Sujet Précédent Sujet Suivant

Virus.ramnit

Fermé
ivan01 - 4 déc. 2011 à 19:54
 Utilisateur anonyme - 12 déc. 2011 à 00:12
Bonjour,
voila 2 jours qu'à chaque analyse par malwarebyte's antimalware, je trouve des dizaines de virus.ramnit localisés apparemment dans acrobat reader et dans c:\system volume information
un detail : a chaque fois que je veux utiliser la touche accent circonflexe sur une page web tout plante...

help!

35 réponses

  • 1
  • 2
Réponse 1 / 35
Utilisateur anonyme
4 déc. 2011 à 22:03
je ne pense pas que ramnit te laissera graver :)
1
Réponse 2 / 35
Utilisateur anonyme
4 déc. 2011 à 19:54
salut

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>[u]Ne pas utiliser en dehors de ce cas de figure : dangereux<<<<<<<<
=====================================================

Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Combofix

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>><souligne>Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
0
Réponse 3 / 35
ivan01
10 déc. 2011 à 18:46
Bonjour g3n,

je viens de passer l'ordi au dr web livecd, il a trouvé un paquet de ramnit un peu partout, y compris dans la partition de données de mon disque...
puis je t'envoyer le rapport pour que tu y jettes un oeil et que tu me dises si mon ordi est ok?
0
Réponse 4 / 35
Utilisateur anonyme
10 déc. 2011 à 18:56
oui compressé comme indiqué
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 35
ivan01
10 déc. 2011 à 19:02
je n'arrive pas à ouvrir le rapport... faut-il lui ajouter une extension?
0
Réponse 6 / 35
Utilisateur anonyme
10 déc. 2011 à 19:10
je ne comprends pas....
0
Réponse 7 / 35
ivan01
10 déc. 2011 à 20:07
voilà le rapport

2011-12-10 08:56:54 AM Control Center
Info Updater failed
2011-12-10 08:57:12 AM Scanner
Info Scanning started
2011-12-10 09:17:37 AM Scanner
Info threat has been found /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - infected Win32.Rmnet.8
2011-12-10 09:19:02 AM Scanner
Info threat has been found /win/D:/jeux/PacWorld/PacWorld.exe - infected Win32.Rmnet.8
2011-12-10 09:19:02 AM Scanner
Info threat has been found /win/D:/jeux/échecs/engine.exe - infected Win32.Rmnet.8
2011-12-10 09:19:02 AM Scanner
Info threat has been found /win/D:/jeux/échecs/UNWISE.EXE - infected Win32.Rmnet.8
2011-12-10 09:45:50 AM Scanner
Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - infected Win32.Rmnet.8
2011-12-10 09:45:51 AM Scanner
Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - infected Win32.Rmnet.8
2011-12-10 09:45:51 AM Scanner
Info threat has been found /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - infected Win32.Rmnet.8
2011-12-10 09:45:52 AM Scanner
Info threat has been found /win/D:/ptis trucs/Fleuves.exe - infected Win32.Rmnet.8
2011-12-10 09:47:30 AM Scanner
Info threat has been found /win/D:/utilitaires/frphotoshop6to.exe - infected Win32.Rmnet.8
2011-12-10 09:49:00 AM Scanner
Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - infected Win32.Rmnet.8
2011-12-10 09:49:00 AM Scanner
Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - infected Win32.Rmnet.8
2011-12-10 09:49:38 AM Scanner
Info threat has been found /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - infected Win32.Rmnet.8
2011-12-10 09:51:46 AM Scanner
Info threat has been found /win/D:/utilitaires/Illustrator9fr/Setup.exe - infected Win32.Rmnet.8
2011-12-10 09:51:46 AM Scanner
Info threat has been found /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - infected Win32.Rmnet.8
2011-12-10 09:51:46 AM Scanner
Info threat has been found /win/D:/utilitaires/Illustrator9fr/_Setup.dll - infected Win32.Rmnet.8
2011-12-10 10:46:16 AM Scanner
Info threat has been found /win/C:/Qoobox.zip - infected Trojan.Starter.1695, BackDoor.Siggen.34346
2011-12-10 10:50:05 AM Scanner
Info threat has been found /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 10:52:09 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - infected Trojan.Rmnet.8
2011-12-10 10:52:37 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - infected Exploit.CVE2011-3544.2
2011-12-10 10:52:39 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - infected Win32.Rmnet.8
2011-12-10 10:53:08 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - infected Win32.Rmnet.8
2011-12-10 10:53:08 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - infected Win32.Rmnet.8
2011-12-10 10:53:08 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - infected Win32.Rmnet.8
2011-12-10 10:53:08 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - infected Win32.Rmnet.8
2011-12-10 10:53:08 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - infected Win32.Rmnet.8
2011-12-10 10:53:58 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 10:53:59 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - infected Trojan.Rmnet.8
2011-12-10 10:54:04 AM Scanner
Info threat has been found /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 10:56:36 AM Scanner
Info threat has been found /win/C:/Kill'em/ERUNT.exe - infected Win32.Rmnet.8
2011-12-10 10:56:36 AM Scanner
Info threat has been found /win/C:/Kill'em/Pv.exe - infected Win32.Rmnet.8
2011-12-10 10:56:37 AM Scanner
Info threat has been found /win/C:/Kill'em/Swreg.exe - infected Win32.Rmnet.8
2011-12-10 10:56:37 AM Scanner
Info threat has been found /win/C:/Kill'em/Save_Scan/ERDNT.EXE - infected Win32.Rmnet.8
2011-12-10 11:03:36 AM Scanner
Info threat has been found /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 11:13:26 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - infected Win32.Rmnet.8
2011-12-10 11:13:28 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - infected Win32.Rmnet.8
2011-12-10 11:16:01 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - infected Win32.Rmnet.8
2011-12-10 11:18:56 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - infected Win32.Rmnet.8
2011-12-10 11:18:56 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - infected Win32.Rmnet.8
2011-12-10 11:18:58 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - infected Win32.Rmnet.8
2011-12-10 11:19:01 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - infected Win32.Rmnet.8
2011-12-10 11:19:01 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - infected Win32.Rmnet.8
2011-12-10 11:19:01 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - infected Win32.Rmnet.8
2011-12-10 11:19:01 AM Scanner
Info threat has been found /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - infected Win32.Rmnet.8
2011-12-10 11:20:05 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/CoverDesigner/CoverDes.exe - infected Win32.Rmnet.8
2011-12-10 11:20:09 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/ImageDrive/imagedrv.dll - infected Win32.Rmnet.8
2011-12-10 11:20:19 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/NeEm2a.dll - infected Win32.Rmnet.8
2011-12-10 11:20:22 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroCmd.exe - infected Win32.Rmnet.8
2011-12-10 11:20:22 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroCom.dll - infected Win32.Rmnet.8
2011-12-10 11:20:24 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/NeroMediaCon.dll - infected Win32.Rmnet.8
2011-12-10 11:20:29 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/ReadHD32.dll - infected Win32.Rmnet.8
2011-12-10 11:20:31 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero/Uninstall/UNNero.exe - infected Win32.Rmnet.8
2011-12-10 11:20:31 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/BackItUp.exe - infected Win32.Rmnet.8
2011-12-10 11:20:31 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/NBJ.exe - infected Win32.Rmnet.8
2011-12-10 11:20:31 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero BackItUp/NBR.exe - infected Win32.Rmnet.8
2011-12-10 11:20:41 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/CDSpeed.exe - infected Win32.Rmnet.8
2011-12-10 11:20:43 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/DriveSpeed.exe - infected Win32.Rmnet.8
2011-12-10 11:20:43 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/Nero Toolkit/InfoTool.exe - infected Win32.Rmnet.8
2011-12-10 11:20:49 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/WMPBurn/NeroBurnPlugin.dll - infected Win32.Rmnet.8
2011-12-10 11:20:49 AM Scanner
Info threat has been found /win/C:/Program Files/Ahead/WMPBurn/WMPBurn.exe - infected Win32.Rmnet.8
2011-12-10 11:20:53 AM Scanner
Info threat has been found /win/C:/Program Files/epson/escndv/escndv.exe - infected Win32.Rmnet.8
2011-12-10 11:21:46 AM Scanner
Info threat has been found /win/C:/Program Files/epson/TPMANUAL/ESDX6000_CX5900/USE_G/DOCUNINS.EXE - infected Win32.Rmnet.8
2011-12-10 11:22:51 AM Scanner
Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin01.dll - infected Win32.Rmnet.8
2011-12-10 11:22:51 AM Scanner
Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin02.dll - infected Win32.Rmnet.8
2011-12-10 11:22:51 AM Scanner
Info threat has been found /win/C:/Program Files/FastStone Image Viewer/fsplugin03.dll - infected Win32.Rmnet.8
2011-12-10 11:22:52 AM Scanner
Info threat has been found /win/C:/Program Files/FastStone Image Viewer/FSViewer.exe - infected Win32.Rmnet.8
2011-12-10 11:22:54 AM Scanner
Info threat has been found /win/C:/Program Files/FastStone Image Viewer/ZipDll.dll - infected Win32.Rmnet.8
2011-12-10 11:23:22 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Adobe/Calibration/Adobe Gamma Loadermgr.exe - infected Trojan.Rmnet.8
2011-12-10 11:23:58 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Adobe/Web/AOM.exe - infected Win32.Rmnet.8
2011-12-10 11:23:58 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/AudioPlugins/Aac.dll - infected Win32.Rmnet.8
2011-12-10 11:23:59 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/AudioPlugins/msa.dll - infected Win32.Rmnet.8
2011-12-10 11:24:00 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/dvddisc.dll - infected Win32.Rmnet.8
2011-12-10 11:24:04 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/NeEm2a.dll - infected Win32.Rmnet.8
2011-12-10 11:24:05 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/DSFilter/NeNDGui.dll - infected Win32.Rmnet.8
2011-12-10 11:24:12 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroCBUI.dll - infected Win32.Rmnet.8
2011-12-10 11:24:12 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroIPP.dll - infected Win32.Rmnet.8
2011-12-10 11:24:12 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/NeroMediaCon.dll - infected Win32.Rmnet.8
2011-12-10 11:24:13 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Ahead/Lib/specialoffer.exe - infected Win32.Rmnet.8
2011-12-10 11:24:47 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver.exe - infected Win32.Rmnet.8
2011-12-10 11:24:47 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver2.exe - infected Win32.Rmnet.8
2011-12-10 11:24:47 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/objps8.dll - infected Win32.Rmnet.8
2011-12-10 11:24:47 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/IDriver.exe - infected Win32.Rmnet.8
2011-12-10 11:24:48 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/objpscnv.dll - infected Win32.Rmnet.8
2011-12-10 11:24:48 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/engine/6/Intel 32/objectps.dll - infected Win32.Rmnet.8
2011-12-10 11:24:49 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/InstallShield/Professional/RunTime/Objectps.dll - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CMDDEF.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/Compsvcspkg.dll - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CSSPKG.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMDLGS.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMED.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:32 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/MSENV.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:33 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/TRIDSN.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:33 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSBROWSE.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:33 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSTLBINF.DLL - infected Win32.Rmnet.8
2011-12-10 11:26:44 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Proof/1033/MSGR3GE.DLL - infected Win32.Rmnet.8
2011-12-10 11:29:07 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/VC/msdia80.dll - infected Win32.Rmnet.8
2011-12-10 11:29:07 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/VS7DEBUG/coloader.dll - infected Win32.Rmnet.8
2011-12-10 11:29:10 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Web Folders/PKMWS.DLL - infected Win32.Rmnet.8
2011-12-10 11:29:10 AM Scanner
Info threat has been found /win/C:/Program Files/Fichiers communs/Microsoft Shared/Web Folders/1033/NSEXTINT.DLL - infected Win32.Rmnet.8
2011-12-10 11:29:28 AM Scanner
Info threat has been found /win/C:/Program Files/Free Audio Pack/Free CD Ripper/wnaspi32.dll - infected Win32.Rmnet.8
2011-12-10 11:29:29 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth/earthflashsol.exe - infected Win32.Rmnet.8
2011-12-10 11:29:29 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth/googleearth.exe - infected Win32.Rmnet.8
2011-12-10 11:29:30 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 11:29:30 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 11:29:30 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth/SketchUpExporter.dll - infected Win32.Rmnet.8
2011-12-10 11:30:26 Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/earthps.dll - infected Win32.Rmnet.8
2011-12-10 11:30:26 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/geplugin.exe - infected Win32.Rmnet.8
2011-12-10 11:30:27 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 11:30:27 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 11:30:28 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 11:30:28 AM Scanner
Info threat has been found /win/C:/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 11:31:13 AM Scanner
Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/ISSetup.dll - infected Win32.Rmnet.8
2011-12-10 11:31:14 AM Scanner
Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/setup.exe - infected Win32.Rmnet.8
2011-12-10 11:31:14 AM Scanner
Info threat has been found /win/C:/Program Files/InstallShield Installation Information/{FB08F381-6533-4108-B7DD-039E11FBC27E}/Setup.exe - infected Win32.Rmnet.8
2011-12-10 11:31:23 AM Scanner
Info threat has been found /win/C:/Program Files/PDFCreator/vblocal.exe - infected Win32.Rmnet.8
2011-12-10 11:32:03 AM Scanner
Info threat has been found /win/C:/Program Files/Photoshop/JS32.dll - infected Win32.Rmnet.8
2011-12-10 11:32:15 AM Scanner
Info threat has been found /win/C:/Program Files/QuickTime/QTSystem/ExportControllerPS.dll - infected Win32.Rmnet.8
2011-12-10 11:33:54 AM Scanner
Info threat has been found /win/C:/Program Files/SFR/Kit/Drivers/Trio2/dsldrv/gsindi32.dll - infected Win32.Rmnet.8
2011-12-10 11:33:55 AM Scanner
Info threat has been found /win/C:/Program Files/SFR/Kit/Drivers/Wifi_W54LU/unwlsdrv.exe - infected Win32.Rmnet.8
2011-12-10 11:34:43 AM Scanner
Info threat has been found /win/C:/Program Files/Windows Media Player/msoobci.dll - infected Win32.Rmnet.8
2011-12-10 11:34:44 AM Scanner
Info threat has been found /win/C:/Program Files/Windows Media Player/wmsetsdk.exe - infected Win32.Rmnet.8
2011-12-10 11:35:00 AM Scanner
Info threat has been found /win/C:/Program Files/Java/jre6/bin/deploy.dll - infected Win32.Rmnet.8
2011-12-10 11:35:05 AM Scanner
Info threat has been found /win/C:/Program Files/Java/jre6/bin/zip.dll - infected Win32.Rmnet.8
2011-12-10 11:49:16 AM Scanner
Info threat has been found /win/C:/Program Files/Java/jre6/lib/deploy/lzma.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_liba52.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libdts.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libfaad2.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_libmad.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_samplerate.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_tremor.dll - infected Win32.Rmnet.8
2011-12-10 11:50:26 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_unrar.dll - infected Win32.Rmnet.8
2011-12-10 11:50:27 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/ffdshow/ff_wmv9.dll - infected Win32.Rmnet.8
2011-12-10 11:50:37 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/Tools/dsconfig.exe - infected Win32.Rmnet.8
2011-12-10 11:50:37 AM Scanner
Info threat has been found /win/C:/Program Files/K-Lite Codec Pack/Tools/gspot/gspot.exe - infected Win32.Rmnet.8
2011-12-10 11:50:44 AM Scanner
Info threat has been found /win/C:/Program Files/Marvell/Miniport Driver/InstallU.exe - infected Win32.Rmnet.8
2011-12-10 11:54:10 AM Scanner
Info threat has been found /win/C:/Program Files/Microsoft Office/Office12/EXCHCSP.DLL - infected Win32.Rmnet.8
2011-12-10 11:57:07 AM Scanner
Info threat has been found /win/C:/Program Files/Microsoft Office/Office12/ADDINS/OTKLOADR.DLL - infected Win32.Rmnet.8
2011-12-10 12:02:04 PM Scanner
Info threat has been found /win/C:/PRONOTE Réseau 2011/wwwroot/libcef.dll - infected Win32.Rmnet.8
2011-12-10 12:02:09 PM Scanner
Info threat has been found /win/C:/Qoobox/Quarantine/C/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/_gfteseck_.exe.zip - infected Trojan.Rmnet.8
2011-12-10 12:02:09 PM Scanner
Info threat has been found /win/C:/Qoobox/Quarantine/C/Program Files/Avira/AntiVir Desktop/_sched_.exe.zip - infected Trojan.Starter.1695
2011-12-10 12:02:10 PM Scanner
Info threat has been found /win/C:/Qoobox/Quarantine/C/WINDOWS/system32/wuauclt.exe.vir - infected Trojan.Starter.1695
2011-12-10 01:07:55 PM Scanner
Info threat has been found /mnt/disk/sda5/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - infected Win32.Rmnet.8
2011-12-10 01:09:20 PM Scanner
Info threat has been found /mnt/disk/sda5/jeux/PacWorld/PacWorld.exe - infected Win32.Rmnet.8
2011-12-10 01:09:21 PM Scanner
Info threat has been found /mnt/disk/sda5/jeux/échecs/engine.exe - infected Win32.Rmnet.8
2011-12-10 01:09:21 PM Scanner
Info threat has been found /mnt/disk/sda5/jeux/échecs/UNWISE.EXE - infected Win32.Rmnet.8
2011-12-10 01:36:19 PM Scanner
Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/Setup.exe - infected Win32.Rmnet.8
2011-12-10 01:36:19 PM Scanner
Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - infected Win32.Rmnet.8
2011-12-10 01:36:19 PM Scanner
Info threat has been found /mnt/disk/sda5/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - infected Win32.Rmnet.8
2011-12-10 01:36:20 PM Scanner
Info threat has been found /mnt/disk/sda5/ptis trucs/Fleuves.exe - infected Win32.Rmnet.8
2011-12-10 01:37:58 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/frphotoshop6to.exe - infected Win32.Rmnet.8
2011-12-10 01:39:28 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - infected Win32.Rmnet.8
2011-12-10 01:39:28 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - infected Win32.Rmnet.8
2011-12-10 01:40:06 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - infected Win32.Rmnet.8
2011-12-10 01:42:14 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/Setup.exe - infected Win32.Rmnet.8
2011-12-10 01:42:14 PMScanner
Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/_ISDel.exe - infected Win32.Rmnet.8
2011-12-10 01:42:14 PM Scanner
Info threat has been found /mnt/disk/sda5/utilitaires/Illustrator9fr/_Setup.dll - infected Win32.Rmnet.8
2011-12-10 02:37:05 PM Scanner
Info threat has been found /mnt/disk/sda1/Qoobox.zip - infected Trojan.Starter.1695, BackDoor.Siggen.34346
2011-12-10 02:40:54 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 02:42:58 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - infected Trojan.Rmnet.8
2011-12-10 02:43:26 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - infected Exploit.CVE2011-3544.2
2011-12-10 02:43:27 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - infected Win32.Rmnet.8
2011-12-10 02:43:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - infected Win32.Rmnet.8
2011-12-10 02:43:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - infected Win32.Rmnet.8
2011-12-10 02:43:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - infected Win32.Rmnet.8
2011-12-10 02:43:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - infected Win32.Rmnet.8
2011-12-10 02:43:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - infected Win32.Rmnet.8
2011-12-10 02:44:46 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 02:44:47 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - infected Trojan.Rmnet.8
2011-12-10 02:44:52 PM Scanner
Info threat has been found /mnt/disk/sda1/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - infected Trojan.Rmnet.8
2011-12-10 02:47:21 PM Scanner
Info threat has been found /mnt/disk/sda1/Kill'em/ERUNT.exe - infected Win32.Rmnet.8
2011-12-10 02:47:21 PM Scanner
Info threat has been found /mnt/disk/sda1/Kill'em/Pv.exe - infected Win32.Rmnet.8
2011-12-10 02:47:22 PM Scanner
Info threat has been found /mnt/disk/sda1/Kill'em/Swreg.exe - infected Win32.Rmnet.8
2011-12-10 02:47:22 PM Scanner
Info threat has been found /mnt/disk/sda1/Kill'em/Save_Scan/ERDNT.EXE - infected Win32.Rmnet.8
2011-12-10 02:54:38 PM Scanner
Info threat has been found /mnt/disk/sda1/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 03:04:29 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Illustrator 9.0/coldware.dll - infected Win32.Rmnet.8
2011-12-10 03:04:31 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Illustrator 9.0/Sangam.dll - infected Win32.Rmnet.8
2011-12-10 03:07:05 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Photoshop 7.0/JS32.dll - infected Win32.Rmnet.8
2011-12-10 03:10:01 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - infected Win32.Rmnet.8
2011-12-10 03:10:01 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - infected Win32.Rmnet.8
2011-12-10 03:10:03 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - infected Win32.Rmnet.8
2011-12-10 03:10:06 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - infected Win32.Rmnet.8
2011-12-10 03:10:06 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - infected Win32.Rmnet.8
2011-12-10 03:10:06 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - infected Win32.Rmnet.8
2011-12-10 03:10:06 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - infected Win32.Rmnet.8
2011-12-10 03:11:10 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/CoverDesigner/CoverDes.exe - infected Win32.Rmnet.8
2011-12-10 03:11:14 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/ImageDrive/imagedrv.dll - infected Win32.Rmnet.8
2011-12-10 03:11:23 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeEm2a.dll - infected Win32.Rmnet.8
2011-12-10 03:11:26 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroCmd.exe - infected Win32.Rmnet.8
2011-12-10 03:11:26 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroCom.dll - infected Win32.Rmnet.8
2011-12-10 03:11:29 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/NeroMediaCon.dll - infected Win32.Rmnet.8
2011-12-10 03:11:34 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/ReadHD32.dll - infected Win32.Rmnet.8
2011-12-10 03:11:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero/Uninstall/UNNero.exe - infected Win32.Rmnet.8
2011-12-10 03:11:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/BackItUp.exe - infected Win32.Rmnet.8
2011-12-10 03:11:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/NBJ.exe - infected Win32.Rmnet.8
2011-12-10 03:11:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero BackItUp/NBR.exe - infected Win32.Rmnet.8
2011-12-10 03:11:46 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/CDSpeed.exe - infected Win32.Rmnet.8
2011-12-10 03:11:47 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/DriveSpeed.exe - infected Win32.Rmnet.8
2011-12-10 03:11:48 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/Nero Toolkit/InfoTool.exe - infected Win32.Rmnet.8
2011-12-10 03:11:54 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/WMPBurn/NeroBurnPlugin.dll - infected Win32.Rmnet.8
2011-12-10 03:11:54 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Ahead/WMPBurn/WMPBurn.exe - infected Win32.Rmnet.8
2011-12-10 03:11:58 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/epson/escndv/escndv.exe - infected Win32.Rmnet.8
2011-12-10 03:12:52 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/epson/TPMANUAL/ESDX6000_CX5900/USE_G/DOCUNINS.EXE - infected Win32.Rmnet.8
2011-12-10 03:13:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin01.dll - infected Win32.Rmnet.8
2011-12-10 03:13:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin02.dll - infected Win32.Rmnet.8
2011-12-10 03:13:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/fsplugin03.dll - infected Win32.Rmnet.8
2011-12-10 03:13:57 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/FSViewer.exe - infected Win32.Rmnet.8
2011-12-10 03:14:00 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/FastStone Image Viewer/ZipDll.dll - infected Win32.Rmnet.8
2011-12-10 03:14:27 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Adobe/Calibration/Adobe Gamma Loadermgr.exe - infected Trojan.Rmnet.8
2011-12-10 03:15:03 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Adobe/Web/AOM.exe - infected Win32.Rmnet.8
2011-12-10 03:15:03 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/AudioPlugins/Aac.dll - infected Win32.Rmnet.8
2011-12-10 03:15:05 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/AudioPlugins/msa.dll - infected Win32.Rmnet.8
2011-12-10 03:15:05 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/dvddisc.dll - infected Win32.Rmnet.8
2011-12-10 03:15:10 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/NeEm2a.dll - infected Win32.Rmnet.8
2011-12-10 03:15:10 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/DSFilter/NeNDGui.dll - infected Win32.Rmnet.8
2011-12-10 03:15:18 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroCBUI.dll - infected Win32.Rmnet.8
2011-12-10 03:15:18 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroIPP.dll - infected Win32.Rmnet.8
2011-12-10 03:15:18 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/NeroMediaCon.dll - infected Win32.Rmnet.8
2011-12-10 03:15:18 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Ahead/Lib/specialoffer.exe - infected Win32.Rmnet.8
2011-12-10 03:15:53 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver.exe - infected Win32.Rmnet.8
2011-12-10 03:15:53 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/IDriver2.exe - infected Win32.Rmnet.8
2011-12-10 03:15:53 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/8/Intel 32/objps8.dll - infected Win32.Rmnet.8
2011-12-10 03:15:53 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/IDriver.exe - infected Win32.Rmnet.8
2011-12-10 03:15:53 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Driver/9/Intel 32/objpscnv.dll - infected Win32.Rmnet.8
2011-12-10 03:15:54 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/engine/6/Intel 32/objectps.dll - infected Win32.Rmnet.8
2011-12-10 03:15:54 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/InstallShield/Professional/RunTime/Objectps.dll - infected Win32.Rmnet.8
2011-12-10 03:17:39 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CMDDEF.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/Compsvcspkg.dll - infected Win32.Rmnet.8
2011-12-10 03:17:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/CSSPKG.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMDLGS.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/HTMED.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/MSENV.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:41 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/TRIDSN.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:41 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSBROWSE.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:41 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/OFFICE12/VS Runtime/VSTLBINF.DLL - infected Win32.Rmnet.8
2011-12-10 03:17:52 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Proof/1033/MSGR3GE.DLL - infected Win32.Rmnet.8
2011-12-10 03:20:16 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/VC/msdia80.dll - infected Win32.Rmnet.8
2011-12-10 03:20:17 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/VS7DEBUG/coloader.dll - infected Win32.Rmnet.8
2011-12-10 03:20:20 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Web Folders/PKMWS.DLL - infected Win32.Rmnet.8
2011-12-10 03:20:20 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Fichiers communs/Microsoft Shared/Web Folders/1033/NSEXTINT.DLL - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Free Audio Pack/Free CD Ripper/wnaspi32.dll - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/earthflashsol.exe - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/googleearth.exe - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 03:20:40 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth/SketchUpExporter.dll - infected Win32.Rmnet.8
2011-12-10 03:21:35 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/earthps.dll - infected Win32.Rmnet.8
2011-12-10 03:21:35 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/geplugin.exe - infected Win32.Rmnet.8
2011-12-10 03:21:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 03:21:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 03:21:36 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcp80.dll - infected Win32.Rmnet.8
2011-12-10 03:21:37 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Google/Google Earth Plugin/ie/5.0.11738.1858/msvcr80.dll - infected Win32.Rmnet.8
2011-12-10 03:22:21 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/ISSetup.dll - infected Win32.Rmnet.8
2011-12-10 03:22:21 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{B279DFD9-284C-40D4-8316-B72533B36F93}/setup.exe - infected Win32.Rmnet.8
2011-12-10 03:22:22 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/InstallShield Installation Information/{FB08F381-6533-4108-B7DD-039E11FBC27E}/Setup.exe - infected Win32.Rmnet.8
2011-12-10 03:22:31 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/PDFCreator/vblocal.exe - infected Win32.Rmnet.8
2011-12-10 03:23:12 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Photoshop/JS32.dll - infected Win32.Rmnet.8
2011-12-10 03:23:24 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/QuickTime/QTSystem/ExportControllerPS.dll - infected Win32.Rmnet.8
2011-12-10 03:25:04 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/SFR/Kit/Drivers/Trio2/dsldrv/gsindi32.dll - infected Win32.Rmnet.8
2011-12-10 03:25:05 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/SFR/Kit/Drivers/Wifi_W54LU/unwlsdrv.exe - infected Win32.Rmnet.8
2011-12-10 03:25:52 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Windows Media Player/msoobci.dll - infected Win32.Rmnet.8
2011-12-10 03:25:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Windows Media Player/wmsetsdk.exe - infected Win32.Rmnet.8
2011-12-10 03:26:09 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/bin/deploy.dll - infected Win32.Rmnet.8
2011-12-10 03:26:14 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/bin/zip.dll - infected Win32.Rmnet.8
2011-12-10 03:40:35 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Java/jre6/lib/deploy/lzma.dll - infected Win32.Rmnet.8
2011-12-10 03:41:44 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_liba52.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libdts.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libfaad2.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_libmad.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_samplerate.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_tremor.dll - infected Win32.Rmnet.8
2011-12-10 03:41:45 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_unrar.dll - infected Win32.Rmnet.8
2011-12-10 03:41:46 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/ffdshow/ff_wmv9.dll - infected Win32.Rmnet.8
2011-12-10 03:41:55 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/Tools/dsconfig.exe - infected Win32.Rmnet.8
2011-12-10 03:41:56 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/K-Lite Codec Pack/Tools/gspot/gspot.exe - infected Win32.Rmnet.8
2011-12-10 03:42:03 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Marvell/Miniport Driver/InstallU.exe - infected Win32.Rmnet.8
2011-12-10 03:45:27 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Microsoft Office/Office12/EXCHCSP.DLL - infected Win32.Rmnet.8
2011-12-10 03:48:24 PM Scanner
Info threat has been found /mnt/disk/sda1/Program Files/Microsoft Office/Office12/ADDINS/OTKLOADR.DLL - infected Win32.Rmnet.8
2011-12-10 03:53:20 PM Scanner
Info threat has been found /mnt/disk/sda1/PRONOTE Réseau 2011/wwwroot/libcef.dll - infected Win32.Rmnet.8
2011-12-10 03:53:25 PM Scanner
Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/_gfteseck_.exe.zip - infected Trojan.Rmnet.8
2011-12-10 03:53:25 PM Scanner
Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/Program Files/Avira/AntiVir Desktop/_sched_.exe.zip - infected Trojan.Starter.1695
2011-12-10 03:53:26 PM Scanner
Info threat has been found /mnt/disk/sda1/Qoobox/Quarantine/C/WINDOWS/system32/wuauclt.exe.vir - infected Trojan.Starter.1695
2011-12-10 05:04:39 PM Scanner
Info Scanning finished
2011-12-10 05:59:20 PM Scanner
Info /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - cured
2011-12-10 05:59:20 PM Scanner
Info /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll - cured
2011-12-10 05:59:20 PM Scanner
Info /win/D:/jeux/PacWorld/PacWorld.exe - cured
2011-12-10 05:59:20 PM Scanner
Info /win/D:/jeux/PacWorld/PacWorld.exe - cured
2011-12-10 05:59:20 PM Scanner
Info /win/D:/jeux/échecs/engine.exe - cured
2011-12-10 05:59:20 PM Scanner
Info /win/D:/jeux/échecs/engine.exe - cured
2011-12-10 05:59:21 PM Scanner
Info /win/D:/jeux/échecs/UNWISE.EXE - cured
2011-12-10 05:59:21 PM Scanner
Info /win/D:/jeux/échecs/UNWISE.EXE - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - cured
2011-12-10 05:59:22 PM Scanner
Info /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll - cured
2011-12-10 05:59:23 PM Scanner
Info /win/D:/ptis trucs/Fleuves.exe - cured
2011-12-10 05:59:23 PM Scanner
Info /win/D:/ptis trucs/Fleuves.exe - cured
2011-12-10 05:59:29 PM Scanner
Info /win/D:/utilitaires/frphotoshop6to.exe - cured
2011-12-10 05:59:31 PM Scanner
Info /win/D:/utilitaires/frphotoshop6to.exe - cured
2011-12-10 05:59:31 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - cured
2011-12-10 05:59:31 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll - cured
2011-12-10 05:59:32 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - cured
2011-12-10 05:59:32 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll - cured
2011-12-10 05:59:32 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - cured
2011-12-10 05:59:32 PM Scanner
Info /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe - cured
2011-12-10 06:24:21 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/Setup.exe - cured
2011-12-10 06:24:21 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/Setup.exe - cured
2011-12-10 06:24:21 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - cured
2011-12-10 06:24:21 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/_ISDel.exe - cured
2011-12-10 06:24:22 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/_Setup.dll - cured
2011-12-10 06:24:22 PM Scanner
Info /win/D:/utilitaires/Illustrator9fr/_Setup.dll - cured
2011-12-10 06:24:26 PM Scanner
Info cured 15 files: /win/D:/EPS/divers/APSA/++musculation--/FPC muscu/Nouveau dossier/gdiplus.dll, /win/D:/Photoshop/Photoshop 7/Photoshop7/Setup.exe, /win/D:/Photoshop/Photoshop 7/Photoshop7/_ISDel.exe, /win/D:/Photoshop/Photoshop 7/Photoshop7/_Setup.dll, /win/D:/jeux/PacWorld/PacWorld.exe, /win/D:/jeux/échecs/UNWISE.EXE, /win/D:/jeux/échecs/engine.exe, /win/D:/ptis trucs/Fleuves.exe, /win/D:/utilitaires/Adobe PremierePro/DirectX9/DSETUP.dll, /win/D:/utilitaires/Adobe PremierePro/DirectX9/dsetup32.dll, /win/D:/utilitaires/Adobe PremierePro/DirectX9/dxsetup.exe, /win/D:/utilitaires/Illustrator9fr/Setup.exe, /win/D:/utilitaires/Illustrator9fr/_ISDel.exe, /win/D:/utilitaires/Illustrator9fr/_Setup.dll, /win/D:/utilitaires/frphotoshop6to.exe;
2011-12-10 06:24:46 PM Scanner
Info /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
2011-12-10 06:24:46 PM Scanner
Info /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
2011-12-10 06:24:46 PM Scanner
Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - deleted
2011-12-10 06:24:46 PM Scanner
Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d - deleted
2011-12-10 06:24:51 PM Scanner
Info removed 2 files: /win/C:/Documents and Settings/Default User/Menu Démarrer/Programmes/Démarrage/gfteseck.exe, /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/43/14aedf2b-5823bb6d;
2011-12-10 06:24:54 PM Scanner
Info /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - cured
2011-12-10 06:24:54 PM Scanner
Info /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe - cured
2011-12-10 06:24:54 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - cured
2011-12-10 06:24:54 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - cured
2011-12-10 06:24:55 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe - cured
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - cured
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe - cured
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - deleted
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe - deleted
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - deleted
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe - deleted
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
2011-12-10 06:24:56 PM Scanner
Info /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe - deleted
2011-12-10 06:24:59 PM Scanner
Info cured 6 files: /win/C:/Documents and Settings/ivan/Application Data/U3/temp/cleanup.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0159537.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165783.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0165784.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/A0167434.exe, /win/C:/Documents and Settings/ivan/DoctorWeb/Quarantine/LogTransport2.exe;removed 3 files: /win/C:/Documents and Settings/ivan/Local Settings/Application Data/xccriesw/gfteseck.exe, /win/C:/Documents and Settings/ivan/Local Settings/temp/xnocxgbtcwaruprg.exe, /win/C:/Documents and Settings/ivan/Menu Démarrer/Programmes/Démarrage/gfteseck.exe;
2011-12-10 06:25:37 PM Scanner
Info /win/C:/Qoobox.zip - moved to Quarantine
2011-12-10 06:25:41 PM Scanner
Info moved 1 files to Quarantine: /win/C:/Qoobox.zip;
2011-12-10 06:26:19 PM Scanner
Info /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248 - moved to Quarantine
2011-12-10 06:26:24 PM Scanner Info moved 1 files to Quarantine: /win/C:/Documents and Settings/ivan/Application Data/Sun/Java/Deployment/cache/6.0/8/2c4b3848-2aa38248;
2011-12-10 06:26:55 PM Scanner Info /win/C:/Kill'em/ERUNT.exe - cured
2011-12-10 06:26:56 PM Scanner Info /win/C:/Kill'em/ERUNT.exe - cured
2011-12-10 06:26:59 PM Scanner Info /win/C:/Kill'em/Swreg.exe - cured
2011-12-10 06:26:59 PM Scanner Info /win/C:/Kill'em/Swreg.exe - cured
2011-12-10 06:27:00 PM Scanner Info cured 2 files: /win/C:/Kill'em/ERUNT.exe, /win/C:/Kill'em/Swreg.exe;
2011-12-10 06:27:04 PM Scanner Info /win/C:/Kill'em/Pv.exe - cured
2011-12-10 06:27:04 PM Scanner Info /win/C:/Kill'em/Pv.exe - cured
2011-12-10 06:27:09 PM Scanner Info cured 1 files: /win/C:/Kill'em/Pv.exe;
2011-12-10 06:27:50 PM Scanner
Info /win/C:/Kill'em/Save_Scan/ERDNT.EXE - cured
2011-12-10 06:27:54 PM Scanner
Info cured 1 files: /win/C:/Kill'em/Save_Scan/ERDNT.EXE;
2011-12-10 06:28:19 PM Scanner
Info /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/MSOCache/All Users/{90120000-006E-040C-0000-0000000FF1CE}-C/msvcr80.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Illustrator 9.0/coldware.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Illustrator 9.0/Sangam.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Photoshop 7.0/JS32.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/AGM.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ACE.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/Onix32.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/BIB.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/ccme_base.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - cured
2011-12-10 06:28:19 PM Scanner
Info /win/C:/Program Files/Adobe/Reader 9.0/Reader/cryptocme2.dll - cured
2011-12-10 06:28:19 PM Sc
0
Réponse 8 / 35
Utilisateur anonyme
10 déc. 2011 à 20:12
Télécharge ici :OTL

enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.

=> Clique ici pour voir la Configuration

▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"

netsvcs
safebootminimal
safebootnetwork
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.ini
%systemroot%\Tasks\*.*
%systemroot%\system32\Tasks\*.*
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\config\*.exe /s
%systemroot%\system32\*.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s
CREATERESTOREPOINT

▶ Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

heberge OTL.txt et extra.txt sur http://pjjoint.malekal.com et donne les liens
0
Réponse 9 / 35
ivan01
10 déc. 2011 à 20:38
voila pour OTL.txt :
http://pjjoint.malekal.com/files.php?id=20111210_j15e14l10k13h5


et pour extra.txt :
http://pjjoint.malekal.com/files.php?id=20111210_u14v10e12j8x8
0
Réponse 10 / 35
Utilisateur anonyme
10 déc. 2011 à 20:47
trop bizarres tes rapports....


fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 11 / 35
ivan01
10 déc. 2011 à 21:21
voilà le rapport, l'analyse s'est déroulée sans dommages, et plus aucun résultats positifs... tu peux me dire pq les rapports sont bizarres?

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8348

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10/12/2011 21:16:21
mbam-log-2011-12-10 (21-16-21).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 214733
Temps écoulé: 20 minute(s), 44 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 12 / 35
Utilisateur anonyme
10 déc. 2011 à 21:30
clique sur tes liens tu verras :)
0
Réponse 13 / 35
ivan01
10 déc. 2011 à 21:37
ah ouais en effet!
on essaye comme ça

OTL.txt :
http://pjjoint.malekal.com/files.php?id=OTL_20111210_s9x5y6e15b9

extras.txt :
http://pjjoint.malekal.com/files.php?id=OTL_Extras_20111210_y10e6z14x14i7
0
Réponse 14 / 35
Utilisateur anonyme
10 déc. 2011 à 21:47
ouaip' ^^

t'as pas respecté la config que j'ai demandé ^^
0
Réponse 15 / 35
ivan01
10 déc. 2011 à 21:50
arf, j'y retourne alors, mais je vois pas ce que j'ai zappé...
je vais essayer de trouver
0
Réponse 16 / 35
ivan01
10 déc. 2011 à 22:00
autant pour moi...

voilà OTL.txt :
http://pjjoint.malekal.com/files.php?id=OTL_20111210_k515v10f15p15

et extras.txt :
http://pjjoint.malekal.com/files.php?id=OTL_Extras_20111210_j126e7n14g5
0
Réponse 17 / 35
Utilisateur anonyme
10 déc. 2011 à 22:26
ok desinstalle adobe reader 9

==========================

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

C:\WINDOWS\System32\rhemtarx.dll
C:\WINDOWS\autoload.exe

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.

============================

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
FF - prefs.js..browser.search.defaultthis.engineName: "eslprintables Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2215634&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "eslprintables Customized Web Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
[2009/10/06 16:08:16 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\ivan\Application Data\Mozilla\Firefox\Profiles\brl58omf.default\searchplugins\conduit.xml
O4 - HKU\S-1-5-21-1993962763-1770027372-725345543-1003\..\Run: [GftEseck] C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw\gfteseck.exe File not found
O4 - HKU\.DEFAULT\..\Run: [GftEseck] C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw\gfteseck.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\System32\Userinit.exe,"

:Files
C:\Users\mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw
C:\Documents and Settings\ivan\DoctorWeb

:commands
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur "Correction" pour lancer la suppression.


▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 18 / 35
ivan01
10 déc. 2011 à 22:47
voilà pour les analyses
pour C:\WINDOWS\System32\rhemtarx.dll

http://www.virustotal.com/file-scan/report.html?id=279070473d6b68320ba83ef00951b8a5b3c60b64b84a7539efca566db6694ed6-1323552477

en lancant l'analyse de C:\WINDOWS\autoload.exe , il me dit que ce fichier a deja été analysé (!?) ; je lui demande de réanalyser et voilà ce que ça donne

http://www.virustotal.com/file-scan/report.html?id=237bf4b68d6260a9343815e922543cad78cc4261f911b3dd5c994a745430ed93-1323552626


et voilà le rapport de OTL après reboot :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: "eslprintables Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2215634&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "eslprintables Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
C:\Documents and Settings\ivan\Application Data\Mozilla\Firefox\Profiles\brl58omf.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-1993962763-1770027372-725345543-1003\\Software\Microsoft\Windows\CurrentVersion\Run\\GftEseck deleted successfully.
Registry value HKEY_USERS\.DEFAULT\\Software\Microsoft\Windows\CurrentVersion\Run\\GftEseck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\Windows\System32\Userinit.exe," /E : value set successfully!
========== FILES ==========
File\Folder C:\Users\mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk not found.
C:\Documents and Settings\ivan\Local Settings\Application Data\xccriesw folder moved successfully.
C:\Documents and Settings\ivan\DoctorWeb\Quarantine folder moved successfully.
C:\Documents and Settings\ivan\DoctorWeb folder moved successfully.
========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: ivan
->Temp folder emptied: 3663 bytes
->Temporary Internet Files folder emptied: 22350423 bytes
->Java cache emptied: 903410 bytes
->FireFox cache emptied: 61375343 bytes
->Flash cache emptied: 880 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 9011334 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 29899 bytes
->Flash cache emptied: 405 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134506 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 439 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 91,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12102011_224338

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 19 / 35
ivan01
10 déc. 2011 à 23:05
je reprends demain je vais arrêter l'ordi

merci encore pour tout le temps que tu passes sur mon cas, et pour les autres aussi!
0
Réponse 20 / 35
Utilisateur anonyme
10 déc. 2011 à 23:05
supprime C:\WINDOWS\autoload.exe
0