Sujet Précédent Sujet Suivant

[virus] win 32 help

Yipiyoyipiye -  
 yipiyoyipiye -
Salut à tous, j'ai besoin de votre aide pour me débarrasser de win32...

Voilà le scan de hijack this

Logfile of HijackThis v1.99.1
Scan saved at 14:26:40, on 08/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\PokerOffice\bin\javaw.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\egnt.exe
C:\Program Files\Fichiers communs\{54A58EF0-067E-1036-0511-060221060021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\DOCUME~1\Laurent\LOCALS~1\Temp\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: C:\WINDOWS\system32\zsPeCrypt.dll - {8A5849C4-93F3-429D-FF34-660A2068897C} - C:\WINDOWS\system32\zsPeCrypt.dll
O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{34A58~1\888Bar.dll
O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{34A58~1\888Bar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [WINDOWS] C:\egnt.exe
O4 - HKLM\..\Run: [7v3j] C:\WINDOWS\system32\z1968.exe gdtgh
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Recoveru systems] C:\DOCUME~1\Laurent\LOCALS~1\Temp\svchost.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: hksrv.dll - {8D6E0873-AB8A-4D70-BE23-095CE9232D09} - hksrv.dll (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
A voir également:

17 réponses

Réponse 1 / 17
Yipiyoyipiye
 
help please
0
Réponse 2 / 17
Utilisateur anonyme
 
Salut

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/
0
Réponse 3 / 17
yipiyoyipiye
 
Salut, voilà le rapport

Scanned File

Status

C:\Documents and Settings\Laurent\Local Settings\Temp\1174166022.exe

Suspected of: Generic.Malware.Bdld.F7915FBE

C:\Documents and Settings\Laurent\Local Settings\Temp\1174166022.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1174166022.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1273500982.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1273500982.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1273500982.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\138050396.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\138050396.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\138050396.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1391963916.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1391963916.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1391963916.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\147334404.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\147334404.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\147334404.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1638068538.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1638068538.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1638068538.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1791507562.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1791507562.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1791507562.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\183279324.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\183279324.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\183279324.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1866800396.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1866800396.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1866800396.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\1915583100.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\1915583100.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\1915583100.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\2031571468.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\2031571468.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\2031571468.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\2052326151.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\2052326151.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\2052326151.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\2284413048.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\2284413048.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\2284413048.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\2561600526.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\2561600526.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\2561600526.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\2622160140.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\2622160140.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\2622160140.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\364543864.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\364543864.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\364543864.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\37062006.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\37062006.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\37062006.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\401175374.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\401175374.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\401175374.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\495838482.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\495838482.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\495838482.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\662817822.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\662817822.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\662817822.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\692203716.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\692203716.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\692203716.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\96996620.exe

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temp\96996620.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\96996620.exe

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temp\svchost.exe

Infected with: Generic.Malware.Sdld!.71778384

C:\Documents and Settings\Laurent\Local Settings\Temp\svchost.exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temp\svchost.exe

Delete failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\rd[1].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\rd[1].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\rd[1].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\textbox[1].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\textbox[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\ALPF3SQW\textbox[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\mi[1].txt

Infected with: Trojan.Downloader.Agent.BCA

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\mi[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\mi[3].txt

Infected with: Trojan.Downloader.Agent.BCA

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\mi[3].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[1].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[1].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[1].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[2].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[2].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[2].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[4].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[4].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\rd[4].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\textbox[1].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\textbox[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\textbox[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[1].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[2].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[2].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[2].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[3].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[3].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\DVAMGSCK\wi[3].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[1].mp4

Infected with: Worm.IM.Licat.I

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[1].mp4

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[1].mp4

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[2].mp4

Infected with: Worm.IM.Licat.I

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[2].mp4

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\joke[2].mp4

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\mi[1].txt

Infected with: Trojan.Downloader.Agent.BCA

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\mi[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\rd[1].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\rd[1].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\rd[1].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[1].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[2].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[2].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[2].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[3].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[3].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\U4KAQ8FL\textbox[3].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[1].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[1].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[1].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[2].htm

Suspected of: Dropped:Generic.Malware.Bdld.A45BB228

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[2].htm

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\rd[2].htm

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[1].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[2].txt

Infected with: Trojan.Spambot.DQ

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[2].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\textbox[2].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[1].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[1].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[1].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[2].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[2].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[2].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[3].txt

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[3].txt

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\wi[3].txt

Deleted

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\www[1].exe

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\www[1].exe

Disinfection failed

C:\Documents and Settings\Laurent\Local Settings\Temporary Internet Files\Content.IE5\V51X4VCJ\www[1].exe

Deleted

C:\Documents and Settings\Laurent\winstall.exe

Infected with: Dropped:Trojan.Purityad.E

C:\Documents and Settings\Laurent\winstall.exe

Disinfection failed

C:\Documents and Settings\Laurent\winstall.exe

Deleted

C:\Documents and Settings\Laurent\ysetup.exe

Infected with: Worm.IM.Licat.I

C:\Documents and Settings\Laurent\ysetup.exe

Disinfection failed

C:\Documents and Settings\Laurent\ysetup.exe

Deleted

C:\egnt.exe

Infected with: MemScan:Backdoor.Agent.II

C:\egnt.exe

Disinfection failed

C:\egnt.exe

Delete failed

C:\namn.exe

Infected with: Trojan.Spy.Sheriff.C

C:\namn.exe

Disinfection failed

C:\namn.exe

Deleted

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll

Infected with: Generic.PWStealer.AE883234

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll

Disinfection failed

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll

Deleted

C:\Program Files\MSN Messenger\msnmsgr.exe

Infected with: Backdoor.MSNMaker.AA

C:\Program Files\MSN Messenger\msnmsgr.exe

Disinfection failed

C:\Program Files\MSN Messenger\msnmsgr.exe

Delete failed

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\system.dll

Infected with: Trojan.Downloader.AQW

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\system.dll

Disinfection failed

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\system.dll

Deleted

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\Update.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\Update.exe

Disinfection failed

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc157\Update.exe

Deleted

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\system.dll

Infected with: Trojan.Downloader.AQW

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\system.dll

Disinfection failed

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\system.dll

Deleted

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\Update.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\Update.exe

Disinfection failed

C:\RECYCLER\S-1-5-21-139329984-3171950058-1767654482-1006\Dc158\Update.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040976.exe

Infected with: Generic.Malware.SFM!Ydoe.F6F3149E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040976.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040976.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040977.exe

Infected with: Trojan.Downloader.Agent.MO

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040977.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040977.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0041975.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0041975.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0041976.exe

Infected with: Trojan.Spambot.DQ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0041976.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0041976.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042974.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042974.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042977.exe

Infected with: Trojan.PWS.Sinowal.B

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042977.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042977.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042978.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042978.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042978.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042980.exe

Infected with: Trojan.Downloader.Agent.MO

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042980.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0042980.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044974.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044974.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044978.exe

Infected with: Trojan.Spambot.DQ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044978.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044978.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044980.dll

Infected with: Generic.PWStealer.AE883234

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044980.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044980.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044982.exe

Infected with: Trojan.PWS.Sinowal.B

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044982.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0044982.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045973.exe

Infected with: MemScan:Backdoor.Agent.II

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045973.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045973.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045974.exe

Infected with: Worm.IM.Licat.I

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045974.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045974.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045975.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045975.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045976.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045976.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045976.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045977.exe

Infected with: MemScan:Backdoor.Agent.II

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045977.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045977.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045978.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045978.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045978.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045979.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045979.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045979.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045980.exe

Infected with: Trojan.Downloader.Agent.MO

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045980.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045980.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045982.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045982.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045982.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045983.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045983.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045983.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045984.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045984.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045984.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045985.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045985.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045985.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045986.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045986.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045986.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045987.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045987.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045987.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045988.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045988.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045988.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045989.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045989.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045989.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045990.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045990.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045990.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045991.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045991.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045991.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045992.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045992.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045992.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045993.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045993.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045993.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045994.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045994.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045994.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045995.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045995.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045995.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045999.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0045999.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046000.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046000.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046000.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046003.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046003.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046003.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046974.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046974.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046974.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046975.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046975.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046975.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046992.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046992.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046996.dll

Infected with: Generic.PWStealer.AE883234

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046996.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0046996.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047974.exe

Infected with: Worm.IM.Licat.I

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047974.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047974.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047975.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047975.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047976.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047976.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0047976.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048070.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048070.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048070.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048071.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048071.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048071.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048072.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048072.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048072.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048073.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048073.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048073.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048074.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048074.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048074.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048075.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048075.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048075.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048078.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048078.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048079.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048079.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048079.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048081.exe

Infected with: Trojan.Spambot.DQ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048081.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0048081.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049069.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049069.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049069.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049070.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049070.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049070.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049073.exe

Infected with: Worm.IM.Licat.I

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049073.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049073.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049074.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049074.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049075.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049075.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049075.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049992.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049992.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049992.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049993.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049993.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049993.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049996.exe

Infected with: Worm.IM.Licat.I

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049996.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049996.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049997.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049997.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049998.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049998.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0049998.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050001.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050001.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050001.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050992.exe

Infected with: Trojan.Downloader.Agent.BCA

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050992.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050994.exe

Infected with: Dropped:Trojan.Purityad.E

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050994.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050994.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050995.exe

Infected with: Worm.IM.Licat.I

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050995.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050995.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050996.exe

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050996.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050996.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050997.dll

Infected with: Generic.PWStealer.AE883234

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050997.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050997.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050998.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050998.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050998.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050999.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050999.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0050999.exe

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051000.dll

Infected with: Trojan.Downloader.AQW

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051000.dll

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051000.dll

Deleted

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051001.exe

Infected with: Trojan.Downloader.Agent.ZZ

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051001.exe

Disinfection failed

C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051001.exe

Deleted

C:\WINDOWS\system32\dfcpr.dll=>(Quarantine-PE)

Infected with: Generic.Malware.SFM!Ydoe.F6F3149E

C:\WINDOWS\system32\dfcpr.dll=>(Quarantine-PE)

Disinfection failed

C:\WINDOWS\system32\dfcpr.dll=>(Quarantine-PE)

Deleted

C:\WINDOWS\system32\nfomon\nfo.ocx

Detected with: Adware.Promulgate

C:\WINDOWS\system32\nfomon\nfo.ocx

Disinfection failed

C:\WINDOWS\system32\nfomon\nfo.ocx

Deleted

C:\WINDOWS\system32\prsvc.exe

Infected with: Generic.Malware.SFM!Ydoe.F6F3149E

C:\WINDOWS\system32\prsvc.exe

Disinfection failed

C:\WINDOWS\system32\prsvc.exe

Deleted

C:\WINDOWS\system32\z1824.exe

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z1824.exe

Disinfection failed

C:\WINDOWS\system32\z1824.exe

Deleted

C:\WINDOWS\system32\z1925.exe

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z1925.exe

Disinfection failed

C:\WINDOWS\system32\z1925.exe

Deleted

C:\WINDOWS\system32\z1968.exe

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z1968.exe

Disinfection failed

C:\WINDOWS\system32\z1968.exe

Deleted

C:\WINDOWS\system32\z3283.dll

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z3283.dll

Disinfection failed

C:\WINDOWS\system32\z3283.dll

Deleted

C:\WINDOWS\system32\z3395.dll

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z3395.dll

Disinfection failed

C:\WINDOWS\system32\z3395.dll

Deleted

C:\WINDOWS\system32\z3875.dll

Infected with: Trojan.Downloader.Small.EG

C:\WINDOWS\system32\z3875.dll

Disinfection failed

C:\WINDOWS\system32\z3875.dll

Deleted

C:\WINDOWS\system32\zsPeCrypt.dll

Infected with: Generic.Malware.dld!!.3C4C6265

C:\WINDOWS\system32\zsPeCrypt.dll

Disinfection failed

C:\WINDOWS\system32\zsPeCrypt.dll

Delete failed

C:\xfeq.exe

Infected with: Trojan.Downloader.Agent.MO

C:\xfeq.exe

Disinfection failed

C:\xfeq.exe

Deleted

D:\install.exe

Infected with: Trojan.Downloader.Agent.BCA

D:\install.exe

Deleted

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040956.exe

Infected with: Dropped:Trojan.Purityad.E

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040956.exe

Disinfection failed

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040956.exe

Deleted

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040957.pif

Infected with: Backdoor.MSNMaker.AA

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040957.pif

Disinfection failed

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040957.pif

Deleted

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040958.exe

Infected with: Trojan.Spambot.DQ

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040958.exe

Disinfection failed

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0040958.exe

Deleted

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051011.exe

Infected with: Trojan.Downloader.Agent.BCA

D:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP172\A0051011.exe

Deleted
0
Réponse 4 / 17
Utilisateur anonyme
 
Fait ce nettoyage: (à faire réguliérement)

¤Telecharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Si tu as besoin d'aide pour Ccleaner, regarde ce tutoriel:
http://www.tutopat.com/viewtopic.php?t=305

Télécharge, installe puis met à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
Ewido: (en Anglais reste gratuit après la période d'essai)
Ewido
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
yipiyoyipiye
 
+ Created at: 13:37:41 10/12/2006

+ Scan result:

C:\WINDOWS\Titan Poker setup.exe -> Adware.Casino : Cleaned.
C:\Program Files\Fichiers communs\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : Cleaned.
C:\WINDOWS\system32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : Cleaned.
HKLM\SYSTEM\ControlSet006\Services\HTTP -> Adware.SpyHeal : Cleaned.
HKLM\SYSTEM\ControlSet006\Services\HTTP\Parameters -> Adware.SpyHeal : Cleaned.
HKLM\SYSTEM\ControlSet006\Services\HTTP\Parameters\SslBindingInfo -> Adware.SpyHeal : Cleaned.
HKLM\SYSTEM\ControlSet006\Services\HTTP\Parameters\UrlAclInfo -> Adware.SpyHeal : Cleaned.
HKLM\SYSTEM\ControlSet006\Services\HTTP\Security -> Adware.SpyHeal : Cleaned.
HKU\S-1-5-21-139329984-3171950058-1767654482-1006\Software\ToolBar -> Adware.WebSearch : Cleaned.
HKU\S-1-5-21-139329984-3171950058-1767654482-1006\Software\ToolBar\all -> Adware.WebSearch : Cleaned.
HKU\S-1-5-21-139329984-3171950058-1767654482-1006\Software\ToolBar\all\History -> Adware.WebSearch : Cleaned.
C:\Documents and Settings\Laurent\ww.exe -> Hijacker.Agent.bt : Cleaned.
:mozilla.12:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.13:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\namn.exe -> Trojan.ProcKill.DJ : Cleaned.

::Report end
0
Réponse 6 / 17
yipiyoyipiye
 
Au fait j'avais tenté l'update qui n'avait pas marché j'ai donc lancé un scan. (ci dessus)

J'ai retenté plus tard l'update qui a marché, voilà le scan suivant. J'ai donc fait un scan pré et post update.

+ Created at: 14:17:41 10/12/2006

+ Scan result:

C:\WINDOWS\system32\z3498.dll -> Not-A-Virus.Hoax.Win32.Renos.fk : Ignored.
C:\Documents and Settings\Laurent\Cookies\laurent@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.14:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.12:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.13:C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\jv6efanp.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.dll -> Trojan.Sinowal.bh : Cleaned.

::Report end
0
Réponse 7 / 17
Utilisateur anonyme
 
Salut

remet un rapport hijackthis stp
0
Réponse 8 / 17
yipiyoyipiye
 
Logfile of HijackThis v1.99.1
Scan saved at 23:05:25, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\PokerOffice\bin\javaw.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Fichiers communs\{54A58EF0-067E-1036-0511-060221060021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\Laurent\LOCALS~1\Temp\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: C:\WINDOWS\system32\zsPeCrypt.dll - {8A5849C4-93F3-429D-FF34-660A2068897C} - C:\WINDOWS\system32\zsPeCrypt.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{34A58~1\Bar888.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Recoveru systems] C:\DOCUME~1\Laurent\LOCALS~1\Temp\svchost.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: hksrv.dll - {8D6E0873-AB8A-4D70-BE23-095CE9232D09} - hksrv.dll (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 9 / 17
Utilisateur anonyme
 
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O2 - BHO: C:\WINDOWS\system32\zsPeCrypt.dll - {8A5849C4-93F3-429D-FF34-660A2068897C} - C:\WINDOWS\system32\zsPeCrypt.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{34A58~1\Bar888.dll
O4 - HKCU\..\Run: [Recoveru systems] C:\DOCUME~1\Laurent\LOCALS~1\Temp\svchost.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O21 - SSODL: hksrv.dll - {8D6E0873-AB8A-4D70-BE23-095CE9232D09} - hksrv.dll (file missing)

Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste ces lignes, fait un clic droit dessus choisis "propriétés" et régle les sur "désactivé"

InstallDriver Table Manager
Microsoft authenticate service

Clique sur démarrer, rechercher, cherche et supprime ces fichiers si présent

- msasvc.exe
- zsPeCrypt.dll

Clique sur poste de travail, C:, program files, fichiers communs, et supprime le dossier commençant par:

- 34A58 ...

**Si un fichier persiste lors de la suppression fait ceci:
-Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisit "mode sans echec" attends un peu.. puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement

Télécharge Killbox:
http://www.killbox.net/downloads/KillBox.exe

Double clique sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
dans la barre vide entre ceci: (exactement)

C:\WINDOWS\system32\rpcc.dll

- clique sur le rond rouge avec la croix blanche
- une fenêtre va apparaître pour confirmation cliques sur "YES"
- une seconde fenêtre te demande si tu veux redémarrer cliques sur "YES"

Laisse le pc redémarrer s'il ne redémarre pas de lui même alors fait le.

_____________________________________
-Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisit "mode sans echec" attends un peu..

Pour afficher tous les dossiers et fichiers cachés

Clique sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
"
Coche:
¤ afficher les fichiers et dossiers cachés
- Clique sur "appliquer" puis "ok"

CLique sur poste de travail, C:, documents and settings, Laurent, locals settings, et vide complétement ces deux dossiers:

- Temporary internet files
- Temp

Même chose avec tous les autrs utilisateurs s'il y a.
Vide at corbeille et redémarre normalement
___________________________
Voici une liste d'anti-spywares si tu ne les as pas télécharge les et scanne complétement ton PC et supprime tout ce qu'ils pourraient te trouver

SpyBot-Search & Destroy: (gratuit en Français)
Spybot
Si tu as besoin d'aide avec Sybot regarde ce tutoriel:
http://www.tutoriaux-excalibur.com/spybot.htm

A² squared: (gratuit en Français)
A-squared
Si tu as besoin d'aide avec A-squared regarde ce tutoriel:
https://www.pcparadise.fr

Ad-Aware SE Personal: (en Anglais disponible en Français, gratuit)
Ad-aware
Si tu as besoin d'aide pour ad-Aware regarde ce tutoriel:
https://forums.cnetfrance.fr

A++
0
Réponse 10 / 17
yipiyoyipiye
 
Hi there, voilà tout est fait, jvoulais encore te remercier énormément pour le temps accordé... vraiment sympa et efficace :)

Sinon le seul truc que j'ai pas réussi a faire est supprimer - zsPeCrypt.dll même en mode sans échec, apparement le processus etait actif quelquepart...
0
Réponse 11 / 17
yipiyoyipiye
 
edit: par contre de temps en temps j'ai un ecran bleu et reboot de l ordi... ca m'a lair pas bon du tout ca
0
Réponse 12 / 17
Utilisateur anonyme
 
Salut

tu as quoi comme message d'erreur suite à cet écran bleu ?

Rends toi sur se site, en haut à droite clique sur "choose" tu vas dans C:, windows, system32 tu cherche le processus ci-dessous et tu cliques sur "ouvrir" dès que c'est fait tu cliques sur "send" tu attends un peu et colle le rapport ici une fois qu'il a terminé stp

http://www.virustotal.com/en/virustotalx.html

zsPeCrypt.dll < à analyser
0
Réponse 13 / 17
yipiyoyipiye
 
salut,

pour ce qui est de l'ecran bleu en général ca arrive quand la plupart de ma RAM est utilisée, ou quand des fois je lance un scan d'un anti virus (lié?). L'ecran bleu arrive, j'ai rien le temps de lire (une demie seconde) et ca reboot...

Pour le dll:

Complete scanning result of "zsPeCrypt.dll", received in VirusTotal at 12.11.2006, 14:54:35 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.49 12.11.2006 HEUR/Malware
Authentium 4.93.8 12.08.2006 no virus found
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.09.2006 no virus found
BitDefender 7.2 12.11.2006 Generic.Malware.dld!!.3C4C6265
CAT-QuickHeal 8.00 12.09.2006 no virus found
ClamAV devel-20060426 12.11.2006 no virus found
DrWeb 4.33 12.11.2006 no virus found
eSafe 7.0.14.0 12.11.2006 no virus found
eTrust-InoculateIT 23.73.81 12.09.2006 no virus found
eTrust-Vet 30.3.3244 12.11.2006 no virus found
Ewido 4.0 12.10.2006 no virus found
Fortinet 2.82.0.0 12.11.2006 no virus found
F-Prot 3.16f 12.08.2006 no virus found
F-Prot4 4.2.1.29 12.08.2006 no virus found
Ikarus T3.1.0.26 12.11.2006 no virus found
Kaspersky 4.0.2.24 12.11.2006 no virus found
McAfee 4915 12.10.2006 no virus found
Microsoft 1.1804 12.11.2006 no virus found
NOD32v2 1914 12.11.2006 no virus found
Norman 5.80.02 12.11.2006 no virus found
Panda 9.0.0.4 12.11.2006 Suspicious file
Prevx1 V2 12.11.2006 Malicious
Sophos 4.12.0 12.10.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.08.2006 no virus found
VBA32 3.11.1 12.10.2006 no virus found
VirusBuster 4.3.15:9 12.10.2006 no virus found

Aditional Information
File size: 10000 bytes
MD5: a2f0a06d2dc9878ba93ee134e6c0bda5
SHA1: 2f3483d0dd4f419af3c6be75ad5c9b125a4b66b1
packers: PECOMPACT
packers: PecBundle, PECompact
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=f2c161383277
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
0
Réponse 14 / 17
Utilisateur anonyme
 
Tu as peut-être un problème de RAM !
En attendant

Télécharge Killbox:
http://www.killbox.net/downloads/KillBox.exe

Double clique sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
dans la barre vide entre ceci: (exactement)

C:\WINDOWS\system32\zsPeCrypt.dll

- clique sur le rond rouge avec la croix blanche
- une fenêtre va apparaître pour confirmation cliques sur "YES"
- une seconde fenêtre te demande si tu veux redémarrer cliques sur "YES"

Laisse le pc redémarrer s'il ne redémarre pas de lui même alors fait le.

Ensuite, fait un clique droit sur Hijackthis, choisis renommer, marque: abcde.exe puis met un nouveau rapport stp
0
Réponse 15 / 17
yipiyoyipiye
 
Salut,

pour ce qui est de la ram ca me semble étrange car mon ordi a 5 mois et j'ai ce probleme decran bleu depuis l'infection de l'ordi.

Voilà le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 15:14:54, on 11/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\PokerOffice\bin\javaw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\{54A58EF0-067E-1036-0511-060221060021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\hijack\abcde.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: C:\WINDOWS\system32\zsPeCrypt.dll - {8A5849C4-93F3-429D-FF34-660A2068897C} - C:\WINDOWS\system32\zsPeCrypt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 16 / 17
Utilisateur anonyme
 
As-tu fait Killbox, car la bestiol est encore là ;-)

Clique sur poste de travail, C:, program files, fichiers communs, cherche et supprime ce dossier:

- 54A58EF0-067E-1036-0511-060221060021

¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"

ewido anti-spyware 4.0 guard

Celle-ci sur "manuel"

Adobe Active File Monitor V4

Redémarre ton PC fait un nettoyage avec Ccleaner puis défragente ton PC ;-)
0
Réponse 17 / 17
yipiyoyipiye
 
Salut!

apparement les virus ne me posent plus de probleme, grace à toi. mais j'ai un nouveau probleme... sic

Plusieurs fois par jour j'ai une fenetre qui m'indique une erreur dans systeme32\services.exe et un compte a rebours me disant que l'ordinateur va redemarrer... c'est grave docteur?
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses