Multi virus
mickael
-
Kristopher Messages postés 3752 Statut Contributeur -
Kristopher Messages postés 3752 Statut Contributeur -
Bonjour à tous
Voila j'ai un problème avec des virus qui font: "sa me fait buger l'ordinateur (beaucoup) , c'est rester même après un reformatage , sa me lance des pages internet tout seul "
Le type de virus des fichiers n'est pas préci.
Voila j'ai un problème avec des virus qui font: "sa me fait buger l'ordinateur (beaucoup) , c'est rester même après un reformatage , sa me lance des pages internet tout seul "
Le type de virus des fichiers n'est pas préci.
A voir également:
- Multi virus
- Virus mcafee - Accueil - Piratage
- Sfr multi - Accueil - Opérateurs & Forfaits
- Youtube multi downloader - Télécharger - Conversion & Codecs
- Virus facebook demande d'amis - Accueil - Facebook
- Artemis virus - Forum Virus
7 réponses
Bonsoir mickael,
Je t'invite à suivre cette procédure "classique" pour ce genre de soucis :
1/ Télécharge et scanne ton PC avec Ewido Security Suite : http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31851.html
Copie/colle le rapport sur le forum.
2/ Scanne ton PC avec cet antivirus en ligne :
http://www.bitdefender.com/scan8/ie.html
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
3/ Télécharge HijackThis : http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/29061.html
- Installe le dans son propre dossier.
Par exemple, C:\HijackThis
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
Regarde la démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Bonne chance.
++
Je t'invite à suivre cette procédure "classique" pour ce genre de soucis :
1/ Télécharge et scanne ton PC avec Ewido Security Suite : http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31851.html
Copie/colle le rapport sur le forum.
2/ Scanne ton PC avec cet antivirus en ligne :
http://www.bitdefender.com/scan8/ie.html
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
3/ Télécharge HijackThis : http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/29061.html
- Installe le dans son propre dossier.
Par exemple, C:\HijackThis
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
Regarde la démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Bonne chance.
++
Logfile of HijackThis v1.99.1
Scan saved at 22:02:01, on 14/03/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\kbcr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ftp.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\micka\Local Settings\Temporary Internet Files\Content.IE5\0FIVATM5\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\System32\pmkhe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [taskdir] :C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\h60qlgd5160.dll
O20 - Winlogon Notify: pmkhe - C:\WINDOWS\System32\pmkhe.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MicroSoft Media Tools - Unknown owner - C:\WINDOWS\MSmedia.exe (file missing)
O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - C:\WINDOWS\System32\mousehs.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: Secure Network Interface (sniSvc) - Unknown owner - C:\WINDOWS\System32\kbcr.exe
Scan saved at 22:02:01, on 14/03/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\kbcr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ftp.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\micka\Local Settings\Temporary Internet Files\Content.IE5\0FIVATM5\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\System32\pmkhe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [taskdir] :C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\h60qlgd5160.dll
O20 - Winlogon Notify: pmkhe - C:\WINDOWS\System32\pmkhe.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MicroSoft Media Tools - Unknown owner - C:\WINDOWS\MSmedia.exe (file missing)
O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - C:\WINDOWS\System32\mousehs.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: Secure Network Interface (sniSvc) - Unknown owner - C:\WINDOWS\System32\kbcr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
merci kristopher tu m'a déja beaucoup aider mais je suis allé faire des recherches sur le net mais le virus que j'ai c un ver prénomé "BlackWorm" http://www1.ca.dell.com/content/topics/segtopic.aspx/security_blackworm?c=ca&l=fr&s=gen
Re,
"le virus que j'ai c un ver prénomé "BlackWorm"
y'a pas que ça :
~~ Fais ceci dans l'ordre : ~~
1/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes :
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\System32\pmkhe.dll
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [taskdir] :C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\RunServices: [Microsoft Command C] :winhost32.exe
Ensuite, clique sur "Fix checked".
2/ Clique sur "démarrer"-> "Exécuter…" et tape "services.msc"
Repère ces services néfastes :
O23 - Service: (MicroSoft Media Tools), - Unknown owner - C:\WINDOWS\MSmedia.exe (file missing)
O23 - Service: (Mouse Hardware Sync (mousehs) ), - Unknown owner - C:\WINDOWS\System32\mousehs.exe (file missing)
O23 - Service: (Network Monitor), - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: (Secure Network Interface (sniSvc) ), - Unknown owner - C:\WINDOWS\System32\kbcr.exe
Double clique sur ces services (en gras), puis clique sur "Arrêter" et mets les sur "Désactivé".
3/ Fais ceci :
Affiche tous les fichiers et dossiers :
Clique sur "démarrer" -> "Panneau de configuration" -> "Outils" (tout en haut) -> Options des dossiers... -> "Affichage".
Coche : afficher les fichiers et dossiers cachés
Décoche les cases :
-masquer les fichiers protégés du système d'exploitation (recommandé)
-masquer les extensions dont le type est connu
Clique sur "Appliquer", puis "Ok"
4/ Cherche et efface ces fichiers (en gras) si tu les trouves :
C:\WINDOWS\System32\kbcr.exe
winhost32.exe
scvhost.exe
taskdir.exe
5/ Télécharge VundoFix sur ton Bureau.
http://www.atribune.org/content/view/24/2/
. Double-clique VundoFix.exe.
. Coche la case "Run VundoFix as a "task".
Attends le redémarrage de Vundofix
. Clique sur le bouton Scan for Vundo.
. Puis clique sur le bouton Remove Vundo.
. Ensuite sur yes pour confirmer
. Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
. Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"), clique sur "OK"
. Démarre ton PC à nouveau.
. Colle le rapport situé dans C:\vundofix.txt ici.
6/ Télécharge et nettoie ton PC avec ces deux logiciels :
CCLEANER https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tutorial là : https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
7/ Télécharge, mets à jour et scanne ton PC avec Ad-Aware et SpyBot Search & Destroy :
Ad-Aware :
Ad-aware
SpyBot Search & Destroy :
Spybot Search & Destroy
8/ Reposte un nouveau log HijackThis.
++
"le virus que j'ai c un ver prénomé "BlackWorm"
y'a pas que ça :
~~ Fais ceci dans l'ordre : ~~
1/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes :
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\System32\pmkhe.dll
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\Run: [taskdir] :C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [Microsoft Command C] :winhost32.exe
O4 - HKCU\..\RunServices: [Microsoft Command C] :winhost32.exe
Ensuite, clique sur "Fix checked".
2/ Clique sur "démarrer"-> "Exécuter…" et tape "services.msc"
Repère ces services néfastes :
O23 - Service: (MicroSoft Media Tools), - Unknown owner - C:\WINDOWS\MSmedia.exe (file missing)
O23 - Service: (Mouse Hardware Sync (mousehs) ), - Unknown owner - C:\WINDOWS\System32\mousehs.exe (file missing)
O23 - Service: (Network Monitor), - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: (Secure Network Interface (sniSvc) ), - Unknown owner - C:\WINDOWS\System32\kbcr.exe
Double clique sur ces services (en gras), puis clique sur "Arrêter" et mets les sur "Désactivé".
3/ Fais ceci :
Affiche tous les fichiers et dossiers :
Clique sur "démarrer" -> "Panneau de configuration" -> "Outils" (tout en haut) -> Options des dossiers... -> "Affichage".
Coche : afficher les fichiers et dossiers cachés
Décoche les cases :
-masquer les fichiers protégés du système d'exploitation (recommandé)
-masquer les extensions dont le type est connu
Clique sur "Appliquer", puis "Ok"
4/ Cherche et efface ces fichiers (en gras) si tu les trouves :
C:\WINDOWS\System32\kbcr.exe
winhost32.exe
scvhost.exe
taskdir.exe
5/ Télécharge VundoFix sur ton Bureau.
http://www.atribune.org/content/view/24/2/
. Double-clique VundoFix.exe.
. Coche la case "Run VundoFix as a "task".
Attends le redémarrage de Vundofix
. Clique sur le bouton Scan for Vundo.
. Puis clique sur le bouton Remove Vundo.
. Ensuite sur yes pour confirmer
. Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
. Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"), clique sur "OK"
. Démarre ton PC à nouveau.
. Colle le rapport situé dans C:\vundofix.txt ici.
6/ Télécharge et nettoie ton PC avec ces deux logiciels :
CCLEANER https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tutorial là : https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
7/ Télécharge, mets à jour et scanne ton PC avec Ad-Aware et SpyBot Search & Destroy :
Ad-Aware :
Ad-aware
SpyBot Search & Destroy :
Spybot Search & Destroy
8/ Reposte un nouveau log HijackThis.
++
Scan report generated at: Tue, Mar 14, 2006 - 21:52:12
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;
Statistics
Time
00:15:01
Files
132724
Folders
938
Boot Sectors
2
Archives
794
Packed Files
20681
Results
Identified Viruses
13
Infected Files
53
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
52
Engines Info
Virus Definitions
319551
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Disinfection failed
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Deleted
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Infected with: Trojan.Proxy.Lager.V
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Disinfection failed
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Deleted
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I12LMEOG\dl[1].exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I12LMEOG\dl[1].exe
Disinfection failed
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I12LMEOG\dl[1].exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP0\A0000001.exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP0\A0000001.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP0\A0000001.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000013.exe
Infected with: Trojan.Downloader.Adload.V
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000013.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000013.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\index1.exe
Infected with: Trojan.Lowzones.CF
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\index1.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\index1.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\is940.exe
Infected with: BehavesLike:Win32.ExplorerHijack
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\is940.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\is940.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000014.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000015.exe
Infected with: Backdoor.Rbot.ASP
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000015.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000015.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000019.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000019.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000019.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\index1.exe
Infected with: Trojan.Lowzones.CF
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\index1.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\index1.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\is940.exe
Infected with: BehavesLike:Win32.ExplorerHijack
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\is940.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\is940.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000038.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000039.exe
Infected with: Backdoor.Rbot.ASP
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000039.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000039.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000041.exe
Infected with: Trojan.Downloader.Adload.V
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000041.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000041.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000045.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000045.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000045.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000054.exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000054.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000054.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000065.exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000065.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000065.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000067.exe
Infected with: Trojan.Downloader.Adload.V
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000067.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000067.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000076.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000076.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0000076.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001063.exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001063.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001063.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001065.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001065.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001067.exe
Infected with: Trojan.Proxy.Lager.V
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001067.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP1\A0001067.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP2\A0001071.exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP2\A0001071.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP2\A0001071.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP2\A0001102.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP2\A0001102.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP4\A0001119.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP4\A0001119.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP4\A0001120.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP4\A0001120.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001685.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001685.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001852.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001852.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001854.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001854.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001858.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001858.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001863.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001863.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001867.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001867.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001871.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001871.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001877.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001877.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001880.exe
Infected with: Trojan.LowZones.CD
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001880.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001880.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001881.exe
Infected with: Backdoor.Rbot.ASP
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001881.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001881.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001883.exe=>(RAR Sfx o)=>eee2.exe
Infected with: Trojan.LowZones.CD
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001883.exe=>(RAR Sfx o)=>eee2.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001883.exe=>(RAR Sfx o)=>eee2.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001883.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\index1.exe
Infected with: Trojan.Lowzones.CF
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\index1.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\index1.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\is940.exe
Infected with: BehavesLike:Win32.ExplorerHijack
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\is940.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\is940.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Infected with: Trojan.Downloader.Agent.FE
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)=>spool\mc-110-12-0000141.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001885.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001886.exe
Infected with: Trojan.Downloader.Vb.VV
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001886.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001886.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001887.dll
Detected with: Adware.Dinky.A.Trojan
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001887.dll
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001888.exe
Infected with: Trojan.Dropper.Paradrop.A
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001888.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001888.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001889.exe
Infected with: Backdoor.Rbot.APD
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001889.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001889.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001890.exe=>(RAR Sfx o)=>cfg\index1.exe
Infected with: Trojan.Lowzones.CF
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001890.exe=>(RAR Sfx o)=>cfg\index1.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001890.exe=>(RAR Sfx o)=>cfg\index1.exe
Deleted
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001890.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001891.exe
Infected with: Backdoor.Rbot.ASP
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001891.exe
Disinfection failed
C:\System Volume Information\_restore{58A3CF76-893D-490A-A6EC-5C9A43206C2C}\RP7\A0001891.exe
Deleted
C:\WINDOWS\spool\mc-110-12-0000141.exe
Infected with: Trojan.Downloader.Agent.FE
C:\WINDOWS\spool\mc-110-12-0000141.exe
Disinfection failed
C:\WINDOWS\spool\mc-110-12-0000141.exe
Deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Infected with: GenPack:Trojan.Downloader.Galapoper.A
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Disinfection failed
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDIB45QR\dl[1].exe
Deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Infected with: Trojan.Proxy.Lager.V
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Disinfection failed
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9AJGTIJ\parad[1].raw
Deleted
C:\WINDOWS\system32\ii
Infected with: Backdoor.BotGet.FtpB.Gen
C:\WINDOWS\system32\ii
Deleted
C:\WINDOWS\system32\kbcr.exe
Suspected of: Dropped:Generic.Malware.SY.FE30A749
C:\WINDOWS\system32\kbcr.exe
Disinfection failed
C:\WINDOWS\system32\kbcr.exe
Delete failed
C:\WINDOWS\system32\o
Infected with: Backdoor.BotGet.FtpB.Gen
C:\WINDOWS\system32\o
Disinfection failed
C:\WINDOWS\system32\o
Delete failed
C:\WINDOWS\system32\parad.raw.exe
Infected with: Trojan.Proxy.Lager.V
C:\WINDOWS\system32\parad.raw.exe
Disinfection failed
C:\WINDOWS\system32\parad.raw.exe
Deleted