Virus.ramnit

ivan01 -  
 g3n-h@ckm@n -
Bonjour,
voila 2 jours qu'à chaque analyse par malwarebyte's antimalware, je trouve des dizaines de virus.ramnit localisés apparemment dans acrobat reader et dans c:\system volume information
un detail : a chaque fois que je veux utiliser la touche accent circonflexe sur une page web tout plante...

help!

35 réponses

  • 1
  • 2
Résumé de la discussion

Ramnit est détecté à plusieurs reprises par Malwarebytes et localisé dans Acrobat Reader ainsi que dans C:\System Volume Information, provoquant des plantages et des comportements inhabituels lorsque la touche accent circonflexe est utilisée. Plusieurs interventions ont été suggérées, dont l'exécution d'outils comme HitmanPro ou Dr.Web LiveCD et l'analyse via OTL, afin d'identifier et supprimer les composants malveillants et les entrées de registre. Le fil rapporte l'envoi de rapports et de tests, des résultats partiels et des tentative de nettoyage sur un autre ordinateur, indiquant qu'un ramnit persistant peut nécessiter une réinstallation et un nettoyage minutieux. En cas de doute, il est recommandé de sécuriser les données et de recourir à un live-CD pour éviter l’exécution du malware avant réinstallation complète.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. g3n-h@ckm@n
     
    je ne pense pas que ramnit te laissera graver :)
    1
  2. g3n-h@ckm@n
     
    salut

    /!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

    __________________________________________________________
    >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
    >>>>>>>[u]Ne pas utiliser en dehors de ce cas de figure : dangereux<<<<<<<<
    =====================================================


    Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

    Telecharge ici : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Combofix

    Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
    La simple désactivation du résident n'est pas suffisante.
    Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
    Choisis la version adéquate (32 ou 64 bits)/!\

    _________________________________________________________
    >> referme les fenêtres de tous les programmes en cours.
    >><souligne>Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
    >>la protection en temps réel de ton Antivirus et de tes Antispywares,
    >>qui peuvent gêner fortement la procédure de recherche et de nettoyage
    de l'outil.
    °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°


    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."

    sur combofix renommé

    !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!


    n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
    0
  3. ivan01
     
    Bonjour g3n,

    je viens de passer l'ordi au dr web livecd, il a trouvé un paquet de ramnit un peu partout, y compris dans la partition de données de mon disque...
    puis je t'envoyer le rapport pour que tu y jettes un oeil et que tu me dises si mon ordi est ok?
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. ivan01
     
    je n'arrive pas à ouvrir le rapport... faut-il lui ajouter une extension?
    0
  6. ivan01
     
    voilà le rapport

    2011-12-10 08:56:54 AM Control Center
    Info Updater failed
    2011-12-10 08:57:12 AM Scanner
    Info Scanning started
    2011-12-10 09:17:37 AM Scanner
    Info threat has been found /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - infected Win32.Rmnet.8
    2011-12-10 09:19:02 AM Scanner
    Info threat has been found /win/D:/jeux/PacWorld/PacWorld.exe - infected Win32.Rmnet.8
    2011-12-10 09:19:02 AM Scanner
    Info threat has been found /win/D:/jeux/échecs/engine.exe - infected Win32.Rmnet.8
    2011-12-10 09:19:02 AM Scanner
    Info threat has been found /win/D:/jeux/échecs/UNWISE.EXE - infected Win32.Rmnet.8
    2011-12-10 09:45:50 AM Scanner
    Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 09:45:51 AM Scanner
    Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - infected Win32.Rmnet.8
    2011-12-10 09:45:51 AM Scanner
    Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - infected Win32.Rmnet.8
    2011-12-10 09:45:52 AM Scanner
    Info threat has been found /win/D:/ptis trucs/Fleuves.exe - infected Win32.Rmnet.8
    2011-12-10 09:47:30 AM Scanner
    Info threat has been found /win/D:/utilitaires/frphotoshop6to.exe - infected Win32.Rmnet.8
    2011-12-10 09:49:00 AM Scanner
    Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - infected Win32.Rmnet.8
    2011-12-10 09:49:00 AM Scanner
    Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - infected Win32.Rmnet.8
    2011-12-10 09:49:38 AM Scanner
    Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - infected Win32.Rmnet.8
    2011-12-10 09:51:46 AM Scanner
    Info threat has been found /win/D:/utilitaires/Illustrator9fr/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 09:51:46 AM Scanner
    Info threat has been found /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - infected Win32.Rmnet.8
    2011-12-10 09:51:46 AM Scanner
    Info threat has been found /win/D:/utilitaires/Illustrator9fr/_Setup.dll - infected Win32.Rmnet.8
    2011-12-10 10:46:16 AM Scanner
    Info threat has been found /win/C:/Qoobox.zip - infected Trojan.Starter.1695, BackDoor.Siggen.34346
    2011-12-10 10:50:05 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 10:52:09 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - infected Trojan.Rmnet.8
    2011-12-10 10:52:37 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - infected Exploit.CVE2011-3544.2
    2011-12-10 10:52:39 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:08 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:08 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:08 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:08 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:08 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - infected Win32.Rmnet.8
    2011-12-10 10:53:58 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 10:53:59 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - infected Trojan.Rmnet.8
    2011-12-10 10:54:04 AM Scanner
    Info threat has been found /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 10:56:36 AM Scanner
    Info threat has been found /win/C:/Kill'em/ERUNT.exe - infected Win32.Rmnet.8
    2011-12-10 10:56:36 AM Scanner
    Info threat has been found /win/C:/Kill'em/Pv.exe - infected Win32.Rmnet.8
    2011-12-10 10:56:37 AM Scanner
    Info threat has been found /win/C:/Kill'em/Swreg.exe - infected Win32.Rmnet.8
    2011-12-10 10:56:37 AM Scanner
    Info threat has been found /win/C:/Kill'em/Save_Scan/ERDNT.EXE - infected Win32.Rmnet.8
    2011-12-10 11:03:36 AM Scanner
    Info threat has been found /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 11:13:26 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - infected Win32.Rmnet.8
    2011-12-10 11:13:28 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - infected Win32.Rmnet.8
    2011-12-10 11:16:01 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - infected Win32.Rmnet.8
    2011-12-10 11:18:56 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - infected Win32.Rmnet.8
    2011-12-10 11:18:56 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - infected Win32.Rmnet.8
    2011-12-10 11:18:58 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - infected Win32.Rmnet.8
    2011-12-10 11:19:01 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - infected Win32.Rmnet.8
    2011-12-10 11:19:01 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - infected Win32.Rmnet.8
    2011-12-10 11:19:01 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - infected Win32.Rmnet.8
    2011-12-10 11:19:01 AM Scanner
    Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:05 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/CoverDesigner/CoverDes.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:09 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/ImageDrive/imagedrv.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:19 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/NeEm2a.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:22 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroCmd.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:22 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroCom.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:24 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroMediaCon.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:29 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/ReadHD32.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:31 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero/Uninstall/UNNero.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:31 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/BackItUp.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:31 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/NBJ.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:31 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/NBR.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:41 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/CDSpeed.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:43 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/DriveSpeed.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:43 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/InfoTool.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:49 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/WMPBurn/NeroBurnPlugin.dll - infected Win32.Rmnet.8
    2011-12-10 11:20:49 AM Scanner
    Info threat has been found /win/C:/Program Files/Ahead/WMPBurn/WMPBurn.exe - infected Win32.Rmnet.8
    2011-12-10 11:20:53 AM Scanner
    Info threat has been found /win/C:/Program Files/epson/escndv/escndv.exe - infected Win32.Rmnet.8
    2011-12-10 11:21:46 AM Scanner
    Info threat has been found /win/C:/Program Files/epson/TPMANUAL/ESDX6000_CX5900/USE_G/DOCUNINS.EXE - infected Win32.Rmnet.8
    2011-12-10 11:22:51 AM Scanner
    Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin01.dll - infected Win32.Rmnet.8
    2011-12-10 11:22:51 AM Scanner
    Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin02.dll - infected Win32.Rmnet.8
    2011-12-10 11:22:51 AM Scanner
    Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin03.dll - infected Win32.Rmnet.8
    2011-12-10 11:22:52 AM Scanner
    Info threat has been found /win/C:/Program Files/FastStone Image Viewer/FSViewer.exe - infected Win32.Rmnet.8
    2011-12-10 11:22:54 AM Scanner
    Info threat has been found /win/C:/Program Files/FastStone Image Viewer/ZipDll.dll - infected Win32.Rmnet.8
    2011-12-10 11:23:22 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Adobe/Calibration/Adobe Gamma Loadermgr.exe - infected Trojan.Rmnet.8
    2011-12-10 11:23:58 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Adobe/Web/AOM.exe - infected Win32.Rmnet.8
    2011-12-10 11:23:58 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/AudioPlugins/Aac.dll - infected Win32.Rmnet.8
    2011-12-10 11:23:59 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/AudioPlugins/msa.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:00 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/dvddisc.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:04 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/NeEm2a.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:05 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/NeNDGui.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:12 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroCBUI.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:12 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroIPP.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:12 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroMediaCon.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:13 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/specialoffer.exe - infected Win32.Rmnet.8
    2011-12-10 11:24:47 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver.exe - infected Win32.Rmnet.8
    2011-12-10 11:24:47 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver2.exe - infected Win32.Rmnet.8
    2011-12-10 11:24:47 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/objps8.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:47 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/IDriver.exe - infected Win32.Rmnet.8
    2011-12-10 11:24:48 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/objpscnv.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:48 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/engine/6/Intel 32/objectps.dll - infected Win32.Rmnet.8
    2011-12-10 11:24:49 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Professional/RunTime/Objectps.dll - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CMDDEF.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/Compsvcspkg.dll - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CSSPKG.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMDLGS.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMED.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:32 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/MSENV.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:33 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/TRIDSN.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:33 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSBROWSE.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:33 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSTLBINF.DLL - infected Win32.Rmnet.8
    2011-12-10 11:26:44 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Proof/1033/MSGR3GE.DLL - infected Win32.Rmnet.8
    2011-12-10 11:29:07 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/VC/msdia80.dll - infected Win32.Rmnet.8
    2011-12-10 11:29:07 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/VS7DEBUG/coloader.dll - infected Win32.Rmnet.8
    2011-12-10 11:29:10 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Web Folders/PKMWS.DLL - infected Win32.Rmnet.8
    2011-12-10 11:29:10 AM Scanner
    Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Web Folders/1033/NSEXTINT.DLL - infected Win32.Rmnet.8
    2011-12-10 11:29:28 AM Scanner
    Info threat has been found /win/C:/Program Files/Free Audio Pack/Free CD Ripper/wnaspi32.dll - infected Win32.Rmnet.8
    2011-12-10 11:29:29 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth/earthflashsol.exe - infected Win32.Rmnet.8
    2011-12-10 11:29:29 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth/googleearth.exe - infected Win32.Rmnet.8
    2011-12-10 11:29:30 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 11:29:30 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 11:29:30 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth/SketchUpExporter.dll - infected Win32.Rmnet.8
    2011-12-10 11:30:26 Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/earthps.dll - infected Win32.Rmnet.8
    2011-12-10 11:30:26 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/geplugin.exe - infected Win32.Rmnet.8
    2011-12-10 11:30:27 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 11:30:27 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 11:30:28 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 11:30:28 AM Scanner
    Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 11:31:13 AM Scanner
    Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/ISSetup.dll - infected Win32.Rmnet.8
    2011-12-10 11:31:14 AM Scanner
    Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/setup.exe - infected Win32.Rmnet.8
    2011-12-10 11:31:14 AM Scanner
    Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{FB08F381-6533-4108-B7DD-039E11FBC27E}/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 11:31:23 AM Scanner
    Info threat has been found /win/C:/Program Files/PDFCreator/vblocal.exe - infected Win32.Rmnet.8
    2011-12-10 11:32:03 AM Scanner
    Info threat has been found /win/C:/Program Files/Photoshop/JS32.dll - infected Win32.Rmnet.8
    2011-12-10 11:32:15 AM Scanner
    Info threat has been found /win/C:/Program Files/QuickTime/QTSystem/ExportControllerPS.dll - infected Win32.Rmnet.8
    2011-12-10 11:33:54 AM Scanner
    Info threat has been found /win/C:/Program Files/SFR/Kit/Drivers/Trio2/dsldrv/gsindi32.dll - infected Win32.Rmnet.8
    2011-12-10 11:33:55 AM Scanner
    Info threat has been found /win/C:/Program Files/SFR/Kit/Drivers/Wifi_W54LU/unwlsdrv.exe - infected Win32.Rmnet.8
    2011-12-10 11:34:43 AM Scanner
    Info threat has been found /win/C:/Program Files/Windows Media Player/msoobci.dll - infected Win32.Rmnet.8
    2011-12-10 11:34:44 AM Scanner
    Info threat has been found /win/C:/Program Files/Windows Media Player/wmsetsdk.exe - infected Win32.Rmnet.8
    2011-12-10 11:35:00 AM Scanner
    Info threat has been found /win/C:/Program Files/Java/jre6/bin/deploy.dll - infected Win32.Rmnet.8
    2011-12-10 11:35:05 AM Scanner
    Info threat has been found /win/C:/Program Files/Java/jre6/bin/zip.dll - infected Win32.Rmnet.8
    2011-12-10 11:49:16 AM Scanner
    Info threat has been found /win/C:/Program Files/Java/jre6/lib/deploy/lzma.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_liba52.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libdts.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libfaad2.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libmad.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_samplerate.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_tremor.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:26 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_unrar.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:27 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_wmv9.dll - infected Win32.Rmnet.8
    2011-12-10 11:50:37 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/Tools/dsconfig.exe - infected Win32.Rmnet.8
    2011-12-10 11:50:37 AM Scanner
    Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/Tools/gspot/gspot.exe - infected Win32.Rmnet.8
    2011-12-10 11:50:44 AM Scanner
    Info threat has been found /win/C:/Program Files/Marvell/Miniport Driver/InstallU.exe - infected Win32.Rmnet.8
    2011-12-10 11:54:10 AM Scanner
    Info threat has been found /win/C:/Program Files/Microsoft Office/Office12/EXCHCSP.DLL - infected Win32.Rmnet.8
    2011-12-10 11:57:07 AM Scanner
    Info threat has been found /win/C:/Program Files/Microsoft Office/Office12/ADDINS/OTKLOADR.DLL - infected Win32.Rmnet.8
    2011-12-10 12:02:04 PM Scanner
    Info threat has been found /win/C:/PRONOTE Réseau 2011/wwwroot/libcef.dll - infected Win32.Rmnet.8
    2011-12-10 12:02:09 PM Scanner
    Info threat has been found /win/C:/Qoobox/Quarantine/C/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/_gfteseck_.exe.zip - infected Trojan.Rmnet.8
    2011-12-10 12:02:09 PM Scanner
    Info threat has been found /win/C:/Qoobox/Quarantine/C/Program Files/Avira/AntiVir Desktop/_sched_.exe.zip - infected Trojan.Starter.1695
    2011-12-10 12:02:10 PM Scanner
    Info threat has been found /win/C:/Qoobox/Quarantine/C/WINDOWS/system32/wuauclt.exe.vir - infected Trojan.Starter.1695
    2011-12-10 01:07:55 PM Scanner
    Info threat has been found /mnt/disk/sda5/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - infected Win32.Rmnet.8
    2011-12-10 01:09:20 PM Scanner
    Info threat has been found /mnt/disk/sda5/jeux/PacWorld/PacWorld.exe - infected Win32.Rmnet.8
    2011-12-10 01:09:21 PM Scanner
    Info threat has been found /mnt/disk/sda5/jeux/échecs/engine.exe - infected Win32.Rmnet.8
    2011-12-10 01:09:21 PM Scanner
    Info threat has been found /mnt/disk/sda5/jeux/échecs/UNWISE.EXE - infected Win32.Rmnet.8
    2011-12-10 01:36:19 PM Scanner
    Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 01:36:19 PM Scanner
    Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - infected Win32.Rmnet.8
    2011-12-10 01:36:19 PM Scanner
    Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - infected Win32.Rmnet.8
    2011-12-10 01:36:20 PM Scanner
    Info threat has been found /mnt/disk/sda5/ptis trucs/Fleuves.exe - infected Win32.Rmnet.8
    2011-12-10 01:37:58 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/frphotoshop6to.exe - infected Win32.Rmnet.8
    2011-12-10 01:39:28 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - infected Win32.Rmnet.8
    2011-12-10 01:39:28 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - infected Win32.Rmnet.8
    2011-12-10 01:40:06 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - infected Win32.Rmnet.8
    2011-12-10 01:42:14 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 01:42:14 PMScanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/_ISDel.exe - infected Win32.Rmnet.8
    2011-12-10 01:42:14 PM Scanner
    Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/_Setup.dll - infected Win32.Rmnet.8
    2011-12-10 02:37:05 PM Scanner
    Info threat has been found /mnt/disk/sda1/Qoobox.zip - infected Trojan.Starter.1695, BackDoor.Siggen.34346
    2011-12-10 02:40:54 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 02:42:58 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - infected Trojan.Rmnet.8
    2011-12-10 02:43:26 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - infected Exploit.CVE2011-3544.2
    2011-12-10 02:43:27 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - infected Win32.Rmnet.8
    2011-12-10 02:43:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - infected Win32.Rmnet.8
    2011-12-10 02:43:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - infected Win32.Rmnet.8
    2011-12-10 02:43:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - infected Win32.Rmnet.8
    2011-12-10 02:43:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - infected Win32.Rmnet.8
    2011-12-10 02:43:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - infected Win32.Rmnet.8
    2011-12-10 02:44:46 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 02:44:47 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - infected Trojan.Rmnet.8
    2011-12-10 02:44:52 PM Scanner
    Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
    2011-12-10 02:47:21 PM Scanner
    Info threat has been found /mnt/disk/sda1/Kill'em/ERUNT.exe - infected Win32.Rmnet.8
    2011-12-10 02:47:21 PM Scanner
    Info threat has been found /mnt/disk/sda1/Kill'em/Pv.exe - infected Win32.Rmnet.8
    2011-12-10 02:47:22 PM Scanner
    Info threat has been found /mnt/disk/sda1/Kill'em/Swreg.exe - infected Win32.Rmnet.8
    2011-12-10 02:47:22 PM Scanner
    Info threat has been found /mnt/disk/sda1/Kill'em/Save_Scan/ERDNT.EXE - infected Win32.Rmnet.8
    2011-12-10 02:54:38 PM Scanner
    Info threat has been found /mnt/disk/sda1/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 03:04:29 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Illustrator 9.0/coldware.dll - infected Win32.Rmnet.8
    2011-12-10 03:04:31 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Illustrator 9.0/Sangam.dll - infected Win32.Rmnet.8
    2011-12-10 03:07:05 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Photoshop 7.0/JS32.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:01 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:01 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:03 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:06 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:06 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:06 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - infected Win32.Rmnet.8
    2011-12-10 03:10:06 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:10 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/CoverDesigner/CoverDes.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:14 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/ImageDrive/imagedrv.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:23 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeEm2a.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:26 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroCmd.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:26 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroCom.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:29 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroMediaCon.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:34 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/ReadHD32.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/Uninstall/UNNero.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/BackItUp.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/NBJ.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/NBR.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:46 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/CDSpeed.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:47 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/DriveSpeed.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:48 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/InfoTool.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:54 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/WMPBurn/NeroBurnPlugin.dll - infected Win32.Rmnet.8
    2011-12-10 03:11:54 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Ahead/WMPBurn/WMPBurn.exe - infected Win32.Rmnet.8
    2011-12-10 03:11:58 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/epson/escndv/escndv.exe - infected Win32.Rmnet.8
    2011-12-10 03:12:52 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/epson/TPMANUAL/ESDX6000_CX5900/USE_G/DOCUNINS.EXE - infected Win32.Rmnet.8
    2011-12-10 03:13:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin01.dll - infected Win32.Rmnet.8
    2011-12-10 03:13:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin02.dll - infected Win32.Rmnet.8
    2011-12-10 03:13:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin03.dll - infected Win32.Rmnet.8
    2011-12-10 03:13:57 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/FSViewer.exe - infected Win32.Rmnet.8
    2011-12-10 03:14:00 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/ZipDll.dll - infected Win32.Rmnet.8
    2011-12-10 03:14:27 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Adobe/Calibration/Adobe Gamma Loadermgr.exe - infected Trojan.Rmnet.8
    2011-12-10 03:15:03 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Adobe/Web/AOM.exe - infected Win32.Rmnet.8
    2011-12-10 03:15:03 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/AudioPlugins/Aac.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:05 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/AudioPlugins/msa.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:05 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/dvddisc.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:10 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/NeEm2a.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:10 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/NeNDGui.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:18 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroCBUI.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:18 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroIPP.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:18 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroMediaCon.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:18 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/specialoffer.exe - infected Win32.Rmnet.8
    2011-12-10 03:15:53 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver.exe - infected Win32.Rmnet.8
    2011-12-10 03:15:53 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver2.exe - infected Win32.Rmnet.8
    2011-12-10 03:15:53 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/objps8.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:53 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/IDriver.exe - infected Win32.Rmnet.8
    2011-12-10 03:15:53 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/objpscnv.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:54 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/engine/6/Intel 32/objectps.dll - infected Win32.Rmnet.8
    2011-12-10 03:15:54 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Professional/RunTime/Objectps.dll - infected Win32.Rmnet.8
    2011-12-10 03:17:39 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CMDDEF.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/Compsvcspkg.dll - infected Win32.Rmnet.8
    2011-12-10 03:17:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CSSPKG.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMDLGS.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMED.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/MSENV.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:41 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/TRIDSN.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:41 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSBROWSE.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:41 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSTLBINF.DLL - infected Win32.Rmnet.8
    2011-12-10 03:17:52 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Proof/1033/MSGR3GE.DLL - infected Win32.Rmnet.8
    2011-12-10 03:20:16 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/VC/msdia80.dll - infected Win32.Rmnet.8
    2011-12-10 03:20:17 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/VS7DEBUG/coloader.dll - infected Win32.Rmnet.8
    2011-12-10 03:20:20 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Web Folders/PKMWS.DLL - infected Win32.Rmnet.8
    2011-12-10 03:20:20 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Web Folders/1033/NSEXTINT.DLL - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Free Audio Pack/Free CD Ripper/wnaspi32.dll - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/earthflashsol.exe - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/googleearth.exe - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 03:20:40 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/SketchUpExporter.dll - infected Win32.Rmnet.8
    2011-12-10 03:21:35 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/earthps.dll - infected Win32.Rmnet.8
    2011-12-10 03:21:35 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/geplugin.exe - infected Win32.Rmnet.8
    2011-12-10 03:21:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 03:21:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 03:21:36 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcp80.dll - infected Win32.Rmnet.8
    2011-12-10 03:21:37 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcr80.dll - infected Win32.Rmnet.8
    2011-12-10 03:22:21 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/ISSetup.dll - infected Win32.Rmnet.8
    2011-12-10 03:22:21 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/setup.exe - infected Win32.Rmnet.8
    2011-12-10 03:22:22 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{FB08F381-6533-4108-B7DD-039E11FBC27E}/Setup.exe - infected Win32.Rmnet.8
    2011-12-10 03:22:31 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/PDFCreator/vblocal.exe - infected Win32.Rmnet.8
    2011-12-10 03:23:12 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Photoshop/JS32.dll - infected Win32.Rmnet.8
    2011-12-10 03:23:24 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/QuickTime/QTSystem/ExportControllerPS.dll - infected Win32.Rmnet.8
    2011-12-10 03:25:04 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/SFR/Kit/Drivers/Trio2/dsldrv/gsindi32.dll - infected Win32.Rmnet.8
    2011-12-10 03:25:05 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/SFR/Kit/Drivers/Wifi_W54LU/unwlsdrv.exe - infected Win32.Rmnet.8
    2011-12-10 03:25:52 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Windows Media Player/msoobci.dll - infected Win32.Rmnet.8
    2011-12-10 03:25:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Windows Media Player/wmsetsdk.exe - infected Win32.Rmnet.8
    2011-12-10 03:26:09 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/bin/deploy.dll - infected Win32.Rmnet.8
    2011-12-10 03:26:14 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/bin/zip.dll - infected Win32.Rmnet.8
    2011-12-10 03:40:35 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/lib/deploy/lzma.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:44 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_liba52.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libdts.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libfaad2.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libmad.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_samplerate.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_tremor.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:45 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_unrar.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:46 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_wmv9.dll - infected Win32.Rmnet.8
    2011-12-10 03:41:55 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/Tools/dsconfig.exe - infected Win32.Rmnet.8
    2011-12-10 03:41:56 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/Tools/gspot/gspot.exe - infected Win32.Rmnet.8
    2011-12-10 03:42:03 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Marvell/Miniport Driver/InstallU.exe - infected Win32.Rmnet.8
    2011-12-10 03:45:27 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Microsoft Office/Office12/EXCHCSP.DLL - infected Win32.Rmnet.8
    2011-12-10 03:48:24 PM Scanner
    Info threat has been found /mnt/disk/sda1/Program Files/Microsoft Office/Office12/ADDINS/OTKLOADR.DLL - infected Win32.Rmnet.8
    2011-12-10 03:53:20 PM Scanner
    Info threat has been found /mnt/disk/sda1/PRONOTE Réseau 2011/wwwroot/libcef.dll - infected Win32.Rmnet.8
    2011-12-10 03:53:25 PM Scanner
    Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/_gfteseck_.exe.zip - infected Trojan.Rmnet.8
    2011-12-10 03:53:25 PM Scanner
    Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/Program Files/Avira/AntiVir Desktop/_sched_.exe.zip - infected Trojan.Starter.1695
    2011-12-10 03:53:26 PM Scanner
    Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/WINDOWS/system32/wuauclt.exe.vir - infected Trojan.Starter.1695
    2011-12-10 05:04:39 PM Scanner
    Info Scanning finished
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - cured
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - cured
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/jeux/PacWorld/PacWorld.exe - cured
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/jeux/PacWorld/PacWorld.exe - cured
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/jeux/échecs/engine.exe - cured
    2011-12-10 05:59:20 PM Scanner
    Info /win/D:/jeux/échecs/engine.exe - cured
    2011-12-10 05:59:21 PM Scanner
    Info /win/D:/jeux/échecs/UNWISE.EXE - cured
    2011-12-10 05:59:21 PM Scanner
    Info /win/D:/jeux/échecs/UNWISE.EXE - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - cured
    2011-12-10 05:59:22 PM Scanner
    Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - cured
    2011-12-10 05:59:23 PM Scanner
    Info /win/D:/ptis trucs/Fleuves.exe - cured
    2011-12-10 05:59:23 PM Scanner
    Info /win/D:/ptis trucs/Fleuves.exe - cured
    2011-12-10 05:59:29 PM Scanner
    Info /win/D:/utilitaires/frphotoshop6to.exe - cured
    2011-12-10 05:59:31 PM Scanner
    Info /win/D:/utilitaires/frphotoshop6to.exe - cured
    2011-12-10 05:59:31 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - cured
    2011-12-10 05:59:31 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - cured
    2011-12-10 05:59:32 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - cured
    2011-12-10 05:59:32 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - cured
    2011-12-10 05:59:32 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - cured
    2011-12-10 05:59:32 PM Scanner
    Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - cured
    2011-12-10 06:24:21 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/Setup.exe - cured
    2011-12-10 06:24:21 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/Setup.exe - cured
    2011-12-10 06:24:21 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - cured
    2011-12-10 06:24:21 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - cured
    2011-12-10 06:24:22 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/_Setup.dll - cured
    2011-12-10 06:24:22 PM Scanner
    Info /win/D:/utilitaires/Illustrator9fr/_Setup.dll - cured
    2011-12-10 06:24:26 PM Scanner
    Info cured 15 files: /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll, /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe, /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe, /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll, /win/D:/jeux/PacWorld/PacWorld.exe, /win/D:/jeux/échecs/UNWISE.EXE, /win/D:/jeux/échecs/engine.exe, /win/D:/ptis trucs/Fleuves.exe, /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll, /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll, /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe, /win/D:/utilitaires/Illustrator9fr/Setup.exe, /win/D:/utilitaires/Illustrator9fr/_ISDel.exe, /win/D:/utilitaires/Illustrator9fr/_Setup.dll, /win/D:/utilitaires/frphotoshop6to.exe;
    2011-12-10 06:24:46 PM Scanner
    Info /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
    2011-12-10 06:24:46 PM Scanner
    Info /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
    2011-12-10 06:24:46 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - deleted
    2011-12-10 06:24:46 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - deleted
    2011-12-10 06:24:51 PM Scanner
    Info removed 2 files: /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe, /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d;
    2011-12-10 06:24:54 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - cured
    2011-12-10 06:24:54 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - cured
    2011-12-10 06:24:54 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - cured
    2011-12-10 06:24:54 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - cured
    2011-12-10 06:24:55 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - cured
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - cured
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - cured
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - deleted
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - deleted
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - deleted
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - deleted
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
    2011-12-10 06:24:56 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
    2011-12-10 06:24:59 PM Scanner
    Info cured 6 files: /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe;removed 3 files: /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe, /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe, /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe;
    2011-12-10 06:25:37 PM Scanner
    Info /win/C:/Qoobox.zip - moved to Quarantine
    2011-12-10 06:25:41 PM Scanner
    Info moved 1 files to Quarantine: /win/C:/Qoobox.zip;
    2011-12-10 06:26:19 PM Scanner
    Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - moved to Quarantine
    2011-12-10 06:26:24 PM Scanner Info moved 1 files to Quarantine: /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248;
    2011-12-10 06:26:55 PM Scanner Info /win/C:/Kill'em/ERUNT.exe - cured
    2011-12-10 06:26:56 PM Scanner Info /win/C:/Kill'em/ERUNT.exe - cured
    2011-12-10 06:26:59 PM Scanner Info /win/C:/Kill'em/Swreg.exe - cured
    2011-12-10 06:26:59 PM Scanner Info /win/C:/Kill'em/Swreg.exe - cured
    2011-12-10 06:27:00 PM Scanner Info cured 2 files: /win/C:/Kill'em/ERUNT.exe, /win/C:/Kill'em/Swreg.exe;
    2011-12-10 06:27:04 PM Scanner Info /win/C:/Kill'em/Pv.exe - cured
    2011-12-10 06:27:04 PM Scanner Info /win/C:/Kill'em/Pv.exe - cured
    2011-12-10 06:27:09 PM Scanner Info cured 1 files: /win/C:/Kill'em/Pv.exe;
    2011-12-10 06:27:50 PM Scanner
    Info /win/C:/Kill'em/Save_Scan/ERDNT.EXE - cured
    2011-12-10 06:27:54 PM Scanner
    Info cured 1 files: /win/C:/Kill'em/Save_Scan/ERDNT.EXE;
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - cured
    2011-12-10 06:28:19 PM Scanner
    Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - cured
    2011-12-10 06:28:19 PM Sc
    0
  7. g3n-h@ckm@n
     
    Télécharge ici :OTL

    enregistre le sur ton Bureau.

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur OTL.exe pour le lancer.

    => Clique ici pour voir la Configuration

    ▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"

    netsvcs
    safebootminimal
    safebootnetwork
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.ini
    %systemroot%\Tasks\*.*
    %systemroot%\system32\Tasks\*.*
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\config\*.exe /s
    %systemroot%\system32\*.sys
    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s
    CREATERESTOREPOINT


    ▶ Clic sur Analyse.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    ▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

    heberge OTL.txt et extra.txt sur http://pjjoint.malekal.com et donne les liens
    0
  8. ivan01
     
    voila pour OTL.txt :
    http://pjjoint.malekal.com/files.php?id=20111210_j15e14l10k13h5

    et pour extra.txt :
    http://pjjoint.malekal.com/files.php?id=20111210_u14v10e12j8x8
    0
  9. g3n-h@ckm@n
     
    trop bizarres tes rapports....

    fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    ▶ Télécharge ici :

    Malwarebytes

    ▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    relance malwarebytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    ▶ Lance Malwarebyte's .

    Fais un examen dit "Complet" .

    ▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    ▶ à la fin tu cliques sur "résultat" .
    Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

    0
  10. ivan01
     
    voilà le rapport, l'analyse s'est déroulée sans dommages, et plus aucun résultats positifs... tu peux me dire pq les rapports sont bizarres?

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Version de la base de données: 8348

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    10/12/2011 21:16:21
    mbam-log-2011-12-10 (21-16-21).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 214733
    Temps écoulé: 20 minute(s), 44 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  11. ivan01
     
    ah ouais en effet!
    on essaye comme ça

    OTL.txt :
    http://pjjoint.malekal.com/files.php?id=OTL_20111210_s9x5y6e15b9

    extras.txt :
    http://pjjoint.malekal.com/files.php?id=OTL_Extras_20111210_y10e6z14x14i7
    0
  12. g3n-h@ckm@n
     
    ouaip' ^^

    t'as pas respecté la config que j'ai demandé ^^
    0
  13. ivan01
     
    arf, j'y retourne alors, mais je vois pas ce que j'ai zappé...
    je vais essayer de trouver
    0
  14. ivan01
     
    autant pour moi...

    voilà OTL.txt :
    http://pjjoint.malekal.com/files.php?id=OTL_20111210_k515v10f15p15

    et extras.txt :
    http://pjjoint.malekal.com/files.php?id=OTL_Extras_20111210_j126e7n14g5
    0
  15. g3n-h@ckm@n
     
    ok desinstalle adobe reader 9

    ==========================

    Fais analyser le(s) fichier(s) suivants sur Virustotal :

    Virus Total

    clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

    C:\WINDOWS\System32\rhemtarx.dll
    C:\WINDOWS\autoload.exe

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.

    ============================

    ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur OTL.exe pour le lancer.

    ▶Copie la liste qui se trouve en gras ci-dessous,

    ▶ colle-la dans la zone sous "Personnalisation" :


    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    Teatimer.exe

    :OTL
    FF - prefs.js..browser.search.defaultthis.engineName: "eslprintables Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2215634&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "eslprintables Customized Web Search"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    [2009/10/06 16:08:16 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\ivan\Application Data\Mozilla\Firefox\Profiles\brl58omf.default\searchplugins\conduit.xml
    O4 - HKU\S-1-5-21-1993962763-1770027372-725345543-1003\..\Run: [GftEseck] C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw\gfteseck.exe File not found
    O4 - HKU\.DEFAULT\..\Run: [GftEseck] C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw\gfteseck.exe File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

    :Reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"=-
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\Windows\System32\Userinit.exe,"

    :Files
    C:\Users\mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
    C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw
    C:\Documents and Settings\ivan\DoctorWeb

    :commands
    [CLEARALLRESTOREPOINTS]
    [emptytemp]
    [start explorer]
    [reboot]


    ▶ Clique sur "Correction" pour lancer la suppression.

    ▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
    0
  16. ivan01
     
    voilà pour les analyses
    pour C:\WINDOWS\System32\rhemtarx.dll

    http://www.virustotal.com/file-scan/report.html?id=279070473d6b68320ba83ef00951b8a5b3c60b64b84a7539efca566db6694ed6-1323552477

    en lancant l'analyse de C:\WINDOWS\autoload.exe , il me dit que ce fichier a deja été analysé (!?) ; je lui demande de réanalyser et voilà ce que ça donne

    http://www.virustotal.com/file-scan/report.html?id=237bf4b68d6260a9343815e922543cad78cc4261f911b3dd5c994a745430ed93-1323552626

    et voilà le rapport de OTL après reboot :

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    No active process named iexplore.exe was found!
    Process firefox.exe killed successfully!
    No active process named msnmsgr.exe was found!
    No active process named Teatimer.exe was found!
    ========== OTL ==========
    Prefs.js: "eslprintables Customized Web Search" removed from browser.search.defaultthis.engineName
    Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2215634&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
    Prefs.js: "eslprintables Customized Web Search" removed from browser.search.selectedEngine
    Prefs.js: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
    C:\Documents and Settings\ivan\Application Data\Mozilla\Firefox\Profiles\brl58omf.default\searchplugins\conduit.xml moved successfully.
    Registry value HKEY_USERS\S-1-5-21-1993962763-1770027372-725345543-1003\\Software\Microsoft\Windows\CurrentVersion\Run\\GftEseck deleted successfully.
    Registry value HKEY_USERS\.DEFAULT\\Software\Microsoft\Windows\CurrentVersion\Run\\GftEseck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\Windows\System32\Userinit.exe," /E : value set successfully!
    ========== FILES ==========
    File\Folder C:\Users\mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk not found.
    C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw folder moved successfully.
    C:\Documents and Settings\ivan\DoctorWeb\Quarantine folder moved successfully.
    C:\Documents and Settings\ivan\DoctorWeb folder moved successfully.
    ========== COMMANDS ==========
    Restore points cleared and new OTL Restore Point set!

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: ivan
    ->Temp folder emptied: 3663 bytes
    ->Temporary Internet Files folder emptied: 22350423 bytes
    ->Java cache emptied: 903410 bytes
    ->FireFox cache emptied: 61375343 bytes
    ->Flash cache emptied: 880 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 9011334 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->FireFox cache emptied: 29899 bytes
    ->Flash cache emptied: 405 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2134506 bytes
    %systemroot%\System32 .tmp files removed: 3072 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 439 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 91,00 mb

    OTL by OldTimer - Version 3.2.31.0 log created on 12102011_224338

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    0
  17. ivan01
     
    je reprends demain je vais arrêter l'ordi

    merci encore pour tout le temps que tu passes sur mon cas, et pour les autres aussi!
    0
  • 1
  • 2