tmp
c:\windows\system32\D1.tmp
c:\windows\system32\FEELIT32.dll
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\LocalService
c:\windows\system32\SET175.tmp
c:\windows\system32\SET18F.tmp
c:\windows\system32\SET1EE.tmp
c:\windows\system32\SET1EF.tmp
c:\windows\system32\SET1F0.tmp
c:\windows\system32\SET1F1.tmp
c:\windows\system32\SET20C.tmp
c:\windows\system32\SET20D.tmp
c:\windows\system32\SET20F.tmp
c:\windows\system32\SET211.tmp
c:\windows\system32\SET2E.tmp
c:\windows\system32\SET32.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3A.tmp
c:\windows\system32\SET3B.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\TBMF0.tmp
c:\windows\System32\TDSSerrors.log
c:\windows\system32\unrar.exe
F:\0c9k.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-15 au 2009-11-15 ))))))))))))))))))))))))))))))))))))
.

2009-11-14 18:48 . 2009-11-14 18:48 -------- d-sh--w- c:\windows\system32\SysWoW32
2009-11-14 18:46 . 2009-11-14 18:48 -------- d-----w- c:\windows\system32\110604153
2009-11-14 11:18 . 2009-11-14 17:44 -------- d-----w- C:\UsbFix
2009-11-13 15:12 . 2009-11-13 15:25 -------- d-----w- C:\C-Fix
2009-11-13 13:36 . 2009-11-13 13:36 -------- d-----w- c:\program files\trend micro
2009-11-13 13:36 . 2009-11-13 14:04 -------- d-----w- C:\rsit
2009-11-13 11:16 . 2009-03-24 15:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-13 10:52 . 2009-11-13 10:52 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-13 10:50 . 2009-10-03 08:15 2924848 -c----w- c:\documents and settings\All Users\Application Data\~0\Ad-AwareInstallation.exe
2009-11-13 10:49 . 2009-11-13 10:49 -------- d-----w- c:\program files\Lavasoft
2009-11-12 22:12 . 2009-11-12 22:12 -------- d-----w- c:\program files\Panda Security
2009-11-12 22:06 . 2009-11-12 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-11-12 21:56 . 2009-11-12 21:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-12 21:52 . 2009-11-12 21:52 -------- d-----w- C:\Nouveau dossier
2009-11-12 17:53 . 2009-11-12 17:54 -------- d-sh--w- c:\windows\system32\LocalService(5)
2009-11-12 16:37 . 2009-11-13 11:08 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0
2009-11-12 12:19 . 2009-11-12 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-12 12:03 . 2009-11-12 12:03 -------- d-sh--w- c:\windows\system32\LocalService(4)
2009-11-10 18:29 . 2009-11-10 18:30 -------- d-sh--w- c:\windows\system32\LocalService(3)
2009-10-20 17:01 . 2009-10-20 17:01 64072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.736\French\setup.exe
2009-10-19 15:40 . 2009-10-27 21:20 -------- d-----w- c:\program files\Solo2000(2)
2009-10-19 15:34 . 2009-10-27 21:21 -------- d-----w- c:\program files\psdmi
2009-10-16 21:23 . 2009-10-27 21:21 -------- d-----w- c:\program files\Controle Parental

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-13 11:08 . 2008-09-29 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-12 22:14 . 2003-04-24 12:00 565788 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-12 22:14 . 2003-04-24 12:00 109758 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-12 21:55 . 2009-05-18 09:56 -------- d-----w- c:\program files\OrangeHSS
2009-11-12 21:52 . 2009-09-18 07:20 -------- d-----w- c:\program files\CCleaner
2009-10-27 21:21 . 2004-09-24 15:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-27 21:19 . 2009-08-29 15:45 -------- d-----w- c:\program files\RALINK
2009-10-27 21:19 . 2009-09-13 11:24 -------- d-----w- c:\program files\Satsuki Decoder Pack
2009-10-19 23:52 . 2009-10-19 23:52 3091968 ----a-w- c:\windows\system32\SETC.tmp
2009-10-19 23:52 . 2009-10-19 23:52 3091968 ------w- c:\windows\system32\SETD.tmp
2009-09-25 05:36 . 2004-08-19 23:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-08-30 14:58 . 2009-08-30 14:58 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-08-30 14:20 . 2009-08-30 14:20 0 ----a-w- c:\windows\nsreg.dat
2009-08-29 15:51 . 2009-08-29 15:51 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-08-26 08:01 . 2003-04-24 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
.

------- Sigcheck -------

[7] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[7] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[7] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[7] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[7] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[7] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[7] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[7] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[7] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 0DF75FB73F705B011630159A43D7C354 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[7] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[7] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2004-07-15 4112384]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2004-07-15 81920]
"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 28672]
"WireLessKeyboard"="c:\program files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 94208]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-4-24 98304]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-10-9 184320]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-8-29 626688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService"=2 (0x2)
"AntiVirSchedulerService"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\reception e mule\\eMule\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19966:TCP"= 19966:TCP:BitComet 19966 TCP
"19966:UDP"= 19966:UDP:BitComet 19966 UDP

R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [27/08/2004 15:18 97920]
R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [20/05/2004 16:35 10240]
R2 ASPIXNT;ASPIXNT;c:\windows\system32\drivers\Aspixnt.sys [05/10/2008 16:23 6336]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [06/07/2009 12:21 55152]
S3 FileObjInfo;STFileDriver;\??\c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys --> c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 17:08 533360]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [01/04/2008 17:51 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [01/04/2008 17:51 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [01/04/2008 17:51 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [01/04/2008 17:52 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [01/04/2008 17:52 100008]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
S3 WFsys;WinFox Control I/O Driver;c:\windows\system32\drivers\wfsys.sys [27/09/2004 23:35 13692]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'

2009-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Examen supplémentaire -------
.
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mappy.com
Trusted Zone: orange.fr
Trusted Zone: voila.fr\rw.search.ke
Trusted Zone: weborama.fr\orange
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\j105yajm.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHELINS SUPPRIMES - - - -

Notify-34a5c81e670 - c:\windows\System32\FEELIT32.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-15 19:25
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3516)
c:\progra~1\Logitech\MOUSEW~1\SYSTEM\LGMOUSHK.dll
c:\windows\system32\browselc.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-11-15 19:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-15 18:28
ComboFix2.txt 2009-11-13 15:25

Avant-CF: 18 880 454 656 octets libres
Après-CF: 18 840 731 648 octets libres

- - End Of File - - 6190DE339EEEA163F8B3FDC6AB53D08E
0
Réponse 14 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
J'ai supprimé antivir car je n'arrivai pas à le désactiver totalement et combofix le signalait.

il suffisait de faire clic droit sur le parapluie et desactiver guard ;) remets le vite !

Imprime ces instructions ou sauvegarde les sur ton Bureau car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

Télécharge Malwarebytes’ Anti-Malware

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX)



- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Mets le a jour /!\
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet et Rechercher
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Colle le rapport ici, il se trouve dans l’onglet rapport/log

Si tu as besoin d’aide regarde ce tutorial

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
ps: s'il te demande de redemarrer : fais le !
0
Réponse 15 / 45
Sylkhin
 
Pour antivir, même en désactivant guard j’avais un message, et comme c’est un peu flippant tous les messages de combofix (risque d’endommager la machine etc) j’avais préféré enlever antivir, mais je vais le réinstaller de ce pas :)
En fait pour installer malware il me manquait MSVBVM60.dll mais j’ai réussi à le trouver sur le net.

Voici le rapport de Malwarebytes

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3176
Windows 5.1.2600 Service Pack 3

15/11/2009 23:32:06
mbam-log-2009-11-15 (23-32-06).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Eléments examinés: 202084
Temps écoulé: 40 minute(s), 27 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 605

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingimprovementstipcenter.shoppingimprovementstipcenter (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\NOD32KVBIT (Trojan.Frethog) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\060ptrm.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\0c9k.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\1f.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\28b6ry9r.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\2nuk.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\3.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\3c.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\3j2h0tf.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\3rl3lqbq.bat.vir (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\6phx.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\8.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\8dtyjjf.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\8gig0ofk.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\8paf1d.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\9dlvtiil.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\b.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\bo1dhu.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\dogyx90.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\ewqij.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\fsaht.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\gbm6n.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\gpcdt.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\i0yva6.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\icxpa.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\2fiji.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\86.exe.vir (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\ij.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\o9bxu.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\upx.bat.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\lad.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\m.com.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\m.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\m9ma.exe.vir (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\mjafm.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\ml.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\mt2.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\n0euybx.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\n68mqcra.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\nkbd1v.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\o1.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\p.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\p0ijj.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\pkkwng.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\q1alx.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\q9.cmd.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\qv9qc9f.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\s.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\sm.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\uhoxajc.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\ukvr.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\w9hw8.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\xbvv6o.com.vir (Trojan.Gamania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\xdglur.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\y6yol.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\yudald.bat.vir (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\PlayMP3z\PlayMP3.exe.vir (Adware.PlayMP3z) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\Zango\bin\10.3.85.0\HostOE.dll.vir (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\2.tmp.vir (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\4.tmp.vir (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\A2.tmp.vir (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ckvo1.dll.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\D1.tmp.vir (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\gasretyw2.dll.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\kamsoft(2).exe.vir (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nmdfgds0.dll.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\olhrwef.exe.vir (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\0c9k.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\1f.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\2fiji.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\3.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\3c.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\3rl3lqbq.bat.vir (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\8.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\8gig0ofk.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\9dlvtiil.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\b.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\bo1dhu.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\dogyx90.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\ewqij.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\fsaht.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\gbm6n.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\gpcdt.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\i0yva6.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\icxpa.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\ij.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\lad.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\m.com.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\m.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\m9ma.exe.vir (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\mjafm.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\mt2.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\3j2h0tf.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\n68mqcra.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\uhoxajc.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\o9bxu.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\p.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\p0ijj.bat.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\pkkwng.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\q1alx.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\q9.cmd.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\qv9qc9f.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\sm.exe.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\ukvr.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\upx.bat.vir (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\w9hw8.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\xdglur.bat.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\xih9.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\y6yol.exe.vir (Worm.Magania) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\yannh.cmd.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\F\yudald.bat.vir (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0303356.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0303563.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0304245.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0305954.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306242.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306228.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306255.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1183\A0306263.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1183\A0306276.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306293.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306304.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306337.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0306855.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307415.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307429.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307494.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307565.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307579.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307725.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307737.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307750.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307764.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307802.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307815.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1188\A0307823.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1188\A0307843.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1189\A0307848.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1189\A0307860.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0307865.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0307942.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309400.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309413.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309382.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309435.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309447.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309451.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309463.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309476.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1192\A0309480.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1192\A0309492.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1192\A0309505.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1192\A0309518.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1193\A0309522.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1193\A0309536.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1193\A0309549.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1194\A0309558.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1194\A0309570.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1194\A0309585.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1194\A0309599.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1195\A0309603.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1195\A0309617.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1195\A0309631.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1195\A0309646.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1196\A0309671.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1196\A0309683.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1196\A0310183.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1196\A0310672.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1197\A0310702.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1197\A0311225.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1197\A0311285.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1197\A0311294.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1197\A0312049.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1198\A0312068.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1198\A0312142.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1198\A0313449.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1199\A0313455.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1200\A0314112.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1200\A0314198.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1201\A0314208.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1201\A0314223.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1202\A0314251.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1203\A0315240.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1204\A0315265.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1205\A0315307.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1205\A0315344.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0315379.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318498.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318670.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318792.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318793.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318795.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1206\A0318809.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1207\A0318817.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1207\A0319672.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0323562.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0324079.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0324080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0324082.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0324083.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1208\A0324089.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1210\A0324213.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1210\A0324227.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1210\A0324349.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0324355.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0324367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0325367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327377.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327397.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327399.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327401.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327404.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327406.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327407.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327409.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327410.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327411.bat (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327412.bat (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327414.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327415.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327418.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327419.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327420.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327423.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327428.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327432.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327416.exe (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327452.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327470.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327438.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327441.bat (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327444.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327446.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327448.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327450.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327451.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327456.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327458.com (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327459.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327461.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327463.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327464.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327465.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327466.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327467.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327469.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327471.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327472.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327473.bat (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327474.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327476.exe (Adware.PlayMP3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327478.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327480.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327481.cmd (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327484.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327485.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327486.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327489.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327490.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327492.bat (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327493.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327544.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327552.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327555.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327556.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327559.exe (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327565.com (Trojan.Gamania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327566.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327572.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327573.bat (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327763.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327764.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327765.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327766.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327767.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327769.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327771.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327774.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327779.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1211\A0327782.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1213\A0328206.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301049.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301487.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301501.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301437.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301488.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301489.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301490.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301491.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301492.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301494.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301496.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301497.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301498.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301499.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301500.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301502.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301503.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301504.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301518.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1158\A0301576.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1159\A0301593.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1159\A0301626.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1160\A0301642.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1160\A0301660.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1160\A0301683.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1160\A0301702.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1161\A0301714.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1162\A0301719.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1163\A0301724.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1163\A0301740.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1164\A0301749.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1164\A0301764.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1164\A0301781.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1165\A0301791.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1165\A0301805.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1165\A0301822.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1166\A0301829.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1166\A0301848.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1167\A0301854.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1167\A0301875.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1168\A0301888.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1168\A0301904.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1168\A0301918.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1169\A0301925.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1169\A0302918.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1169\A0302934.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1169\A0302947.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1169\A0302973.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1170\A0302985.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1170\A0302998.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1170\A0303011.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1171\A0303016.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1171\A0303040.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1172\A0303063.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1173\A0303091.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1173\A0303104.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1174\A0303111.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1174\A0303124.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303131.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303145.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303157.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303171.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303184.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1175\A0303202.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1176\A0303207.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1176\A0303297.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1176\A0303310.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1176\A0303323.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1177\A0303327.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1177\A0303352.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\10nb.exe.UsbFix (Worm.Magania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\28b6ry9r.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\2nuk.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\2o1ajagt.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\6phx.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\86.exe.UsbFix (Trojan.GameThief) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\8dtyjjf.exe.UsbFix (Worm.Magania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\8paf1d.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\qcod.exe.UsbFix (Worm.Magania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\s.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\wrsf.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\xbvv6o.com.UsbFix (Trojan.Gamania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\xlk9.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\cqb6wo.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\lhh3v.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\ml.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\n0euybx.exe.UsbFix (Worm.Magania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\nkbd1v.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\o1.com.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\o8tf6l.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\ph.exe.UsbFix (Worm.Magania) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\C\WINDOWS\system32\nmdfgds3.dll.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\win3f.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\j105yajm.default\Cache(3)\8321DD47d01 (Rogue.Installer) -> Quarantined and deleted successfully.
F:\060ptrm.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\w3.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\3slhl.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0303358.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0303565.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1178\A0304247.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306064.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306230.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306244.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1182\A0306257.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1183\A0306265.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1183\A0306278.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306295.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306310.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306314.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306315.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306317.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1184\A0306339.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0306857.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307417.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307431.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1185\A0307496.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307567.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307581.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307727.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307739.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307752.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1186\A0307766.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307770.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307804.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1187\A0307817.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1188\A0307825.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1188\A0307845.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1189\A0307850.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1189\A0307862.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309179.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309182.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309186.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309187.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309189.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309216.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309217.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309384.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309402.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309415.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309437.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1190\A0309449.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309453.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309465.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{52A3F683-46B3-4BD1-86FC-217B8E7C3A27}\RP1191\A0309
0
Réponse 16 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
salut

ton rapport n'est pas complet, vu que c'est un rapport hors du commun^^ je prefere verifier la totalité, rends toi dans MBAM onglet rapportlog, enregistres le sur ton bureau puis vas sur
http://cijoint.fr
clic sur parcourir
choisis le rapport
créer le lien cijoint
et poste moi le lien généré stp

ensuite et seulement ensuite , vides la quarantaine de MBAM

si le rapport est bon, on refera un dernier rapport RSIT de controle et on devrait s'approcher de la fin, rassures toi ;)
0
Réponse 17 / 45
Sylkhin
 
C'est vrai je ne m'étais même pas aperçu que le rapport n'était pas complet dsl

Voici donc le lien :

http://www.cijoint.fr/cjlink.php?file=cj200911/cijiIXtury.txt
0
Réponse 18 / 45
Sylkhin
 
Bon, j'ai donc fais un RSIT, le rapport est ici >>> http://www.cijoint.fr/cjlink.php?file=cj200911/cijHQm4vp9.txt

Ensuite j'ai réinstallé Antivir (je l'ai mis à jour) j'ai fais un scan et le rapport est ici :

http://www.cijoint.fr/cjlink.php?file=cj200911/cijOErHDwE.txt
0
Réponse 19 / 45
neo*** Messages postés 3115 Date d'inscription   Statut Contributeur sécurité Dernière intervention   194
 
slt

on va faire un peu de menage, tout ce qu'on te trouve partout , c'est la restauration et les quarantaines des outils qu'on a passé :

Télécharge ToolsCleaner sur ton Bureau pour nettoyer l'ordi de tous les outils qu'on a utilisé : ToolsCleaner

Lance le, clique sur Recherche et laisse le scan se finir, puis clique sur Suppression pour nettoyer.
Tu peux aussi supprimer les fichiers temporaires.
Ensuite, supprime manuellement ToolsCleaner (mets le à la corbeille).
S'il ne supprime pas tout, supprime manuellement ce qui reste.


Télécharge et installe Ccleaner (si ce n’est déjà fait) :

Lance CCleaner
Option --> avancé --> décoche « effacer uniquement les fichiers plus vieux que 48h »
Puis nettoyeur --> Analyse > Lancer le nettoyage, puis sur OK dans la fenêtre qui s' affiche.
Enfin, registre --> corrige toutes les erreurs, et recommence jusqu'à ce qu'il ne trouve plus d'erreurs.

(Tu peux garder ce logiciel et l'utiliser régulièrement).


Pour finir le nettoyage, il faut purger la restauration du système (pour supprimer les points de restauration infectés).

Fais un clic droit sur poste de travail (qui est sur ton Bureau ou dans le menu démarrer), puis propriétés.
Sélectionne l'onglet restauration du système
Coche l'option Désactiver la restauration du système sur tous les lecteurs
Clique sur OK.

Puis refais la manipulation inverse pour réactiver la restauration système.

Apres tout ca, refais un scan MBAM rapide stp :)
0
Réponse 20 / 45
Sylkhin
 
AAAaahhhh ça fait plaisir un rapport comme ça ! :D (Merci² x 1000)

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3189
Windows 5.1.2600 Service Pack 3

18/11/2009 00:07:16
mbam-log-2009-11-18 (00-07-16).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Eléments examinés: 178831
Temps écoulé: 47 minute(s), 38 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0

Discussions similaires

Livebox 4 Réseau Orange non détecté
Azfun -
brupala -

10 réponses
Livebox s'allume mais marque pas de réseau orange
Bebelle -
kaumune -

9 réponses
Signification "TR"
andromeid -
matrix4422 -

3 réponses
Signification des abréviations RE: et TR:
La Salamandre -
Iolose -

19 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses