Virus Win32 : Trojan-gen ! ! ! A l'aide
Fermé
SARAHDHOUIB
Messages postés
17
Date d'inscription
mardi 4 juillet 2006
Statut
Membre
Dernière intervention
8 juillet 2006
-
4 juil. 2006 à 17:16
darkeubeurk - 9 juil. 2006 à 14:43
darkeubeurk - 9 juil. 2006 à 14:43
A voir également:
- Virus Win32 : Trojan-gen ! ! ! A l'aide
- Puabundler win32 - Forum Virus
- Puadimanager win32 ✓ - Forum Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Operagxsetup virus ✓ - Forum Virus
23 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
5 juil. 2006 à 00:23
5 juil. 2006 à 00:23
re
pour ton poste un peu plus haut ...
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr8.hpwis.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\qdhlmxb.exe
O4 - HKLM\..\Run: [Winsock2 driver] WMWPLAYER.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKLM\..\Run: [WinDLL (wchshield.exe)] rundll32.exe C:\WINDOWS\System32\wchshield.exe,start
O4 - HKLM\..\Run: [Microsoft MachineUpdatese] tempes.exe
O4 - HKLM\..\RunServices: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKLM\..\RunServices: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - HKLM\..\RunServices: [Microsoft MachineUpdatese] tempes.exe
O4 - HKLM\..\Run: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKCU\..\Run: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/210F/D21012.CAB
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/210F/D21011.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWB...
O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/310F/D31017.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/213F/D21315.CAB
O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/310F/D31013.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv560.mediapluspro.net/Mediaplus560/Download/HtmlHelpViewer.CAB
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv560.mediapluspro.net/Mediaplus560/Download/Inet1.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://srv4.mediapluspro.net/mediaplus6/App/VirtualMplus/msrdp.cab
O16 - DPF: {8DDE5D59-AEFD-11D4-BE6F-004033D253CA} (D31214.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/312F/d31214.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/213F/D21316.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv560.mediapluspro.net/Mediaplus560/Download/ENIBP.CAB
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Media Bar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv560.mediapluspro.net/Mediaplus560/Download/ENIInetTools.CAB
ensuite :
*Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .
*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et enfin fais le 1/ et 2/ de ce lien stp :
virus methode preliminaire de desinfection version fr
bon courage, @+
PS : j'arrete pour ce soir !
***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
pour ton poste un peu plus haut ...
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr8.hpwis.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\qdhlmxb.exe
O4 - HKLM\..\Run: [Winsock2 driver] WMWPLAYER.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKLM\..\Run: [WinDLL (wchshield.exe)] rundll32.exe C:\WINDOWS\System32\wchshield.exe,start
O4 - HKLM\..\Run: [Microsoft MachineUpdatese] tempes.exe
O4 - HKLM\..\RunServices: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKLM\..\RunServices: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - HKLM\..\RunServices: [Microsoft MachineUpdatese] tempes.exe
O4 - HKLM\..\Run: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Printers] C:\WINDOWS\System32\taskmgre.exe
O4 - HKCU\..\Run: [PrinterDrive] C:\WINDOWS\System32\vmmon322.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {1298DB22-B5C5-11D6-8A0B-004033D24DB9} (D21012.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/210F/D21012.CAB
O16 - DPF: {1298DB52-B5C5-11D6-8A0B-004033D24DB9} (D21011.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/210F/D21011.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWB...
O16 - DPF: {272BF969-14B0-11D6-8A05-004033D24DB9} (D31017.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/310F/D31017.CAB
O16 - DPF: {2C22D0EA-6C5E-42D0-8024-2BD8F37C3E04} (D21315.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/213F/D21315.CAB
O16 - DPF: {2E98B13E-E7CC-11D5-8A02-004033D24DB9} (D31013.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/310F/D31013.CAB
O16 - DPF: {4E042DE6-8B87-11D3-AE7F-004033D24DBD} (HtmlHelpViewer.CViewerHtml) - http://srv560.mediapluspro.net/Mediaplus560/Download/HtmlHelpViewer.CAB
O16 - DPF: {642F50E7-244A-11D5-956E-0040339BF4B0} (Inet1.CInet1) - http://srv560.mediapluspro.net/Mediaplus560/Download/Inet1.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://srv4.mediapluspro.net/mediaplus6/App/VirtualMplus/msrdp.cab
O16 - DPF: {8DDE5D59-AEFD-11D4-BE6F-004033D253CA} (D31214.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/312F/d31214.CAB
O16 - DPF: {909A40AE-D613-4C40-B610-F4036023CA20} (D21316.Module) - http://srv560.mediapluspro.net/Mediaplus560/Download/213F/D21316.CAB
O16 - DPF: {9D23DDAA-D04A-4384-8C51-7B226626A14C} (IBarre0.CManag) - http://srv560.mediapluspro.net/Mediaplus560/Download/ENIBP.CAB
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Media Bar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D34D6048-E232-4889-B08C-AF4AFE87A6F6} (ENIInetTools.clsManager) - http://srv560.mediapluspro.net/Mediaplus560/Download/ENIInetTools.CAB
ensuite :
*Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .
*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et enfin fais le 1/ et 2/ de ce lien stp :
virus methode preliminaire de desinfection version fr
bon courage, @+
PS : j'arrete pour ce soir !
***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
6 juil. 2006 à 18:17
6 juil. 2006 à 18:17
Salut
repasse ewido : et lorsqu'il te trouve un fichier infecté, tu le supprime, c'est à dire que te le règle sur "cleaned", car là il ne leur à rien fait ...
poste à nouveau le rapport, ensuite fais un nouveau hijackthis et precise
tes soucis s'il en reste
++
repasse ewido : et lorsqu'il te trouve un fichier infecté, tu le supprime, c'est à dire que te le règle sur "cleaned", car là il ne leur à rien fait ...
poste à nouveau le rapport, ensuite fais un nouveau hijackthis et precise
tes soucis s'il en reste
++
SARAHDHOUIB
Messages postés
17
Date d'inscription
mardi 4 juillet 2006
Statut
Membre
Dernière intervention
8 juillet 2006
8 juil. 2006 à 16:11
8 juil. 2006 à 16:11
Re-bonjour,
J'ai effectué de nouveau ewindo et Hijackthis et voici le rapport de Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 16:07:59, on 08/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://noos.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ShowShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
J'espère que c'est mieux que la dernière fois.
Dans l'attente de vous lire.
Merci
Sarah
J'ai effectué de nouveau ewindo et Hijackthis et voici le rapport de Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 16:07:59, on 08/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://noos.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ShowShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
J'espère que c'est mieux que la dernière fois.
Dans l'attente de vous lire.
Merci
Sarah
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
8 juil. 2006 à 22:46
8 juil. 2006 à 22:46
Salut
# Désactiver la Restauration du système
* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs
#Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
# télécharge ceci : ( si ce n'est pas déjà fait ! ) et fais un pti nettoaye avec !
1) Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
2) Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/AdAware/AdAware.htm
3) Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
tuto : (merci à Ballatrap )
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
4) A-squared (nécessite un enregistrement gratuit en ligne pour obtenir la clé d'activation) :
https://www.emsisoft.com/fr/
5) Ewido (gratuit) :
https://www.avg.com/en-ww/free-antivirus-download
tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
6) CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm
precise ensuite tes soucis s'il en reste, et poste un nouveau hijackthis stp
++
***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
# Désactiver la Restauration du système
* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs
#Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
# télécharge ceci : ( si ce n'est pas déjà fait ! ) et fais un pti nettoaye avec !
1) Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
2) Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/AdAware/AdAware.htm
3) Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
tuto : (merci à Ballatrap )
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
4) A-squared (nécessite un enregistrement gratuit en ligne pour obtenir la clé d'activation) :
https://www.emsisoft.com/fr/
5) Ewido (gratuit) :
https://www.avg.com/en-ww/free-antivirus-download
tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
6) CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm
precise ensuite tes soucis s'il en reste, et poste un nouveau hijackthis stp
++
***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
5 juil. 2006 à 16:48
Voici le rapport du 2/
>BitDefender Online Scanner
Scan report generated at: Wed, Jul 05, 2006 - 16:45:39
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
01:59:26
Files
474480
Folders
4225
Boot Sectors
3
Archives
23555
Packed Files
47347
Results
Identified Viruses
14
Infected Files
77
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
77
Engines Info
Virus Definitions
406239
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
39
Unpack plugins
5
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\bh.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\bh.exe
Disinfection failed
C:\bh.exe
Deleted
C:\buh.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\buh.exe
Disinfection failed
C:\buh.exe
Deleted
C:\Documents and Settings\Propriétaire\mrexe.exe
Infected with: Trojan.Downloader.Adload.BU
C:\Documents and Settings\Propriétaire\mrexe.exe
Disinfection failed
C:\Documents and Settings\Propriétaire\mrexe.exe
Deleted
C:\hp\bin\Terminator.exe
Infected with: Trojan.Killapp.30208.A
C:\hp\bin\Terminator.exe
Disinfection failed
C:\hp\bin\Terminator.exe
Deleted
C:\o.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\o.exe
Disinfection failed
C:\o.exe
Deleted
C:\omg.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\omg.exe
Disinfection failed
C:\omg.exe
Deleted
C:\os.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\os.exe
Disinfection failed
C:\os.exe
Deleted
C:\ram.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\ram.exe
Disinfection failed
C:\ram.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044458.exe
Infected with: Backdoor.SDBot.94895ACB
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044458.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044459.exe
Infected with: Win32.Worm.Korgo.T
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044459.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044460.exe
Infected with: Win32.Worm.Korgo.T
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP107\A0044460.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0047806.exe
Infected with: GenPack:Backdoor.RBot.A3DB0EFB
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0047806.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0047806.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050808.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050808.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050808.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050822.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050822.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0050822.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0051821.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0051821.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP112\A0051821.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0052823.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0052823.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0052823.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0053822.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0053822.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0053822.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0054823.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0054823.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0054823.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0055822.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0055822.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0055822.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056822.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056822.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056822.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056832.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056832.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0056832.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057832.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057832.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057832.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057844.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057844.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0057844.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0058844.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0058844.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0058844.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059845.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059845.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059845.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059856.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059856.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059856.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059868.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059868.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059868.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059881.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059881.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0059881.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060882.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060882.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060882.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060894.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060894.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060894.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060906.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060906.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060906.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060919.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060919.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP113\A0060919.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP114\A0065000.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP114\A0065000.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP114\A0065000.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065105.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065105.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065105.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065106.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065106.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0065106.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066105.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066105.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066105.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066120.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066120.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066120.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066132.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066132.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066132.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066144.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066144.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP116\A0066144.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP127\A0088165.exe
Infected with: Trojan.Downloader.VB.PU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP127\A0088165.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP127\A0088165.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0092222.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0092222.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0092222.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093222.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093222.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093222.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093224.exe
Infected with: Trojan.Downloader.Adload.NAD
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093224.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0093224.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094223.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094223.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094223.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094237.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094237.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP129\A0094237.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0094266.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0094266.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0094266.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095266.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095266.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095266.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095280.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095280.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP130\A0095280.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0100473.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0100473.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0100473.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101474.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101474.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101474.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101488.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101488.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0101488.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0102486.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0102486.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0102486.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0103488.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0103488.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0103488.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0106488.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0106488.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0106488.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0107486.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0107486.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0107486.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0108486.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0108486.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0108486.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0109486.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0109486.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP133\A0109486.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0109492.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0109492.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0109492.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110489.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110489.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110489.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110502.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110502.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0110502.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0111503.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0111503.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0111503.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112528.exe
Infected with: Backdoor.RBot.CVR
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112528.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112528.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112688.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112688.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112688.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112689.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112689.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112689.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112690.exe
Infected with: Trojan.Downloader.Adload.BU
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112690.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112690.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112691.exe
Infected with: Trojan.Killapp.30208.A
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112691.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112691.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112692.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112692.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112692.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112693.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112693.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112693.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112694.exe
Infected with: GenPack:Backdoor.RBot.FF68A800
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112694.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112694.exe
Deleted
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112695.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112695.exe
Disinfection failed
C:\System Volume Information\_restore{DC728D2A-F789-45D0-A904-D810A757CF8D}\RP134\A0112695.exe
Deleted
C:\WINDOWS\system32\adkiller.exe
Infected with: Backdoor.RBot.DVP
C:\WINDOWS\system32\adkiller.exe
Disinfection failed
C:\WINDOWS\system32\adkiller.exe
Deleted
C:\WINDOWS\system32\drivers\etc\hosts
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts
Deleted
C:\WINDOWS\system32\drivers\etc\hosts.msn
Infected with: Generic.Qhost
C:\WINDOWS\system32\drivers\etc\hosts.msn
Disinfection failed
C:\WINDOWS\system32\drivers\etc\hosts.msn
Deleted
C:\WINDOWS\system32\i
Infected with: Backdoor.BotGet.FtpB.Gen
C:\WINDOWS\system32\i
Deleted
C:\WINDOWS\system32\taskmgre.exe
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\WINDOWS\system32\taskmgre.exe
Disinfection failed
C:\WINDOWS\system32\taskmgre.exe
Deleted
C:\WINDOWS\system32\TFTP3792
Infected with: GenPack:Generic.Malware.GSIFX.43333DE2
C:\WINDOWS\system32\TFTP3792
Disinfection failed
C:\WINDOWS\system32\TFTP3792
Deleted
C:\WINDOWS\system32\vmmon322.exe
Infected with: GenPack:Generic.Malware.GSIFWX.F0E944A3
C:\WINDOWS\system32\vmmon322.exe
Disinfection failed
C:\WINDOWS\system32\vmmon322.exe
Deleted