AU SECOURRRRSSSS VIRUS
Résolu
Tazmen
Messages postés
33
Statut
Membre
-
Tazmen Messages postés 33 Statut Membre -
Tazmen Messages postés 33 Statut Membre -
Bonjour,
Je suis infecté par un virus virus heur:trojan.win32.generic , HEUR:trojan.Script.Iframer , HEUR:Exploit.Script.Generic ,trojan.PSW.Win32.Agent.mqn , trojan.Win32.Genome.ahpy , Backdoor.Win32.Poison.axpt , trojan-Downlaoder.SWF.Small.fi détecté par Kaspersky Internet Security 2009 8.0.0.454(a.d) j'ai 28 événements en quarantaine comment faire pour enlevé la menace et hier j'ai fait une recherche avec Malwarebytes'Anti-Malware qui lui a trouver 96 élément la placer en quarantaine
aider-moi svp je suis pas trop hot en informatique
Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-12-13 11:59:44
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 201 GB (42%) free of 477 GB
Total RAM: 3326 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:03, on 2009-12-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet\firefox\firefox.exe
C:\Documents and Settings\User\Bureau\RSIT.exe
C:\Program Files\trend micro\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office11\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office11\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\872008203034\STacSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
--
End of file - 6268 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-07-29 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 172544]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-03-25 906480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-05-14 29831168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-11-12 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoToolbarCustomize"=0
"NoBandCustomize"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoToolbarCustomize"=
"NoBandCustomize"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Disabled:biahh"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:LocalSubNet:Enabled:µTorrent"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe"="C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe:*:Disabled:lh"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Disabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Disabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Disabled:Assassin's Creed Update"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\ua_lsp_inst.exe"="C:\Program Files\Xfire\ua_lsp_inst.exe:*:Disabled:ua_lsp_inst"
"C:\Program Files\Electronic Arts\Alerte Rouge 3\Data\ra3_1.3.game"="C:\Program Files\Electronic Arts\Alerte Rouge 3\Data\ra3_1.3.game:*:Disabled:Command & Conquer™ Red Alert™ 3"
"C:\Documents and Settings\User\Mes documents\Jeux PC\Warhammer_Dawn_of_war_2-WiCKED\DOW2.exe"="C:\Documents and Settings\User\Mes documents\Jeux PC\Warhammer_Dawn_of_war_2-WiCKED\DOW2.exe:*:Disabled:DOW2"
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms\NMService.exe"="C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\Autorun.exe
======List of files/folders created in the last 1 months======
2009-12-13 11:59:44 ----D---- C:\rsit
2009-12-12 02:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-12 02:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-12 02:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-12 02:16:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-12 02:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-12 02:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-12 02:16:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
======List of files/folders modified in the last 1 months======
2009-12-13 12:00:03 ----D---- C:\Program Files\trend micro
2009-12-13 11:59:47 ----AD---- C:\WINDOWS\Temp
2009-12-13 11:33:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-13 09:08:32 ----D---- C:\WINDOWS\system32
2009-12-13 09:07:29 ----D---- C:\WINDOWS\Debug
2009-12-13 09:07:29 ----AD---- C:\WINDOWS
2009-12-13 09:07:28 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-12-12 02:17:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-12 02:17:34 ----HD---- C:\WINDOWS\inf
2009-12-12 02:17:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-12 02:17:33 ----D---- C:\WINDOWS\system32\drivers
2009-12-12 02:17:29 ----SHD---- C:\WINDOWS\Installer
2009-12-12 02:17:28 ----SHD---- C:\Config.Msi
2009-12-12 02:16:45 ----D---- C:\Program Files\Internet Explorer
2009-12-12 02:16:30 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-12 02:14:42 ----D---- C:\WINDOWS\WinSxS
2009-12-12 01:01:31 ----D---- C:\WINDOWS\Prefetch
2009-12-11 12:29:27 ----AC---- C:\WINDOWS\win.ini
2009-12-11 10:11:44 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-11 10:11:44 ----D---- C:\Program Files\Adobe
2009-12-11 10:11:42 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-11 10:08:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-11 10:02:24 ----RSD---- C:\WINDOWS\assembly
2009-12-07 20:39:49 ----RD---- C:\Program Files
2009-12-07 20:23:00 ----D---- C:\Program Files\Fichiers communs
2009-12-07 20:23:00 ----AD---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-06 14:53:43 ----AD---- C:\Documents and Settings\User\Application Data\skypePM
2009-12-04 04:27:01 ----A---- C:\WINDOWS\system32\yayYSifG.dll.vir
2009-12-04 03:54:59 ----A---- C:\WINDOWS\system32\hgGawUkH.dll.vir
2009-12-01 15:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-01 00:03:50 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-29 17:04:45 ----D---- C:\Program Files\Cheat Engine
2009-11-23 18:21:21 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-05-07 213520]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-20 279712]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-20 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-11-12 6188320]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-09-20 53632]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-09-20 22016]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-07 47360]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-05-08 238080]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
S3 aaudstum;aaudstum; \??\C:\DOCUME~1\User\LOCALS~1\Temp\aaudstum.sys []
S3 agd7iy9a;agd7iy9a; C:\WINDOWS\system32\drivers\agd7iy9a.sys []
S3 apcsp2dg;apcsp2dg; C:\WINDOWS\system32\drivers\apcsp2dg.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-14 15295]
S3 dump_wmimmc;dump_wmimmc; C:\WINDOWS\system32\drivers\dump_wmimmc.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 samhid;samhid; C:\WINDOWS\system32\drivers\samhid.sys []
S3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-11-09 1260744]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-27 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-11-12 163908]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S2 STacSV;Audio Service; C:\Program Files\IDT\872008203034\STacSV.exe [2007-11-09 212992]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Je suis infecté par un virus virus heur:trojan.win32.generic , HEUR:trojan.Script.Iframer , HEUR:Exploit.Script.Generic ,trojan.PSW.Win32.Agent.mqn , trojan.Win32.Genome.ahpy , Backdoor.Win32.Poison.axpt , trojan-Downlaoder.SWF.Small.fi détecté par Kaspersky Internet Security 2009 8.0.0.454(a.d) j'ai 28 événements en quarantaine comment faire pour enlevé la menace et hier j'ai fait une recherche avec Malwarebytes'Anti-Malware qui lui a trouver 96 élément la placer en quarantaine
aider-moi svp je suis pas trop hot en informatique
Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-12-13 11:59:44
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 201 GB (42%) free of 477 GB
Total RAM: 3326 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:03, on 2009-12-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet\firefox\firefox.exe
C:\Documents and Settings\User\Bureau\RSIT.exe
C:\Program Files\trend micro\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office11\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office11\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\872008203034\STacSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
--
End of file - 6268 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-07-29 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 172544]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-03-25 906480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-05-14 29831168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-11-12 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoToolbarCustomize"=0
"NoBandCustomize"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoToolbarCustomize"=
"NoBandCustomize"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Disabled:biahh"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:LocalSubNet:Enabled:µTorrent"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe"="C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe:*:Disabled:lh"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Disabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Disabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Disabled:Assassin's Creed Update"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\ua_lsp_inst.exe"="C:\Program Files\Xfire\ua_lsp_inst.exe:*:Disabled:ua_lsp_inst"
"C:\Program Files\Electronic Arts\Alerte Rouge 3\Data\ra3_1.3.game"="C:\Program Files\Electronic Arts\Alerte Rouge 3\Data\ra3_1.3.game:*:Disabled:Command & Conquer™ Red Alert™ 3"
"C:\Documents and Settings\User\Mes documents\Jeux PC\Warhammer_Dawn_of_war_2-WiCKED\DOW2.exe"="C:\Documents and Settings\User\Mes documents\Jeux PC\Warhammer_Dawn_of_war_2-WiCKED\DOW2.exe:*:Disabled:DOW2"
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms\NMService.exe"="C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\Autorun.exe
======List of files/folders created in the last 1 months======
2009-12-13 11:59:44 ----D---- C:\rsit
2009-12-12 02:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-12 02:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-12 02:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-12 02:16:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-12 02:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-12 02:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-12 02:16:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
======List of files/folders modified in the last 1 months======
2009-12-13 12:00:03 ----D---- C:\Program Files\trend micro
2009-12-13 11:59:47 ----AD---- C:\WINDOWS\Temp
2009-12-13 11:33:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-13 09:08:32 ----D---- C:\WINDOWS\system32
2009-12-13 09:07:29 ----D---- C:\WINDOWS\Debug
2009-12-13 09:07:29 ----AD---- C:\WINDOWS
2009-12-13 09:07:28 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-12-12 02:17:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-12 02:17:34 ----HD---- C:\WINDOWS\inf
2009-12-12 02:17:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-12 02:17:33 ----D---- C:\WINDOWS\system32\drivers
2009-12-12 02:17:29 ----SHD---- C:\WINDOWS\Installer
2009-12-12 02:17:28 ----SHD---- C:\Config.Msi
2009-12-12 02:16:45 ----D---- C:\Program Files\Internet Explorer
2009-12-12 02:16:30 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-12 02:14:42 ----D---- C:\WINDOWS\WinSxS
2009-12-12 01:01:31 ----D---- C:\WINDOWS\Prefetch
2009-12-11 12:29:27 ----AC---- C:\WINDOWS\win.ini
2009-12-11 10:11:44 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-11 10:11:44 ----D---- C:\Program Files\Adobe
2009-12-11 10:11:42 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-11 10:08:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-11 10:02:24 ----RSD---- C:\WINDOWS\assembly
2009-12-07 20:39:49 ----RD---- C:\Program Files
2009-12-07 20:23:00 ----D---- C:\Program Files\Fichiers communs
2009-12-07 20:23:00 ----AD---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-06 14:53:43 ----AD---- C:\Documents and Settings\User\Application Data\skypePM
2009-12-04 04:27:01 ----A---- C:\WINDOWS\system32\yayYSifG.dll.vir
2009-12-04 03:54:59 ----A---- C:\WINDOWS\system32\hgGawUkH.dll.vir
2009-12-01 15:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-01 00:03:50 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-29 17:04:45 ----D---- C:\Program Files\Cheat Engine
2009-11-23 18:21:21 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-05-07 213520]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-20 279712]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-20 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-11-12 6188320]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-09-20 53632]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-09-20 22016]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-07 47360]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-05-08 238080]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
S3 aaudstum;aaudstum; \??\C:\DOCUME~1\User\LOCALS~1\Temp\aaudstum.sys []
S3 agd7iy9a;agd7iy9a; C:\WINDOWS\system32\drivers\agd7iy9a.sys []
S3 apcsp2dg;apcsp2dg; C:\WINDOWS\system32\drivers\apcsp2dg.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-14 15295]
S3 dump_wmimmc;dump_wmimmc; C:\WINDOWS\system32\drivers\dump_wmimmc.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 samhid;samhid; C:\WINDOWS\system32\drivers\samhid.sys []
S3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-11-09 1260744]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-27 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-11-12 163908]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S2 STacSV;Audio Service; C:\Program Files\IDT\872008203034\STacSV.exe [2007-11-09 212992]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.5.5
A voir également:
- AU SECOURRRRSSSS VIRUS
- Virus mcafee - Accueil - Piratage
- Comment détruire un virus informatique - Guide
- Undisclosed-recipients virus - Guide
- Powershell.exe virus - Guide
- Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
2 réponses
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3353
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2009-12-13 12:32:37
mbam-log-2009-12-13 (12-32-37).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 183413
Temps écoulé: 22 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 85
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XP Police AntiVirus (Rogue.XPPolice) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\XPPoliceAntiVirus (Rogue.XPPolice) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\DAEMON Tools Pro\Patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Elaborate Bytes\CloneDVD2\clonedvd.v2.9.2.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP395\A0093744.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097126.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097129.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097130.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097135.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097142.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097148.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097167.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP401\A0097397.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP405\A0098638.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100251.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100257.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100262.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100270.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100275.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100266.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP370\A0087356.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP377\A0090554.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP381\A0092782.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP403\A0098474.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\c3TKZ3ysa.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\c5HNP3DRbdM.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C6igBP3H.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Few7hq6W.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FFUqfumracfdt.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FgAl7eAnPBw.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nqjTAu5ppOB.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JSm7CcAe1Zh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JZYEcH68y.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\K3UOo7eHOwxOr.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\k3YG7asD.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KARfQGS.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldygVfNo.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lKeTxOkwqQrdv.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\OVEVyGJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PghshSLHNL.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pW2FSs1js4.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\q9XhdpxyQSWx.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rriLVmDSW.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tJnsB6Ssjx.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UxYDcvjmurCj.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UYlKSh8d.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VA62ikbGbKj9b.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Wdh7XXWDy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VgtKGbdcUidE.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GlNmeO2jRua.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gWDbH6u.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hcmCIBp8S6R.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGawUkH.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\HhnVmXgr75cc.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LRyJXiADCP.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LW1BlWnK.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mBmjYhDEQ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\U1oQMcOQh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UBDcbBbntk.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iy5SwGC3.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\J2LGDmfCUM9.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JeBDG96.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JJn3jmeu.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kKLTEHpVOw1f.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\RJ4jXub.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\s4nr8Hag.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PRnSjcytmJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QSxQKX3Xd.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QyOcWTW6.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\R51oBmh6SP.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XiCB5xQ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TADB9MafNqxnD.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\n9bfxNOhwy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yAkdOt1.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayYSifG.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\YdC2X4sy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yvEsdEG3.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ZZjm6XLIZd.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KQIsjao.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kVTGv7omrRKr.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lAGYEHc8q9.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\W8yWAKINh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\I7AUPQkTwVa.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NbOrArnrJ4uc.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NDZhxi4j3vuJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\XPPoliceAntiVirus\lprx.exe (Rogue.XPPolice) -> Quarantined and deleted successfully.
C:\Program Files\XPPoliceAntiVirus\setup.dat (Rogue.XPPolice) -> Quarantined and deleted successfully.
Version de la base de données: 3353
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2009-12-13 12:32:37
mbam-log-2009-12-13 (12-32-37).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 183413
Temps écoulé: 22 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 85
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XP Police AntiVirus (Rogue.XPPolice) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\XPPoliceAntiVirus (Rogue.XPPolice) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\DAEMON Tools Pro\Patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Elaborate Bytes\CloneDVD2\clonedvd.v2.9.2.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP395\A0093744.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097126.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097129.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097130.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097135.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097142.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097148.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP399\A0097167.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP401\A0097397.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP405\A0098638.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100251.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100257.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100262.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100270.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100275.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP421\A0100266.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP370\A0087356.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP377\A0090554.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP381\A0092782.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F92A5AC6-073D-4B7B-B20A-E5408E1A2AB8}\RP403\A0098474.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\c3TKZ3ysa.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\c5HNP3DRbdM.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C6igBP3H.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Few7hq6W.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FFUqfumracfdt.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FgAl7eAnPBw.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nqjTAu5ppOB.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JSm7CcAe1Zh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JZYEcH68y.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\K3UOo7eHOwxOr.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\k3YG7asD.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KARfQGS.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldygVfNo.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lKeTxOkwqQrdv.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\OVEVyGJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PghshSLHNL.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pW2FSs1js4.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\q9XhdpxyQSWx.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rriLVmDSW.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tJnsB6Ssjx.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UxYDcvjmurCj.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UYlKSh8d.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VA62ikbGbKj9b.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Wdh7XXWDy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VgtKGbdcUidE.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GlNmeO2jRua.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gWDbH6u.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hcmCIBp8S6R.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGawUkH.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\HhnVmXgr75cc.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LRyJXiADCP.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LW1BlWnK.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mBmjYhDEQ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\U1oQMcOQh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UBDcbBbntk.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iy5SwGC3.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\J2LGDmfCUM9.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JeBDG96.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JJn3jmeu.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kKLTEHpVOw1f.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\RJ4jXub.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\s4nr8Hag.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PRnSjcytmJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QSxQKX3Xd.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QyOcWTW6.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\R51oBmh6SP.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XiCB5xQ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TADB9MafNqxnD.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\n9bfxNOhwy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yAkdOt1.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayYSifG.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\YdC2X4sy.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yvEsdEG3.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ZZjm6XLIZd.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KQIsjao.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kVTGv7omrRKr.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lAGYEHc8q9.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\W8yWAKINh.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\I7AUPQkTwVa.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NbOrArnrJ4uc.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NDZhxi4j3vuJ.mph (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\XPPoliceAntiVirus\lprx.exe (Rogue.XPPolice) -> Quarantined and deleted successfully.
C:\Program Files\XPPoliceAntiVirus\setup.dat (Rogue.XPPolice) -> Quarantined and deleted successfully.
