Attaqué par crazy girls
Résolu
penteraverde
Messages postés
41
Date d'inscription
Statut
Membre
Dernière intervention
-
green day Messages postés 26374 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
green day Messages postés 26374 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour, j'aimerais de l'aide pour suprimer les attaques de crazy girls, ca m'envahit
j'espere que vous pourrez m'aider.
si quelqu'un peut discuter avec moi en direct ca sera plus simple, car par commentaire ca va prendre du temps.
Cordialement
j'espere que vous pourrez m'aider.
si quelqu'un peut discuter avec moi en direct ca sera plus simple, car par commentaire ca va prendre du temps.
Cordialement
A voir également:
- Attaqué par crazy girls
- Crazy browser - Télécharger - Navigateurs
- Crazy talk - Télécharger - 3D
- Attaque par dictionnaire - Guide
- Bad girls les condamnées streaming vf - Forum Cinéma / Télé
- Cyber attaque - Accueil - Piratage
29 réponses
Salut
Télécharge ceci sur ton bureau :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Télécharge ceci sur ton bureau :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Merci, alors j'ai effectué ce que tu m'as dit, j'obtient cela:
Logfile of HijackThis v1.99.1
Scan saved at 22:48:29, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\Program Files\Fichiers communs\DriveCleaner
Free\udcwap.exe
C:\Program Files\Fichiers communs\DriveCleaner
Free\udcsdr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971
\Program\backWeb-7288971.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\system32\linkprd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery
Live.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijackthis Version Française\hijackthis
vf.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL = http://srch-
fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://fr4.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yms
gr6/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First
Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-
C2D500688DA2} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-
00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-
C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll (file
missing)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSBBCore Class - {00000000-0000-0000-0000-
000000002230} - C:\Program Files\CSBB\CSBB.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-
F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D}
- C:\WINDOWS\mslagent\4b_1,0,1,2_mslagent.dll
O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7}
- (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
- C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0
\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
- (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-
0EA71C0748E4} - C:\WINDOWS\wsem302.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF
-8ECC-5164760863C6} - C:\Program Files\Fichiers
communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-
4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll
O2 - BHO: UrlCatcher Class - {CE31A1F7-3D90-4874-8FBE-
A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll
O2 - BHO: LBBHO Class - {EFD84954-6B46-42f4-81F3-
94CE9A77052D} - C:\WINDOWS\lbbho.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-
14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {5F1ABCDB-A875-46c1-8345-
B72A4567E486} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-
B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1
\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1
\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P
Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers
communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dragdiag] C:\WINDOWS\system32
\dragdiag.exe /icon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32
\dumprep 0 -k
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers
communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers
communs\DriveCleaner Free\udcsdr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection]
C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers
communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32
\linkprd.exe /res
O4 - Global Startup: AOL Compagnon.lnk = C:\Program
Files\AOL Compagnon\companion.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program
Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-
7288971.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk =
C:\Program Files\KODAK\Kodak EasyShare
software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet
Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar -
res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel
- res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0
-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-
B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-
00010333D0AD} - C:\Program Files\Yahoo!
\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-
4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!
\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-
B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-
4615-B15B-B5B5E98D167C} - C:\Program Files\AOL
Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-
F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux -
https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers
Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} -
http://hosting1.affiliate69.com/~dimiweb/magalie/magalie.exe
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} -
https://www.afternic.com/domains/downloadv3.com
64_XP.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} -
https://www.afternic.com/domains/downloadv3.com
071_XP.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH
Class) -
https://www.afternic.com/domains/downloadv3.com
FR_XP.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France
Telecom MDM ActiveX Control) -
http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.
cab31267.cab
O16 - DPF: {15D0E439-4E58-45E1-A9C1-0B1B16749A3C} -
https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} -
https://www.afternic.com/domains/downloadv3.com
60_XP.cab
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} -
https://www.afternic.com/domains/downloadv3.com
59_XP.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P
Installer) -
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} -
http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em
_XP.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers
Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B}
(Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab31267.ca
b
O16 - DPF: {3446598E-00E4-4B5E-99A6-87ECCA8324A2} -
https://www.afternic.com/domains/downloadv3.com
56_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} -
https://www.afternic.com/domains/downloadv3.com
070_ASPIV4_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} -
https://www.afternic.com/domains/downloadv3.com
070_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3}
(EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Pictur
e_Control_v1-0-3-48.cab
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} -
https://www.afternic.com/domains/downloadv3.com
e_5_FR_XP.cab
O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} -
https://www.afternic.com/domains/downloadv3.com
072_ASPIV4_XP.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56
986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl
Class) - http://messenger.zone.msn.com/FR-FR/a-
UNO1/GAME_UNO1.cab
O16 - DPF: {78F584DF-BBF5-4296-839C-31DE60914DBC} -
https://www.afternic.com/domains/downloadv3.com
071_ASPIV4_XP.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} -
http://1102688714000.kit.sexequalite.com/10518/CD/Diabloteen
Live.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.ca
b31267.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} -
https://www.afternic.com/domains/downloadv3.com
.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloade
r.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games
- Installer) -
http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook
Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/
yautocomplete.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8}
(CBreakshotControl Class) -
http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} -
https://www.afternic.com/domains/downloadv3.com
58_XP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.
cab56907.cab
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} -
https://www.afternic.com/domains/downloadv3.com
ab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave
Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s
wflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} -
http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} -
https://www.afternic.com/domains/downloadv3.com
072_XP.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
(Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.ca
b
O16 - DPF: {FA605711-8E72-46B2-AE49-BED11B2E729D} -
https://www.afternic.com/domains/downloadv3.com
63_ASPIV4_XP.cab
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} -
https://www.afternic.com/domains/downloadv3.com
61_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2EFD950-D852-4A89
-B5B0-0B518391BD15}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEE1D8C0-10F4-4A34
-B7A0-07FC8CD98198}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-
8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-
8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32
\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America
Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) -
Eastman Kodak Company - C:\WINDOWS\system32
\drivers\KodakCCS.exe
O23 - Service: WAN Miniport (ATW) Service
(WANMiniportService) - America Online, Inc. -
C:\WINDOWS\wanmpsvc.exe
Merci
Logfile of HijackThis v1.99.1
Scan saved at 22:48:29, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\Program Files\Fichiers communs\DriveCleaner
Free\udcwap.exe
C:\Program Files\Fichiers communs\DriveCleaner
Free\udcsdr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971
\Program\backWeb-7288971.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\system32\linkprd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery
Live.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijackthis Version Française\hijackthis
vf.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL = http://srch-
fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://fr4.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yms
gr6/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First
Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-
C2D500688DA2} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-
00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-
C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll (file
missing)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSBBCore Class - {00000000-0000-0000-0000-
000000002230} - C:\Program Files\CSBB\CSBB.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-
F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D}
- C:\WINDOWS\mslagent\4b_1,0,1,2_mslagent.dll
O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7}
- (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
- C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0
\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
- (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-
0EA71C0748E4} - C:\WINDOWS\wsem302.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF
-8ECC-5164760863C6} - C:\Program Files\Fichiers
communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-
4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll
O2 - BHO: UrlCatcher Class - {CE31A1F7-3D90-4874-8FBE-
A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll
O2 - BHO: LBBHO Class - {EFD84954-6B46-42f4-81F3-
94CE9A77052D} - C:\WINDOWS\lbbho.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-
14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {5F1ABCDB-A875-46c1-8345-
B72A4567E486} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-
B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1
\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1
\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P
Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers
communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dragdiag] C:\WINDOWS\system32
\dragdiag.exe /icon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32
\dumprep 0 -k
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers
communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers
communs\DriveCleaner Free\udcsdr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection]
C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers
communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32
\linkprd.exe /res
O4 - Global Startup: AOL Compagnon.lnk = C:\Program
Files\AOL Compagnon\companion.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program
Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-
7288971.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk =
C:\Program Files\KODAK\Kodak EasyShare
software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet
Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar -
res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel
- res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0
-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-
B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-
00010333D0AD} - C:\Program Files\Yahoo!
\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-
4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!
\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-
B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-
4615-B15B-B5B5E98D167C} - C:\Program Files\AOL
Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-
F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux -
https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers
Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} -
http://hosting1.affiliate69.com/~dimiweb/magalie/magalie.exe
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} -
https://www.afternic.com/domains/downloadv3.com
64_XP.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} -
https://www.afternic.com/domains/downloadv3.com
071_XP.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH
Class) -
https://www.afternic.com/domains/downloadv3.com
FR_XP.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France
Telecom MDM ActiveX Control) -
http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.
cab31267.cab
O16 - DPF: {15D0E439-4E58-45E1-A9C1-0B1B16749A3C} -
https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} -
https://www.afternic.com/domains/downloadv3.com
60_XP.cab
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} -
https://www.afternic.com/domains/downloadv3.com
59_XP.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P
Installer) -
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} -
http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em
_XP.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers
Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B}
(Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab31267.ca
b
O16 - DPF: {3446598E-00E4-4B5E-99A6-87ECCA8324A2} -
https://www.afternic.com/domains/downloadv3.com
56_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} -
https://www.afternic.com/domains/downloadv3.com
070_ASPIV4_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} -
https://www.afternic.com/domains/downloadv3.com
070_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3}
(EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Pictur
e_Control_v1-0-3-48.cab
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} -
https://www.afternic.com/domains/downloadv3.com
e_5_FR_XP.cab
O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} -
https://www.afternic.com/domains/downloadv3.com
072_ASPIV4_XP.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire
Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56
986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl
Class) - http://messenger.zone.msn.com/FR-FR/a-
UNO1/GAME_UNO1.cab
O16 - DPF: {78F584DF-BBF5-4296-839C-31DE60914DBC} -
https://www.afternic.com/domains/downloadv3.com
071_ASPIV4_XP.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} -
http://1102688714000.kit.sexequalite.com/10518/CD/Diabloteen
Live.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.ca
b31267.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} -
https://www.afternic.com/domains/downloadv3.com
.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloade
r.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games
- Installer) -
http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook
Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/
yautocomplete.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8}
(CBreakshotControl Class) -
http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} -
https://www.afternic.com/domains/downloadv3.com
58_XP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.
cab56907.cab
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} -
https://www.afternic.com/domains/downloadv3.com
ab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave
Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s
wflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} -
http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} -
https://www.afternic.com/domains/downloadv3.com
072_XP.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
(Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.ca
b
O16 - DPF: {FA605711-8E72-46B2-AE49-BED11B2E729D} -
https://www.afternic.com/domains/downloadv3.com
63_ASPIV4_XP.cab
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} -
https://www.afternic.com/domains/downloadv3.com
61_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2EFD950-D852-4A89
-B5B0-0B518391BD15}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEE1D8C0-10F4-4A34
-B7A0-07FC8CD98198}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-
8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-
8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32
\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America
Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) -
Eastman Kodak Company - C:\WINDOWS\system32
\drivers\KodakCCS.exe
O23 - Service: WAN Miniport (ATW) Service
(WANMiniportService) - America Online, Inc. -
C:\WINDOWS\wanmpsvc.exe
Merci
re
ok,
*
o Prendre connaissance du contenu du lien suivant: http://www.f-secure.com/products/license-terms/eult_fra.pdf
o Vous avez donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que vous allez télécharger.
o Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
o Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
o Faire un clic droit sur navilog1.zip et choisir "tout extraire"
o Double-cliquez sur navilog1.bat
o Arriver au menu principal, choisir l'option 1 et valider.
o Patientez jusqu'au message : Analyse Termine le ...
o Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt), poste le stp !
++
ok,
*
o Prendre connaissance du contenu du lien suivant: http://www.f-secure.com/products/license-terms/eult_fra.pdf
o Vous avez donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que vous allez télécharger.
o Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
o Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
o Faire un clic droit sur navilog1.zip et choisir "tout extraire"
o Double-cliquez sur navilog1.bat
o Arriver au menu principal, choisir l'option 1 et valider.
o Patientez jusqu'au message : Analyse Termine le ...
o Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt), poste le stp !
++
Voici ce que je viens de faire, c'est bien ca?
Search Navipromo version 2.0.2 commencé le 31/05/2007 à 23:31:32,34
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
Instant Access
*** Recherche dossiers dans C:\WINDOWS ***
C:\WINDOWS\mslagent trouvé !
C:\WINDOWS\msskinner trouvé !
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\Instant Access trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Propri‚taire\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\qsbfpzceoa.exe
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\qsbfpzceoa.exe
*** Recherche fichiers ***
C:\WINDOWS\Downloaded Program Files\EGAUTH.inf trouvé !
C:\WINDOWS\Downloaded Program Files\EGCOMSERVICE_pack.inf trouvé !
C:\WINDOWS\Downloaded Program Files\netcmp32.inf trouvé !
C:\WINDOWS\Downloaded Program Files\nethv32.inf trouvé !
C:\WINDOWS\Downloaded Program Files\LiveService.inf trouvé !
C:\WINDOWS\Downloaded Program Files\sysnetsvc32.inf trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\msegcompid.dll trouvé !
C:\WINDOWS\system32\mservice.dll trouvé !
C:\WINDOWS\system32\mseggrpid.dll trouvé !
C:\WINDOWS\system32\msklive.dll trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-2CF62DC6.pf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
C:\WINDOWS\system32\EGDACCESS_1056.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1058.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1059.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1060.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1061.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1063.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1064.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1070.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1070.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1071.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1071.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1072.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1072.dll REG_DWORD 0x1
C:\WINDOWS\System32\eglivecam_1027.dll REG_DWORD 0x1
C:\WINDOWS\System32\eglivecam_1028.dll REG_DWORD 0x3
C:\WINDOWS\System32\eglivecam_1029.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1037.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE2.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1042.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1045.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1046.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1048.dll REG_DWORD 0x1
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1056.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1058.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1059.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1060.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1061.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1064.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1070.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1071.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1072.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1063.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1070.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1071.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1072.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1027.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1028.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1029.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE2.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1037.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1042.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1045.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1046.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1048.dll
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-3852255402-2161807218-2885428501-1003\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\oqjvihw.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
**
C:\WINDOWS\system32\oqjvihw.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
***
****
C:\WINDOWS\system32\qsbfpzceoa_navps.dat trouvé !
*****
C:\WINDOWS\system32\oqjvihw_nav.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat trouvé !
******
*******
********
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\qsbfpzceoa.exe trouvé !
*** Analyse Terminé le 01/06/2007 à 0:07:50,67 ***
Cordialement
Search Navipromo version 2.0.2 commencé le 31/05/2007 à 23:31:32,34
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
Instant Access
*** Recherche dossiers dans C:\WINDOWS ***
C:\WINDOWS\mslagent trouvé !
C:\WINDOWS\msskinner trouvé !
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\Instant Access trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Propri‚taire\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\qsbfpzceoa.exe
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\qsbfpzceoa.exe
*** Recherche fichiers ***
C:\WINDOWS\Downloaded Program Files\EGAUTH.inf trouvé !
C:\WINDOWS\Downloaded Program Files\EGCOMSERVICE_pack.inf trouvé !
C:\WINDOWS\Downloaded Program Files\netcmp32.inf trouvé !
C:\WINDOWS\Downloaded Program Files\nethv32.inf trouvé !
C:\WINDOWS\Downloaded Program Files\LiveService.inf trouvé !
C:\WINDOWS\Downloaded Program Files\sysnetsvc32.inf trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\msegcompid.dll trouvé !
C:\WINDOWS\system32\mservice.dll trouvé !
C:\WINDOWS\system32\mseggrpid.dll trouvé !
C:\WINDOWS\system32\msklive.dll trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-2CF62DC6.pf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
C:\WINDOWS\system32\EGDACCESS_1056.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1058.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1059.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1060.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1061.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1063.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1064.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1070.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1070.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1071.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1071.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_1072.dll REG_DWORD 0x1
C:\WINDOWS\system32\EGDACCESS_ASPIV4_1072.dll REG_DWORD 0x1
C:\WINDOWS\System32\eglivecam_1027.dll REG_DWORD 0x1
C:\WINDOWS\System32\eglivecam_1028.dll REG_DWORD 0x3
C:\WINDOWS\System32\eglivecam_1029.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1037.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE2.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1042.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1045.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1046.dll REG_DWORD 0x1
C:\WINDOWS\System32\EGCOMSERVICE_1048.dll REG_DWORD 0x1
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1056.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1058.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1059.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1060.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1061.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1064.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1070.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1071.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_1072.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1063.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1070.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1071.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/EGDACCESS_ASPIV4_1072.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1027.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1028.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/eglivecam_1029.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE2.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1037.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1042.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1045.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1046.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/EGCOMSERVICE_1048.dll
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-3852255402-2161807218-2885428501-1003\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\oqjvihw.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
**
C:\WINDOWS\system32\oqjvihw.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
***
****
C:\WINDOWS\system32\qsbfpzceoa_navps.dat trouvé !
*****
C:\WINDOWS\system32\oqjvihw_nav.dat trouvé !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat trouvé !
******
*******
********
C:\WINDOWS\system32\linkprd.exe trouvé !
C:\WINDOWS\system32\qsbfpzceoa.exe trouvé !
*** Analyse Terminé le 01/06/2007 à 0:07:50,67 ***
Cordialement
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut
oui, c'est bien cela, suite :
o Double-cliquer sur navilog1.bat
o Arriver au menu principal, choisir l'option 2 et valider.
o Indiquer le mode de nettoyage "automatique"
o Répondre aux questions éventuelles, le bureau disparaîtra, c'est normal !
o Patienter jusqu'au message : Nettoyage Termine le ...
o Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaîtra
o Redémarrer en mode normal, le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt), poste le stp
ensuite, fais ce qui est indiqué ici stp
virus methode preliminaire de desinfection version fr
++
oui, c'est bien cela, suite :
o Double-cliquer sur navilog1.bat
o Arriver au menu principal, choisir l'option 2 et valider.
o Indiquer le mode de nettoyage "automatique"
o Répondre aux questions éventuelles, le bureau disparaîtra, c'est normal !
o Patienter jusqu'au message : Nettoyage Termine le ...
o Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaîtra
o Redémarrer en mode normal, le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt), poste le stp
ensuite, fais ce qui est indiqué ici stp
virus methode preliminaire de desinfection version fr
++
Bonjour, merci pour ces nouvelles indications
J'obtiens cela :
Clean Navipromo version 2.0.2 commencé le 01/06/2007 à
11:39:17,18
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats
Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
C:\windows\system32\qsbfpzceoa.exe supprimé !
** 2ème passage **
C:\WINDOWS\system32\qsbfpzceoa.exe absent !
C:\WINDOWS\system32\qsbfpzceoa_navup.dat absent !
C:\WINDOWS\system32\qsbfpzceoa_navtmp.dat absent !
C:\WINDOWS\system32\qsbfpzceoa_m2s.xml absent !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa.dat réalise avec succes
!
C:\WINDOWS\system32\qsbfpzceoa.dat supprimé !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa_nav.dat réalise avec
succes !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat supprimé !
C:\WINDOWS\system32\qsbfpzceoa_navps.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa_navps.dat réalise avec
succes !
C:\WINDOWS\system32\qsbfpzceoa_navps.dat supprimé !
C:\WINDOWS\prefetch\qsbfpzceoa*.pf trouvé !
Copie C:\WINDOWS\prefetch\qsbfpzceoa*.pf réalise avec succes
!
C:\WINDOWS\prefetch\qsbfpzceoa*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
C:\WINDOWS\mslagent ...suppression...
C:\WINDOWS\mslagent supprimé !
C:\WINDOWS\msskinner ...suppression...
C:\WINDOWS\msskinner supprimé !
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\Instant Access ...suppression...
C:\Program Files\Instant Access supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All
Users\Application Data ***
*** Suppression dossiers dans C:\Documents and
Settings\Propri‚taire\Application Data ***
*** Suppression fichiers ***
C:\WINDOWS\Downloaded Program Files\EGAUTH.inf supprimé !
C:\WINDOWS\Downloaded Program Files\EGCOMSERVICE_pack.inf
supprimé !
C:\WINDOWS\Downloaded Program Files\netcmp32.inf supprimé !
C:\WINDOWS\Downloaded Program Files\nethv32.inf supprimé !
C:\WINDOWS\Downloaded Program Files\LiveService.infsupprimé
!
C:\WINDOWS\Downloaded Program Files\sysnetsvc32.inf supprimé
!
C:\WINDOWS\Downloaded Program Files\sysinetsvc32.inf
supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\linkprd.exe supprimé !
C:\WINDOWS\system32\msegcompid.dll supprimé !
C:\WINDOWS\system32\msclock32.dll supprimé !
C:\WINDOWS\system32\mservice.dll supprimé !
C:\WINDOWS\system32\msplock32.dll supprimé !
C:\WINDOWS\system32\mseggrpid.dll supprimé !
C:\WINDOWS\system32\msklive.dll supprimé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf supprimé
!
C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-2CF62DC6.pf
supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and
Settings\Propri‚taire\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
C:\WINDOWS\System32\oqjvihw.dat trouvé !
Copie C:\WINDOWS\system32\oqjvihw.dat réalise avec succes !
C:\WINDOWS\system32\oqjvihw.dat supprimé !
**
***
****
*****
C:\WINDOWS\System32\oqjvihw_nav.dat trouvé !
Copie C:\WINDOWS\system32\oqjvihw_nav.dat réalise avec
succes !
C:\WINDOWS\system32\oqjvihw_nav.dat supprimé !
******
*******
********
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
*** Nettoyage termine le 01/06/2007 à 11:44:16,50 ***
Je vais lire le lien, merci encore
Cordialement
J'obtiens cela :
Clean Navipromo version 2.0.2 commencé le 01/06/2007 à
11:39:17,18
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats
Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
C:\windows\system32\qsbfpzceoa.exe supprimé !
** 2ème passage **
C:\WINDOWS\system32\qsbfpzceoa.exe absent !
C:\WINDOWS\system32\qsbfpzceoa_navup.dat absent !
C:\WINDOWS\system32\qsbfpzceoa_navtmp.dat absent !
C:\WINDOWS\system32\qsbfpzceoa_m2s.xml absent !
C:\WINDOWS\system32\qsbfpzceoa.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa.dat réalise avec succes
!
C:\WINDOWS\system32\qsbfpzceoa.dat supprimé !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa_nav.dat réalise avec
succes !
C:\WINDOWS\system32\qsbfpzceoa_nav.dat supprimé !
C:\WINDOWS\system32\qsbfpzceoa_navps.dat trouvé !
Copie C:\WINDOWS\system32\qsbfpzceoa_navps.dat réalise avec
succes !
C:\WINDOWS\system32\qsbfpzceoa_navps.dat supprimé !
C:\WINDOWS\prefetch\qsbfpzceoa*.pf trouvé !
Copie C:\WINDOWS\prefetch\qsbfpzceoa*.pf réalise avec succes
!
C:\WINDOWS\prefetch\qsbfpzceoa*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
C:\WINDOWS\mslagent ...suppression...
C:\WINDOWS\mslagent supprimé !
C:\WINDOWS\msskinner ...suppression...
C:\WINDOWS\msskinner supprimé !
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\Instant Access ...suppression...
C:\Program Files\Instant Access supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All
Users\Application Data ***
*** Suppression dossiers dans C:\Documents and
Settings\Propri‚taire\Application Data ***
*** Suppression fichiers ***
C:\WINDOWS\Downloaded Program Files\EGAUTH.inf supprimé !
C:\WINDOWS\Downloaded Program Files\EGCOMSERVICE_pack.inf
supprimé !
C:\WINDOWS\Downloaded Program Files\netcmp32.inf supprimé !
C:\WINDOWS\Downloaded Program Files\nethv32.inf supprimé !
C:\WINDOWS\Downloaded Program Files\LiveService.infsupprimé
!
C:\WINDOWS\Downloaded Program Files\sysnetsvc32.inf supprimé
!
C:\WINDOWS\Downloaded Program Files\sysinetsvc32.inf
supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\linkprd.exe supprimé !
C:\WINDOWS\system32\msegcompid.dll supprimé !
C:\WINDOWS\system32\msclock32.dll supprimé !
C:\WINDOWS\system32\mservice.dll supprimé !
C:\WINDOWS\system32\msplock32.dll supprimé !
C:\WINDOWS\system32\mseggrpid.dll supprimé !
C:\WINDOWS\system32\msklive.dll supprimé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf supprimé
!
C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-2CF62DC6.pf
supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and
Settings\Propri‚taire\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
C:\WINDOWS\System32\oqjvihw.dat trouvé !
Copie C:\WINDOWS\system32\oqjvihw.dat réalise avec succes !
C:\WINDOWS\system32\oqjvihw.dat supprimé !
**
***
****
*****
C:\WINDOWS\System32\oqjvihw_nav.dat trouvé !
Copie C:\WINDOWS\system32\oqjvihw_nav.dat réalise avec
succes !
C:\WINDOWS\system32\oqjvihw_nav.dat supprimé !
******
*******
********
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
*** Nettoyage termine le 01/06/2007 à 11:44:16,50 ***
Je vais lire le lien, merci encore
Cordialement
Bonsoir, j'ai un souci, quand je fais l'analyse avec anti spyware avec AVG, aprés 1h30 environ d'analyse, et plusieurs erreurs detectés, le logiciel se bloque, et me met qu'une erreur est intervenue, et je peux pas supprimer les objets qu'il avait trouvé. et dans le raport, ca me met un raport vierge pratiquement.
Je dois faire quoi, je continue le reste ou il est indispensable? merci
Cordialement
Je dois faire quoi, je continue le reste ou il est indispensable? merci
Cordialement
Voici mon raport pour AVG anti spyware, c'est bien ca? Merci une nouvelle fois pour tout.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 01:32:31 03/06/2007
+ Résultat de l'analyse:
C:\WINDOWS\SYSTEM32\apuc.dll -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\bbchk.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\exdl.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\exul.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\randreco.exe -> Adware.BetterInternet : Nettoyé.
C:\WINDOWS\SYSTEM32\oqjvihw.exe -> Adware.NaviPromo : Nettoyé.
C:\WINDOWS\NDNuninstall4_85.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall7_48.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl -> Adware.P2PNet : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-1337429592.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-1855960227.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2126563126.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2347392004.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2426493235.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2516828733.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2715242281.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2723549644.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2921978525.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3014051778.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3367914183.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3550147655.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3749873684.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-4201467124.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-445083467.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-542763383.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-562100721.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-682982489.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-739596512.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-802380811.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-850776126.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-5001-2445251932.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\index256.dbb -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\MARSHAL2.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.LOG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.eng -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.exe -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\specialoffers4.exe -> Adware.SpecialOffers : Nettoyé.
C:\WINDOWS\SYSTEM32\winbktc.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
C:\WINDOWS\WMCRRS.exe -> Trojan.Agent.bpb : Nettoyé.
C:\WINDOWS\SYSTEM32\PackageHtml.dll -> Trojan.Dialer.qu : Nettoyé.
Fin du rapport
Cordialement
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 01:32:31 03/06/2007
+ Résultat de l'analyse:
C:\WINDOWS\SYSTEM32\apuc.dll -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\bbchk.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\exdl.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\exul.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\SYSTEM32\randreco.exe -> Adware.BetterInternet : Nettoyé.
C:\WINDOWS\SYSTEM32\oqjvihw.exe -> Adware.NaviPromo : Nettoyé.
C:\WINDOWS\NDNuninstall4_85.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\NDNuninstall7_48.exe -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl -> Adware.P2PNet : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-1337429592.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-1855960227.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2126563126.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2347392004.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2426493235.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2516828733.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2715242281.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2723549644.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-2921978525.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3014051778.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3367914183.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3550147655.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-3749873684.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-4201467124.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-445083467.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-542763383.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-562100721.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-682982489.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-739596512.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-802380811.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-10001-850776126.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-5001-2445251932.sig -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\index256.dbb -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\MARSHAL2.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.LOG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.eng -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.exe -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\specialoffers4.exe -> Adware.SpecialOffers : Nettoyé.
C:\WINDOWS\SYSTEM32\winbktc.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
C:\WINDOWS\WMCRRS.exe -> Trojan.Agent.bpb : Nettoyé.
C:\WINDOWS\SYSTEM32\PackageHtml.dll -> Trojan.Dialer.qu : Nettoyé.
Fin du rapport
Cordialement
voila la 3 eme etape, j'espere que c'est bon.
BitDefender Online Scanner
Scan report generated at: Sun, Jun 03, 2007 - 03:26:55
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:18:20
Files
174108
Folders
7186
Boot Sectors
3
Archives
14101
Packed Files
6718
Results
Identified Viruses
33
Infected Files
210
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
209
Engines Info
Virus Definitions
479224
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
7
Archive plugins
20
Unpack plugins
3
E-mail plugins
3
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Deleted
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Disinfection failed
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Deleted
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Disinfection failed
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Deleted
C:\hp\bin\Terminator.exe
Infected with: Trojan.Killapp.30208.A
C:\hp\bin\Terminator.exe
Disinfection failed
C:\hp\bin\Terminator.exe
Deleted
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Detected with: Application.Adware.180solutions.A
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Disinfection failed
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Deleted
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Detected with: Application.Adware.180solutions.A
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Disinfection failed
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Deleted
C:\Program Files\Adverts\uninst.exe
Infected with: Trojan.Peed.Gen
C:\Program Files\Adverts\uninst.exe
Disinfection failed
C:\Program Files\Adverts\uninst.exe
Deleted
C:\Program Files\C2Media\Setup.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.DO
C:\Program Files\C2Media\Setup.exe
Disinfection failed
C:\Program Files\C2Media\Setup.exe
Deleted
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Deleted
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Deleted
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Deleted
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Infected with: Trojan.Downloader.Winfixer.E
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Disinfection failed
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Deleted
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Infected with: Trojan.Downloader.Winfixer.E
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Disinfection failed
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Deleted
C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Deleted
C:\Program Files\Fichiers communs\mtpfdopm\mmebrmlslo\cqqrorfrf.exe
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\mtpfdopm\mmebrmlslo\cqqrorfrf.exe
Deleted
C:\Program Files\Fichiers communs\mtpfdopm\olbbaqdo\pfqaoqqp.exe
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\mtpfdopm\olbbaqdo\pfqaoqqp.exe
Deleted
C:\Program Files\NewDotNet\newdotnet7_48.dll
Detected with: Adware.Newdotnet.U
C:\Program Files\NewDotNet\newdotnet7_48.dll
Disinfection failed
C:\Program Files\NewDotNet\newdotnet7_48.dll
Delete failed
C:\Program Files\NewDotNet\uninstall7_48.exe
Detected with: Adware.Newdotnet.U
C:\Program Files\NewDotNet\uninstall7_48.exe
Disinfection failed
C:\Program Files\NewDotNet\uninstall7_48.exe
Deleted
C:\Program Files\WinRAR\Default.SFX
Infected with: Trojan.Peed.Gen
C:\Program Files\WinRAR\Default.SFX
Disinfection failed
C:\Program Files\WinRAR\Default.SFX
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Detected with: Application.Adware.NewDotNet.B
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Infected with: MemScan:Trojan.Downloader.Wintrim.NAG
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Infected with: GenPack:Trojan.Spy.Mslagent.D
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Infected with: Dropped:Backdoor.Ruledor.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Infected with: Dropped:Backdoor.Ruledor.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647327.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647327.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647328.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647328.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647329.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647329.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647330.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647330.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647331.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647331.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647332.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647332.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647333.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647333.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647334.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647334.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647335.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647335.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647336.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647336.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647337.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647337.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647338.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647338.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647339.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647339.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647340.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647340.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647341.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647341.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647342.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647342.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647343.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647343.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647344.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647344.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647345.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647345.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647346.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647346.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647347.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647347.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647348.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647348.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647349.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647349.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647350.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647350.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647351.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647351.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647352.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647352.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647353.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647353.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647354.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647354.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647355.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647355.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647356.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647356.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647357.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647357.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647358.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647358.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647359.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647359.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647360.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647360.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647361.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647361.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647362.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647362.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647363.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647363.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647364.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647364.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647365.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647365.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647366.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647366.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647367.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647367.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647368.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647368.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647369.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647369.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647370.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647370.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647371.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647371.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647372.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647372.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647373.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647373.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647374.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647374.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647375.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647375.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647376.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647376.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647377.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647377.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647378.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647378.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647379.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647379.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647380.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647380.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647381.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647381.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647382.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647382.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647383.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647383.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647384.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647384.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647385.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647385.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647386.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647386.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647387.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647387.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647388.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647388.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647389.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647389.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647390.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647390.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647391.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647391.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647392.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647392.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647393.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647393.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647394.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647394.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647395.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647395.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647396.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647396.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647397.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647397.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647398.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647398.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647399.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647399.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647400.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647400.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647401.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647401.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647402.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647402.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647403.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647403.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647404.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647404.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647405.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647405.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647406.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647406.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647407.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647407.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647408.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647408.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647409.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647409.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647410.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647410.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647411.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647411.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647412.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647412.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647413.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647413.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647414.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647414.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647415.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647415.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647416.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647416.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647417.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647417.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647418.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647418.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647419.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647419.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647420.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647420.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647421.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647421.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647422.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647422.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647423.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647423.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647424.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647424.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647425.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647425.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647426.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647426.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647427.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647427.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647428.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647428.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647429.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647429.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647430.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647430.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647431.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647431.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647432.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647432.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647433.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647433.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647434.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647434.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647435.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647435.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647436.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647436.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647437.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647437.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647438.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647438.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647439.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647439.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647440.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647440.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647441.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647441.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647442.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647442.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647443.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647443.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647444.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647444.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647445.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647445.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647446.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647446.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647447.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647447.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647448.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647448.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647449.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647449.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647450.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647450.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647451.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647451.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647452.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647452.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647453.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647453.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647454.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647454.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647455.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647455.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647456.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647456.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647457.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647457.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647458.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647458.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647459.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647459.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647460.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647460.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647461.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647461.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647462.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647462.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647463.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647463.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647464.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647464.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647465.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647465.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647466.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647466.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647467.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647467.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647468.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647468.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647469.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647469.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647470.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647470.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647471.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647471.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647472.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647472.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647473.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647473.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647474.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647474.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647475.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647475.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647476.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647476.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647477.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647477.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647478.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647478.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647479.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647479.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647480.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647480.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647481.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647481.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647482.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647482.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647483.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647483.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647484.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647484.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647485.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647485.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647486.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647486.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647487.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647487.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647488.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647488.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Infected with: Trojan.Dialer.Mini.Gen
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Infected with: Trojan.Downloader.Stubby.C
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Infected with: Trojan.Downloader.Dyfuca.Dam.2
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Infected with: GenPack:Trojan.Downloader.Stubby.D
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Infected with: GenPack:Trojan.Downloader.Wintrim.AW
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Infected with: MemScan:Trojan.Downloader.Agent.AE
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Infected with: Trojan.Downloader.Agent.AE
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Infected with: Trojan.Bispy.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Detected with: Adware.Serchentrix.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Infected with: Trojan.Bispy.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Infected with: Trojan.Bispy.B
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Infected with: MemScan:Adware.SideFind
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Infected with: MemScan:Adware.Sidefinder.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Infected with: GenPack:Trojan.Downloader.IstBar.DI
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Infected with: MemScan:Trojan.Dialer.HY
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Infected with: Trojan.Agent.BPB
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Infected with: GenPack:Trojan.BettInet.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Infected with: BehavesLike:Win32.IRC-Backdoor
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Deleted
C:\UNWISE.EXE
Infected with: Win32.Muce.A
C:\UNWISE.EXE
Disinfection failed
C:\UNWISE.EXE
Deleted
C:\WINDOWS\SYSTEM32\okshook.dll
Infected with: Trojan.Downloader.Small.AMB
C:\WINDOWS\SYSTEM32\okshook.dll
Disinfection failed
C:\WINDOWS\SYSTEM32\okshook.dll
Deleted
C:\WINDOWS\SYSTEM32\polall1m.exe
Infected with: MemScan:Trojan.Downloader.Agent.AE
C:\WINDOWS\SYSTEM32\polall1m.exe
Disinfection failed
C:\WINDOWS\SYSTEM32\polall1m.exe
Deleted
Merci pour tout greenday, cordialement
BitDefender Online Scanner
Scan report generated at: Sun, Jun 03, 2007 - 03:26:55
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:18:20
Files
174108
Folders
7186
Boot Sectors
3
Archives
14101
Packed Files
6718
Results
Identified Viruses
33
Infected Files
210
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
209
Engines Info
Virus Definitions
479224
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
7
Archive plugins
20
Unpack plugins
3
E-mail plugins
3
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0005_262b7\Setup.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CLEANUP2\CleanUp2.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RESOTTBP\RETOTTBP.exe
Deleted
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\RETOTTBP\RETOTTBP.exe
Deleted
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Disinfection failed
C:\Documents and Settings\Default User\Local Settings\Temp\~WKS99TEMP\launcher.exe
Deleted
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Infected with: Win32.Muce.A
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Disinfection failed
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
Deleted
C:\hp\bin\Terminator.exe
Infected with: Trojan.Killapp.30208.A
C:\hp\bin\Terminator.exe
Disinfection failed
C:\hp\bin\Terminator.exe
Deleted
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Detected with: Application.Adware.180solutions.A
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Disinfection failed
C:\Program Files\180Solutions\nCASE\msbb042\msbb.exe
Deleted
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Detected with: Application.Adware.180solutions.A
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Disinfection failed
C:\Program Files\180Solutions\nCASE\msbb0982\msbb.exe
Deleted
C:\Program Files\Adverts\uninst.exe
Infected with: Trojan.Peed.Gen
C:\Program Files\Adverts\uninst.exe
Disinfection failed
C:\Program Files\Adverts\uninst.exe
Deleted
C:\Program Files\C2Media\Setup.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.DO
C:\Program Files\C2Media\Setup.exe
Disinfection failed
C:\Program Files\C2Media\Setup.exe
Deleted
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GDwldEng.dll
Deleted
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Deleted
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Detected with: Adware.Gator.A
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Disinfection failed
C:\Program Files\Fichiers communs\CMEII\GStore.dll
Deleted
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Infected with: Trojan.Downloader.Winfixer.E
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Disinfection failed
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
Deleted
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Infected with: Trojan.Downloader.Winfixer.E
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Disinfection failed
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
Deleted
C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Deleted
C:\Program Files\Fichiers communs\mtpfdopm\mmebrmlslo\cqqrorfrf.exe
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\mtpfdopm\mmebrmlslo\cqqrorfrf.exe
Deleted
C:\Program Files\Fichiers communs\mtpfdopm\olbbaqdo\pfqaoqqp.exe
Detected with: Adware.Gator.B
C:\Program Files\Fichiers communs\mtpfdopm\olbbaqdo\pfqaoqqp.exe
Deleted
C:\Program Files\NewDotNet\newdotnet7_48.dll
Detected with: Adware.Newdotnet.U
C:\Program Files\NewDotNet\newdotnet7_48.dll
Disinfection failed
C:\Program Files\NewDotNet\newdotnet7_48.dll
Delete failed
C:\Program Files\NewDotNet\uninstall7_48.exe
Detected with: Adware.Newdotnet.U
C:\Program Files\NewDotNet\uninstall7_48.exe
Disinfection failed
C:\Program Files\NewDotNet\uninstall7_48.exe
Deleted
C:\Program Files\WinRAR\Default.SFX
Infected with: Trojan.Peed.Gen
C:\Program Files\WinRAR\Default.SFX
Disinfection failed
C:\Program Files\WinRAR\Default.SFX
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Detected with: Application.Adware.NewDotNet.B
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP871\A0639707.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Infected with: MemScan:Trojan.Downloader.Wintrim.NAG
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647198.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Infected with: GenPack:Trojan.Spy.Mslagent.D
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647205.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Infected with: Dropped:Backdoor.Ruledor.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647325.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Infected with: Dropped:Backdoor.Ruledor.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647326.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647327.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647327.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647328.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647328.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647329.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647329.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647330.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647330.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647331.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647331.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647332.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647332.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647333.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647333.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647334.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647334.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647335.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647335.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647336.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647336.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647337.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647337.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647338.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647338.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647339.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647339.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647340.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647340.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647341.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647341.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647342.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647342.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647343.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647343.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647344.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647344.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647345.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647345.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647346.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647346.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647347.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647347.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647348.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647348.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647349.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647349.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647350.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647350.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647351.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647351.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647352.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647352.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647353.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647353.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647354.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647354.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647355.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647355.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647356.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647356.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647357.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647357.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647358.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647358.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647359.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647359.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647360.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647360.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647361.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647361.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647362.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647362.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647363.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647363.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647364.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647364.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647365.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647365.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647366.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647366.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647367.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647367.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647368.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647368.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647369.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647369.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647370.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647370.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647371.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647371.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647372.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647372.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647373.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647373.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647374.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647374.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647375.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647375.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647376.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647376.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647377.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647377.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647378.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647378.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647379.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647379.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647380.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647380.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647381.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647381.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647382.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647382.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647383.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647383.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647384.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647384.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647385.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647385.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647386.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647386.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647387.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647387.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647388.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647388.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647389.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647389.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647390.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647390.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647391.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647391.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647392.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647392.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647393.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647393.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647394.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647394.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647395.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647395.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647396.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647396.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647397.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647397.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647398.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647398.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647399.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647399.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647400.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647400.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647401.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647401.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647402.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647402.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647403.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647403.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647404.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647404.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647405.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647405.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647406.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647406.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647407.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647407.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647408.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647408.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647409.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647409.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647410.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647410.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647411.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647411.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647412.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647412.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647413.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647413.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647414.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647414.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647415.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647415.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647416.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647416.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647417.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647417.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647418.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647418.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647419.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647419.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647420.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647420.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647421.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647421.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647422.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647422.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647423.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647423.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647424.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647424.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647425.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647425.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647426.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647426.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647427.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647427.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647428.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647428.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647429.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647429.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647430.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647430.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647431.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647431.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647432.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647432.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647433.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647433.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647434.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647434.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647435.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647435.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647436.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647436.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647437.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647437.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647438.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647438.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647439.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647439.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647440.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647440.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647441.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647441.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647442.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647442.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647443.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647443.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647444.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647444.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647445.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647445.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647446.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647446.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647447.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647447.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647448.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647448.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647449.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647449.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647450.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647450.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647451.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647451.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647452.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647452.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647453.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647453.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647454.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647454.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647455.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647455.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647456.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647456.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647457.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647457.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647458.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647458.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647459.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647459.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647460.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647460.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647461.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647461.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647462.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647462.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647463.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647463.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647464.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647464.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647465.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647465.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647466.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647466.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647467.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647467.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647468.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647468.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647469.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647469.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647470.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647470.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647471.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647471.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647472.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647472.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647473.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647473.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647474.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647474.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647475.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647475.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647476.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647476.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647477.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647477.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647478.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647478.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647479.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647479.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647480.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647480.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647481.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647481.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647482.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647482.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647483.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647483.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647484.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647484.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647485.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647485.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647486.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647486.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647487.exe
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647487.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647488.dll
Infected with: Win32.Mabutu.A@mm
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647488.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Infected with: Trojan.Dialer.Mini.Gen
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647489.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Infected with: Trojan.Downloader.Stubby.C
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647490.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Infected with: Trojan.Downloader.Dyfuca.Dam.2
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647491.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Infected with: GenPack:Trojan.Downloader.Stubby.D
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647492.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Infected with: GenPack:Trojan.Downloader.Wintrim.AW
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647493.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Infected with: MemScan:Trojan.Downloader.Agent.AE
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647494.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Infected with: Trojan.Downloader.Agent.AE
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647495.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Infected with: Trojan.Bispy.E
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647496.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Detected with: Adware.Serchentrix.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647497.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Infected with: Trojan.Bispy.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647498.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Infected with: Trojan.Bispy.B
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647499.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Infected with: MemScan:Adware.SideFind
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647501.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Infected with: MemScan:Adware.Sidefinder.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647502.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Infected with: GenPack:Trojan.Downloader.IstBar.DI
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647503.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Infected with: MemScan:Trojan.Dialer.HY
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647589.dll
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Infected with: Trojan.Agent.BPB
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647590.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Infected with: GenPack:Trojan.BettInet.A
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647603.exe
Deleted
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Infected with: BehavesLike:Win32.IRC-Backdoor
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Disinfection failed
C:\System Volume Information\_restore{2C886B28-7BBB-4045-A65F-B0E27997831D}\RP892\A0647604.exe
Deleted
C:\UNWISE.EXE
Infected with: Win32.Muce.A
C:\UNWISE.EXE
Disinfection failed
C:\UNWISE.EXE
Deleted
C:\WINDOWS\SYSTEM32\okshook.dll
Infected with: Trojan.Downloader.Small.AMB
C:\WINDOWS\SYSTEM32\okshook.dll
Disinfection failed
C:\WINDOWS\SYSTEM32\okshook.dll
Deleted
C:\WINDOWS\SYSTEM32\polall1m.exe
Infected with: MemScan:Trojan.Downloader.Agent.AE
C:\WINDOWS\SYSTEM32\polall1m.exe
Disinfection failed
C:\WINDOWS\SYSTEM32\polall1m.exe
Deleted
Merci pour tout greenday, cordialement
J'ai mis ca aussi, c'est la meme chose, mais je prefere mettre les deux defois que ca peut servir
voila, encore merci
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sun, Jun 03, 2007 - 03:29:01
--------------------------------------------------------------------------------
Scan Info
Scanned Files
174175
Infected Files
210
Virus Detected
Dropped:Backdoor.Ruledor.E
2
GenPack:Trojan.Spy.Mslagent.D
1
GenPack:Trojan.Downloader.Wintrim.AW
1
Trojan.Dialer.Mini.Gen
1
BehavesLike:Win32.IRC-Backdoor
1
MemScan:Trojan.Downloader.Wintrim.NAG
1
Adware.Gator.A
3
Application.Adware.NewDotNet.B
1
Adware.Gator.B
3
MemScan:Adware.SideFind
1
Trojan.Bispy.A
1
Trojan.Killapp.30208.A
1
GenPack:Trojan.Downloader.IstBar.DI
1
Trojan.Bispy.B
1
Adware.Serchentrix.A
1
Trojan.Downloader.Stubby.C
1
MemScan:Trojan.Dialer.HY
1
Trojan.Downloader.Winfixer.E
2
GenPack:Trojan.Downloader.Swizzor.DO
1
Adware.Newdotnet.U
2
GenPack:Trojan.BettInet.A
1
Trojan.Bispy.E
1
MemScan:Adware.Sidefinder.A
1
Trojan.Downloader.Agent.AE
1
Application.Adware.180solutions.A
2
MemScan:Trojan.Downloader.Agent.AE
2
Trojan.Peed.Gen
2
Trojan.Agent.BPB
1
GenPack:Trojan.Downloader.Stubby.D
1
Win32.Muce.A
7
Trojan.Downloader.Dyfuca.Dam.2
1
Win32.Mabutu.A@mm
162
Trojan.Downloader.Small.AMB
1
--------------------------------------------------------------------------------
Cordialement
voila, encore merci
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sun, Jun 03, 2007 - 03:29:01
--------------------------------------------------------------------------------
Scan Info
Scanned Files
174175
Infected Files
210
Virus Detected
Dropped:Backdoor.Ruledor.E
2
GenPack:Trojan.Spy.Mslagent.D
1
GenPack:Trojan.Downloader.Wintrim.AW
1
Trojan.Dialer.Mini.Gen
1
BehavesLike:Win32.IRC-Backdoor
1
MemScan:Trojan.Downloader.Wintrim.NAG
1
Adware.Gator.A
3
Application.Adware.NewDotNet.B
1
Adware.Gator.B
3
MemScan:Adware.SideFind
1
Trojan.Bispy.A
1
Trojan.Killapp.30208.A
1
GenPack:Trojan.Downloader.IstBar.DI
1
Trojan.Bispy.B
1
Adware.Serchentrix.A
1
Trojan.Downloader.Stubby.C
1
MemScan:Trojan.Dialer.HY
1
Trojan.Downloader.Winfixer.E
2
GenPack:Trojan.Downloader.Swizzor.DO
1
Adware.Newdotnet.U
2
GenPack:Trojan.BettInet.A
1
Trojan.Bispy.E
1
MemScan:Adware.Sidefinder.A
1
Trojan.Downloader.Agent.AE
1
Application.Adware.180solutions.A
2
MemScan:Trojan.Downloader.Agent.AE
2
Trojan.Peed.Gen
2
Trojan.Agent.BPB
1
GenPack:Trojan.Downloader.Stubby.D
1
Win32.Muce.A
7
Trojan.Downloader.Dyfuca.Dam.2
1
Win32.Mabutu.A@mm
162
Trojan.Downloader.Small.AMB
1
--------------------------------------------------------------------------------
Cordialement
Voila, le dernier, est ce que j'ai bien effectué tout le travail demandé? car vous savez je suis pas trés doué LOL.
Merci en tout cas, et si j'ai mal fait quelque chose, precisez moi ce que je dois recommencer. Encore merci
Logfile of HijackThis v1.99.1
Scan saved at 03:42:33, on 03/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSBBCore Class - {00000000-0000-0000-0000-000000002230} - C:\Program Files\CSBB\CSBB.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll (file missing)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll (file missing)
O2 - BHO: UrlCatcher Class - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll (file missing)
O2 - BHO: (no name) - {EFD84954-6B46-42f4-81F3-94CE9A77052D} - (no file)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Dragdiag] C:\WINDOWS\system32\dragdiag.exe /icon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://hosting1.affiliate69.com/~dimiweb/magalie/magalie.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15D0E439-4E58-45E1-A9C1-0B1B16749A3C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://1102688714000.kit.sexequalite.com/10518/CD/DiabloteenLive.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A5F650A-E446-4BAA-81E3-0AA31C75025C}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB5D5080-1C89-465D-8F72-AB0403DF1752}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Cordialement
Merci en tout cas, et si j'ai mal fait quelque chose, precisez moi ce que je dois recommencer. Encore merci
Logfile of HijackThis v1.99.1
Scan saved at 03:42:33, on 03/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSBBCore Class - {00000000-0000-0000-0000-000000002230} - C:\Program Files\CSBB\CSBB.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll (file missing)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll (file missing)
O2 - BHO: UrlCatcher Class - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll (file missing)
O2 - BHO: (no name) - {EFD84954-6B46-42f4-81F3-94CE9A77052D} - (no file)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Dragdiag] C:\WINDOWS\system32\dragdiag.exe /icon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://hosting1.affiliate69.com/~dimiweb/magalie/magalie.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15D0E439-4E58-45E1-A9C1-0B1B16749A3C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://1102688714000.kit.sexequalite.com/10518/CD/DiabloteenLive.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A5F650A-E446-4BAA-81E3-0AA31C75025C}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB5D5080-1C89-465D-8F72-AB0403DF1752}: NameServer = 205.188.146.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Cordialement
Salut
ok, c'est très bien ! ;-)
à supprimer : les programmes suivants :
( aller dans démarrer < panneau de configuration < ajout/supprimer un programme )
CSBB
MyWay
SideFind
NewDotNet
ensuite :
# Télécharge ceci: (merci a S!RI pour ce petit programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.
++
ok, c'est très bien ! ;-)
à supprimer : les programmes suivants :
( aller dans démarrer < panneau de configuration < ajout/supprimer un programme )
CSBB
MyWay
SideFind
NewDotNet
ensuite :
# Télécharge ceci: (merci a S!RI pour ce petit programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.
++
Quand je vais dans panneau de configuration et que je rentre dans ajouter ou supprimer des programmes, je ne trouves aucun de ces programmes, c'est normal? ils sont peut etre ailleurs?
merci
merci
Je dois vraiment pas être doué lol, car j'arrive pas a les supprimer, a chaque fois ca me marque accés refusé, comme quoi je dois verifier si mon disque n'est pas plein, ou si j'utilise pas le programme.
J'ai redémaré pour essayé a nouveau, ca marche toujours pas, j'ai juste reussi a enlevé Sidefind
Merci de m'aider une nouvelle fois
Cordialement
J'ai redémaré pour essayé a nouveau, ca marche toujours pas, j'ai juste reussi a enlevé Sidefind
Merci de m'aider une nouvelle fois
Cordialement
Voila j'ai reussi a supprimer les 4 programmes marqués au dessus et la j'ai fait cela:
SmitFraudFix v2.190
Rapport fait à 19:33:55,75, 03/06/2007
Executé à partir de C:\Documents and
Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and
Settings\Propri‚taire
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and
Settings\Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32-xpdt
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 205.188.146.145
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 205.188.146.145
HKLM\SYSTEM\CCS\Services\Tcpip\..\{18F162E0-E9B0-4EBF-A016-
4AF1943B35CF}: NameServer=205.188.146.145
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6477D629-10CC-42BB-951F-
7E3FFF9776E5}: NameServer=205.188.146.145
HKLM\SYSTEM\CS1\Services\Tcpip\..\{18F162E0-E9B0-4EBF-A016-
4AF1943B35CF}: NameServer=205.188.146.145
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6477D629-10CC-42BB-951F-
7E3FFF9776E5}: NameServer=205.188.146.145
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Je dois attendre ou continuer le processus du lien juste avant?
Cordialement
SmitFraudFix v2.190
Rapport fait à 19:33:55,75, 03/06/2007
Executé à partir de C:\Documents and
Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and
Settings\Propri‚taire
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and
Settings\Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément
infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32-xpdt
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 205.188.146.145
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 205.188.146.145
HKLM\SYSTEM\CCS\Services\Tcpip\..\{18F162E0-E9B0-4EBF-A016-
4AF1943B35CF}: NameServer=205.188.146.145
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6477D629-10CC-42BB-951F-
7E3FFF9776E5}: NameServer=205.188.146.145
HKLM\SYSTEM\CS1\Services\Tcpip\..\{18F162E0-E9B0-4EBF-A016-
4AF1943B35CF}: NameServer=205.188.146.145
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6477D629-10CC-42BB-951F-
7E3FFF9776E5}: NameServer=205.188.146.145
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Je dois attendre ou continuer le processus du lien juste avant?
Cordialement
re
ok, rien à signaler !
Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, choisis l'option 1
Poste le rapport qui se trouve ici C:\rapport_clean.txt
ensuite :
# Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, choisis l'option 2
Poste le rapport qui se trouve ici C:\rapport_clean.txt
ensuite, remets un nouveau hijack stp
++
ok, rien à signaler !
Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, choisis l'option 1
Poste le rapport qui se trouve ici C:\rapport_clean.txt
ensuite :
# Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, choisis l'option 2
Poste le rapport qui se trouve ici C:\rapport_clean.txt
ensuite, remets un nouveau hijack stp
++