Nettoyage pc avec HijackThis [Résolu/Fermé]

Signaler
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
-
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
-
Bonjour,

Alors voila ces temps si j'ai des probleme avec mon pc, j'ai des page internet qui s'ouvre toutes seule qui me marque que "vous n'etes pas connecté...", enormement de pub pour désinfection d'ordinateur qui s'ouvre periodiquement mais le pire c'est qu'avec avast j'ai découvert 66 cheval de troie et virus. Il sont tous en quarantaine puisque dès le premier virus supprimé, explorer bug souvent quand je suis sur internet (je peut plus rien lancer, la souri marche mais pas le clic droit et la page internet reste figer). Du coup je doit terminer sont processus et le relancer tout de suite après pour que sa marche.

Enfin je voulai surtout que quelqu'un me guide dans les differentes étape de nettoyage de mon pc avec la methode comprenant le logiciel "hijackthis" et "lopxpMH2_Beta2.bat". En effet j'ai regarder un post qui avait des probleme similaire mais il faudrai quelqun de competent pour analyser le log. J'ai déjà fais l'analyse donc si quelqu'un pourait m'offrir de son precieux temps pour sauver mon pc svp, merci d'avance


Logfile of HijackThis v1.99.1
Scan saved at 22:50:13, on 04/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\admServ.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis\scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3D6A0176-84AD-4CBE-9EE1-69D544F63844} - C:\WINDOWS\system32\mljge.dll
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\gmmvikhl.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {73BA12CB-F801-41F7-B199-0474FB66D090} - C:\WINDOWS\system32\ljjgdcc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {9AE99EC3-BBE2-4E0F-8214-AF0ABACC0A09} - C:\WINDOWS\system32\xvlbasba.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Aticcc] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\dasqoowk.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: ljjgdcc - C:\WINDOWS\SYSTEM32\ljjgdcc.dll
O20 - Winlogon Notify: mljge - C:\WINDOWS\system32\mljge.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winwil32 - winwil32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

27 réponses

Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
Bonjour

Pas très en effet !


¤ Télécharge VundoFix
---> http://www.atribune.org/ccount/click.php?id=4

Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..

double clic dessus choisis "start for vundo"
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer si non, fais le par toi même
Une fois qu'il a redémarré colle le rapport C:\vundofix.txt



¤ Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp

Téléchargeable et tutoriel sur cette page :
--> http://redir.fr/gsel



¤ Fais ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/



J'attends donc trois rapports ;-)
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Déja un grand meci pour ton aide, et ci joint mon premier rappor (les deux autre seron fait ce soir des que je rentrerai du boulo vers 17h30). J'ai eu un petit probleme puisque Vundo n'a pas réussi a supprimer 4 fichier. Par contre le logiciel s'est lancé en redemarrant mon pc, j'ai pas su quoi faire donc j'ai laisser en marche et jattent ta sugestion (les fichier son egjlm.ini, egjlm.ini2, ljjdcc.dll et mljge.dll comme si il avait refait un scan)


VundoFix V6.5.4
Checking Java version...
Java version is 1.5.0.10
Scan started at 07:29:28 05/07/2007
Listing files found while scanning....
C:\windows\system32\alrytrnk.ini
C:\windows\system32\aohyxnoh.ini
C:\windows\system32\apgxkqhp.ini
C:\windows\system32\atehrbrw.exe
C:\windows\system32\awpbewhx.ini
C:\windows\system32\awvedicw.exe
C:\WINDOWS\system32\ayyltwjg.dll
C:\windows\system32\bcjtswig.dll
C:\windows\system32\bcoywmxo.dll
C:\windows\system32\bgdpfjmx.dll
C:\windows\system32\bnauschf.dll
C:\windows\system32\cbjnkuns.ini
C:\windows\system32\cbwrspll.dll
C:\windows\system32\cifakjin.exe
C:\windows\system32\ckndqelf.exe
C:\WINDOWS\system32\cqsuiicl.dll
C:\windows\system32\cttcsshk.dll
C:\windows\system32\cvftpyhy.exe
C:\windows\system32\dasqoowk.dll
C:\windows\system32\dcghlyoc.exe
C:\windows\system32\egjlm.bak1
C:\windows\system32\egjlm.bak2
C:\windows\system32\egjlm.ini
C:\windows\system32\egjlm.ini2
C:\windows\system32\egjlm.tmp
C:\windows\system32\ehaaaiwx.exe
C:\windows\system32\eojctowi.dll
C:\windows\system32\ereaghju.dll
C:\windows\system32\faknsadc.exe
C:\windows\system32\fanhjxba.exe
C:\windows\system32\fdyqphxq.exe
C:\windows\system32\fjsbqess.ini
C:\windows\system32\fjwbaurg.dll
C:\windows\system32\flbhmbvx.exe
C:\windows\system32\fwshpcqg.ini
C:\windows\system32\fxrlocmo.dll
C:\windows\system32\giinqmdb.dll
C:\WINDOWS\system32\gmmvikhl.dll
C:\windows\system32\gqcphswf.dll
C:\windows\system32\gruabwjf.ini
C:\windows\system32\hfbtkrcn.dll
C:\windows\system32\hlslmjpv.dll
C:\windows\system32\hlwsuhjy.dll
C:\WINDOWS\system32\honxyhoa.dll
C:\windows\system32\hshqenas.ini
C:\windows\system32\jgmkqawo.ini
C:\windows\system32\jmvgefcc.exe
C:\windows\system32\juhkoskl.dll
C:\windows\system32\juhpolcs.ini
C:\windows\system32\jytrotuy.dll
C:\windows\system32\khlarxjx.dll
C:\windows\system32\klfdnwvn.exe
C:\windows\system32\knrtyrla.dll
C:\windows\system32\kpclaqem.dll
C:\windows\system32\kvxehaeu.exe
C:\windows\system32\kwooqsad.ini
C:\windows\system32\ldrjfgan.ini
C:\WINDOWS\system32\ljjgdcc.dll
C:\windows\system32\ljjhedb.dll
C:\windows\system32\lksokhuj.ini
C:\windows\system32\lumkvlks.ini
C:\windows\system32\lvxvynxo.exe
C:\windows\system32\mcrropgy.exe
C:\WINDOWS\system32\mljge.dll
C:\windows\system32\mlwunxpt.ini
C:\windows\system32\nagfjrdl.dll
C:\windows\system32\ncrktbfh.ini
C:\windows\system32\nhaqmber.dll
C:\windows\system32\nlfoxmqp.dll
C:\windows\system32\omcolrxf.ini
C:\windows\system32\oojitejv.ini
C:\windows\system32\owaqkmgj.dll
C:\windows\system32\phqkxgpa.dll
C:\windows\system32\pohkqxly.ini
C:\windows\system32\poiiykgs.ini
C:\windows\system32\pqmxofln.ini
C:\windows\system32\pxksxljr.ini
C:\windows\system32\qhaqwocf.exe
C:\WINDOWS\system32\qnmlcgbt.dll
C:\windows\system32\rebmqahn.ini
C:\windows\system32\rjlxskxp.dll
C:\windows\system32\rnfkotmw.ini
C:\windows\system32\rvdtjxul.exe
C:\windows\system32\saneqhsh.dll
C:\windows\system32\sclophuj.dll
C:\windows\system32\sgkyiiop.dll
C:\windows\system32\siybtmiv.exe
C:\windows\system32\sklvkmul.dll
C:\windows\system32\smlxvbib.dll
C:\windows\system32\snuknjbc.dll
C:\windows\system32\spjkinyt.dll
C:\windows\system32\sqmpjqbw.ini
C:\windows\system32\srbdaenc.exe
C:\windows\system32\sseqbsjf.dll
C:\windows\system32\ssqnopm.dll
C:\windows\system32\suaaiddk.exe
C:\windows\system32\svrlqfcx.dll
C:\windows\system32\teiquipw.dll
C:\windows\system32\tgtplgkf.dll
C:\windows\system32\tpxnuwlm.dll
C:\windows\system32\tqqhprjl.exe
C:\windows\system32\tynikjps.ini
C:\windows\system32\ujhgaere.ini
C:\windows\system32\unmldhch.exe
C:\windows\system32\uvssfoka.exe
C:\windows\system32\vjetijoo.dll
C:\windows\system32\vmekcwwi.exe
C:\windows\system32\vpjmlslh.ini
C:\windows\system32\vqixdbrm.dll
C:\windows\system32\vswwgmvj.exe
C:\windows\system32\wbqjpmqs.dll
C:\windows\system32\wilgknxy.ini
C:\windows\system32\wmtokfnr.dll
C:\windows\system32\wnjaxyaq.exe
C:\windows\system32\worqqgyc.exe
C:\windows\system32\wpiuqiet.ini
C:\windows\system32\xcfqlrvs.ini
C:\windows\system32\xcmduxmd.exe
C:\windows\system32\xhwebpwa.dll
C:\windows\system32\xjxralhk.ini
C:\windows\system32\xmijccmb.exe
C:\windows\system32\xswwbfus.exe
C:\windows\system32\xvlbasba.dll
C:\windows\system32\xyqmulpf.exe
C:\windows\system32\yjhuswlh.ini
C:\windows\system32\ylxqkhop.dll
C:\windows\system32\yxnkgliw.dll
Beginning removal...
Attempting to delete C:\windows\system32\alrytrnk.ini
C:\windows\system32\alrytrnk.ini Has been deleted!
Attempting to delete C:\windows\system32\aohyxnoh.ini
C:\windows\system32\aohyxnoh.ini Has been deleted!
Attempting to delete C:\windows\system32\apgxkqhp.ini
C:\windows\system32\apgxkqhp.ini Has been deleted!
Attempting to delete C:\windows\system32\atehrbrw.exe
C:\windows\system32\atehrbrw.exe Has been deleted!
Attempting to delete C:\windows\system32\awpbewhx.ini
C:\windows\system32\awpbewhx.ini Has been deleted!
Attempting to delete C:\windows\system32\awvedicw.exe
C:\windows\system32\awvedicw.exe Has been deleted!
Attempting to delete C:\windows\system32\bcjtswig.dll
C:\windows\system32\bcjtswig.dll Has been deleted!
Attempting to delete C:\windows\system32\bcoywmxo.dll
C:\windows\system32\bcoywmxo.dll Has been deleted!
Attempting to delete C:\windows\system32\bgdpfjmx.dll
C:\windows\system32\bgdpfjmx.dll Has been deleted!
Attempting to delete C:\windows\system32\bnauschf.dll
C:\windows\system32\bnauschf.dll Has been deleted!
Attempting to delete C:\windows\system32\cbjnkuns.ini
C:\windows\system32\cbjnkuns.ini Has been deleted!
Attempting to delete C:\windows\system32\cbwrspll.dll
C:\windows\system32\cbwrspll.dll Has been deleted!
Attempting to delete C:\windows\system32\cifakjin.exe
C:\windows\system32\cifakjin.exe Has been deleted!
Attempting to delete C:\windows\system32\ckndqelf.exe
C:\windows\system32\ckndqelf.exe Has been deleted!
Attempting to delete C:\windows\system32\cttcsshk.dll
C:\windows\system32\cttcsshk.dll Has been deleted!
Attempting to delete C:\windows\system32\cvftpyhy.exe
C:\windows\system32\cvftpyhy.exe Has been deleted!
Attempting to delete C:\windows\system32\dasqoowk.dll
C:\windows\system32\dasqoowk.dll Has been deleted!
Attempting to delete C:\windows\system32\dcghlyoc.exe
C:\windows\system32\dcghlyoc.exe Has been deleted!
Attempting to delete C:\windows\system32\egjlm.bak1
C:\windows\system32\egjlm.bak1 Has been deleted!
Attempting to delete C:\windows\system32\egjlm.bak2
C:\windows\system32\egjlm.bak2 Has been deleted!
Attempting to delete C:\windows\system32\egjlm.ini
C:\windows\system32\egjlm.ini Has been deleted!
Attempting to delete C:\windows\system32\egjlm.ini2
C:\windows\system32\egjlm.ini2 Has been deleted!
Attempting to delete C:\windows\system32\egjlm.tmp
C:\windows\system32\egjlm.tmp Has been deleted!
Attempting to delete C:\windows\system32\ehaaaiwx.exe
C:\windows\system32\ehaaaiwx.exe Has been deleted!
Attempting to delete C:\windows\system32\eojctowi.dll
C:\windows\system32\eojctowi.dll Has been deleted!
Attempting to delete C:\windows\system32\ereaghju.dll
C:\windows\system32\ereaghju.dll Has been deleted!
Attempting to delete C:\windows\system32\faknsadc.exe
C:\windows\system32\faknsadc.exe Has been deleted!
Attempting to delete C:\windows\system32\fanhjxba.exe
C:\windows\system32\fanhjxba.exe Has been deleted!
Attempting to delete C:\windows\system32\fdyqphxq.exe
C:\windows\system32\fdyqphxq.exe Has been deleted!
Attempting to delete C:\windows\system32\fjsbqess.ini
C:\windows\system32\fjsbqess.ini Has been deleted!
Attempting to delete C:\windows\system32\fjwbaurg.dll
C:\windows\system32\fjwbaurg.dll Has been deleted!
Attempting to delete C:\windows\system32\flbhmbvx.exe
C:\windows\system32\flbhmbvx.exe Has been deleted!
Attempting to delete C:\windows\system32\fwshpcqg.ini
C:\windows\system32\fwshpcqg.ini Has been deleted!
Attempting to delete C:\windows\system32\fxrlocmo.dll
C:\windows\system32\fxrlocmo.dll Has been deleted!
Attempting to delete C:\windows\system32\giinqmdb.dll
C:\windows\system32\giinqmdb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gmmvikhl.dll
C:\WINDOWS\system32\gmmvikhl.dll Has been deleted!
Attempting to delete C:\windows\system32\gqcphswf.dll
C:\windows\system32\gqcphswf.dll Has been deleted!
Attempting to delete C:\windows\system32\gruabwjf.ini
C:\windows\system32\gruabwjf.ini Has been deleted!
Attempting to delete C:\windows\system32\hfbtkrcn.dll
C:\windows\system32\hfbtkrcn.dll Has been deleted!
Attempting to delete C:\windows\system32\hlslmjpv.dll
C:\windows\system32\hlslmjpv.dll Has been deleted!
Attempting to delete C:\windows\system32\hlwsuhjy.dll
C:\windows\system32\hlwsuhjy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\honxyhoa.dll
C:\WINDOWS\system32\honxyhoa.dll Has been deleted!
Attempting to delete C:\windows\system32\hshqenas.ini
C:\windows\system32\hshqenas.ini Has been deleted!
Attempting to delete C:\windows\system32\jgmkqawo.ini
C:\windows\system32\jgmkqawo.ini Has been deleted!
Attempting to delete C:\windows\system32\jmvgefcc.exe
C:\windows\system32\jmvgefcc.exe Has been deleted!
Attempting to delete C:\windows\system32\juhkoskl.dll
C:\windows\system32\juhkoskl.dll Has been deleted!
Attempting to delete C:\windows\system32\juhpolcs.ini
C:\windows\system32\juhpolcs.ini Has been deleted!
Attempting to delete C:\windows\system32\jytrotuy.dll
C:\windows\system32\jytrotuy.dll Has been deleted!
Attempting to delete C:\windows\system32\khlarxjx.dll
C:\windows\system32\khlarxjx.dll Has been deleted!
Attempting to delete C:\windows\system32\klfdnwvn.exe
C:\windows\system32\klfdnwvn.exe Has been deleted!
Attempting to delete C:\windows\system32\knrtyrla.dll
C:\windows\system32\knrtyrla.dll Has been deleted!
Attempting to delete C:\windows\system32\kpclaqem.dll
C:\windows\system32\kpclaqem.dll Has been deleted!
Attempting to delete C:\windows\system32\kvxehaeu.exe
C:\windows\system32\kvxehaeu.exe Has been deleted!
Attempting to delete C:\windows\system32\kwooqsad.ini
C:\windows\system32\kwooqsad.ini Has been deleted!
Attempting to delete C:\windows\system32\ldrjfgan.ini
C:\windows\system32\ldrjfgan.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjgdcc.dll
C:\WINDOWS\system32\ljjgdcc.dll Could not be deleted.
Attempting to delete C:\windows\system32\ljjhedb.dll
C:\windows\system32\ljjhedb.dll Has been deleted!
Attempting to delete C:\windows\system32\lksokhuj.ini
C:\windows\system32\lksokhuj.ini Has been deleted!
Attempting to delete C:\windows\system32\lumkvlks.ini
C:\windows\system32\lumkvlks.ini Has been deleted!
Attempting to delete C:\windows\system32\lvxvynxo.exe
C:\windows\system32\lvxvynxo.exe Has been deleted!
Attempting to delete C:\windows\system32\mcrropgy.exe
C:\windows\system32\mcrropgy.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\mljge.dll Could not be deleted.
Attempting to delete C:\windows\system32\mlwunxpt.ini
C:\windows\system32\mlwunxpt.ini Has been deleted!
Attempting to delete C:\windows\system32\nagfjrdl.dll
C:\windows\system32\nagfjrdl.dll Has been deleted!
Attempting to delete C:\windows\system32\ncrktbfh.ini
C:\windows\system32\ncrktbfh.ini Has been deleted!
Attempting to delete C:\windows\system32\nhaqmber.dll
C:\windows\system32\nhaqmber.dll Has been deleted!
Attempting to delete C:\windows\system32\nlfoxmqp.dll
C:\windows\system32\nlfoxmqp.dll Has been deleted!
Attempting to delete C:\windows\system32\omcolrxf.ini
C:\windows\system32\omcolrxf.ini Has been deleted!
Attempting to delete C:\windows\system32\oojitejv.ini
C:\windows\system32\oojitejv.ini Has been deleted!
Attempting to delete C:\windows\system32\owaqkmgj.dll
C:\windows\system32\owaqkmgj.dll Has been deleted!
Attempting to delete C:\windows\system32\phqkxgpa.dll
C:\windows\system32\phqkxgpa.dll Has been deleted!
Attempting to delete C:\windows\system32\pohkqxly.ini
C:\windows\system32\pohkqxly.ini Has been deleted!
Attempting to delete C:\windows\system32\poiiykgs.ini
C:\windows\system32\poiiykgs.ini Has been deleted!
Attempting to delete C:\windows\system32\pqmxofln.ini
C:\windows\system32\pqmxofln.ini Has been deleted!
Attempting to delete C:\windows\system32\pxksxljr.ini
C:\windows\system32\pxksxljr.ini Has been deleted!
Attempting to delete C:\windows\system32\qhaqwocf.exe
C:\windows\system32\qhaqwocf.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\qnmlcgbt.dll
C:\WINDOWS\system32\qnmlcgbt.dll Has been deleted!
Attempting to delete C:\windows\system32\rebmqahn.ini
C:\windows\system32\rebmqahn.ini Has been deleted!
Attempting to delete C:\windows\system32\rjlxskxp.dll
C:\windows\system32\rjlxskxp.dll Has been deleted!
Attempting to delete C:\windows\system32\rnfkotmw.ini
C:\windows\system32\rnfkotmw.ini Has been deleted!
Attempting to delete C:\windows\system32\rvdtjxul.exe
C:\windows\system32\rvdtjxul.exe Has been deleted!
Attempting to delete C:\windows\system32\saneqhsh.dll
C:\windows\system32\saneqhsh.dll Has been deleted!
Attempting to delete C:\windows\system32\sclophuj.dll
C:\windows\system32\sclophuj.dll Has been deleted!
Attempting to delete C:\windows\system32\sgkyiiop.dll
C:\windows\system32\sgkyiiop.dll Has been deleted!
Attempting to delete C:\windows\system32\siybtmiv.exe
C:\windows\system32\siybtmiv.exe Has been deleted!
Attempting to delete C:\windows\system32\sklvkmul.dll
C:\windows\system32\sklvkmul.dll Has been deleted!
Attempting to delete C:\windows\system32\smlxvbib.dll
C:\windows\system32\smlxvbib.dll Has been deleted!
Attempting to delete C:\windows\system32\snuknjbc.dll
C:\windows\system32\snuknjbc.dll Has been deleted!
Attempting to delete C:\windows\system32\spjkinyt.dll
C:\windows\system32\spjkinyt.dll Has been deleted!
Attempting to delete C:\windows\system32\sqmpjqbw.ini
C:\windows\system32\sqmpjqbw.ini Has been deleted!
Attempting to delete C:\windows\system32\srbdaenc.exe
C:\windows\system32\srbdaenc.exe Has been deleted!
Attempting to delete C:\windows\system32\sseqbsjf.dll
C:\windows\system32\sseqbsjf.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqnopm.dll
C:\windows\system32\ssqnopm.dll Has been deleted!
Attempting to delete C:\windows\system32\suaaiddk.exe
C:\windows\system32\suaaiddk.exe Has been deleted!
Attempting to delete C:\windows\system32\svrlqfcx.dll
C:\windows\system32\svrlqfcx.dll Has been deleted!
Attempting to delete C:\windows\system32\teiquipw.dll
C:\windows\system32\teiquipw.dll Has been deleted!
Attempting to delete C:\windows\system32\tgtplgkf.dll
C:\windows\system32\tgtplgkf.dll Has been deleted!
Attempting to delete C:\windows\system32\tpxnuwlm.dll
C:\windows\system32\tpxnuwlm.dll Has been deleted!
Attempting to delete C:\windows\system32\tqqhprjl.exe
C:\windows\system32\tqqhprjl.exe Has been deleted!
Attempting to delete C:\windows\system32\tynikjps.ini
C:\windows\system32\tynikjps.ini Has been deleted!
Attempting to delete C:\windows\system32\ujhgaere.ini
C:\windows\system32\ujhgaere.ini Has been deleted!
Attempting to delete C:\windows\system32\unmldhch.exe
C:\windows\system32\unmldhch.exe Has been deleted!
Attempting to delete C:\windows\system32\uvssfoka.exe
C:\windows\system32\uvssfoka.exe Has been deleted!
Attempting to delete C:\windows\system32\vjetijoo.dll
C:\windows\system32\vjetijoo.dll Has been deleted!
Attempting to delete C:\windows\system32\vmekcwwi.exe
C:\windows\system32\vmekcwwi.exe Has been deleted!
Attempting to delete C:\windows\system32\vpjmlslh.ini
C:\windows\system32\vpjmlslh.ini Has been deleted!
Attempting to delete C:\windows\system32\vqixdbrm.dll
C:\windows\system32\vqixdbrm.dll Has been deleted!
Attempting to delete C:\windows\system32\vswwgmvj.exe
C:\windows\system32\vswwgmvj.exe Has been deleted!
Attempting to delete C:\windows\system32\wbqjpmqs.dll
C:\windows\system32\wbqjpmqs.dll Has been deleted!
Attempting to delete C:\windows\system32\wilgknxy.ini
C:\windows\system32\wilgknxy.ini Has been deleted!
Attempting to delete C:\windows\system32\wmtokfnr.dll
C:\windows\system32\wmtokfnr.dll Has been deleted!
Attempting to delete C:\windows\system32\wnjaxyaq.exe
C:\windows\system32\wnjaxyaq.exe Has been deleted!
Attempting to delete C:\windows\system32\worqqgyc.exe
C:\windows\system32\worqqgyc.exe Has been deleted!
Attempting to delete C:\windows\system32\wpiuqiet.ini
C:\windows\system32\wpiuqiet.ini Has been deleted!
Attempting to delete C:\windows\system32\xcfqlrvs.ini
C:\windows\system32\xcfqlrvs.ini Has been deleted!
Attempting to delete C:\windows\system32\xcmduxmd.exe
C:\windows\system32\xcmduxmd.exe Has been deleted!
Attempting to delete C:\windows\system32\xhwebpwa.dll
C:\windows\system32\xhwebpwa.dll Has been deleted!
Attempting to delete C:\windows\system32\xjxralhk.ini
C:\windows\system32\xjxralhk.ini Has been deleted!
Attempting to delete C:\windows\system32\xmijccmb.exe
C:\windows\system32\xmijccmb.exe Has been deleted!
Attempting to delete C:\windows\system32\xswwbfus.exe
C:\windows\system32\xswwbfus.exe Has been deleted!
Attempting to delete C:\windows\system32\xvlbasba.dll
C:\windows\system32\xvlbasba.dll Has been deleted!
Attempting to delete C:\windows\system32\xyqmulpf.exe
C:\windows\system32\xyqmulpf.exe Has been deleted!
Attempting to delete C:\windows\system32\yjhuswlh.ini
C:\windows\system32\yjhuswlh.ini Has been deleted!
Attempting to delete C:\windows\system32\ylxqkhop.dll
C:\windows\system32\ylxqkhop.dll Has been deleted!
Attempting to delete C:\windows\system32\yxnkgliw.dll
C:\windows\system32\yxnkgliw.dll Has been deleted!
Performing Repairs to the registry.
Done!
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Voila le rappor de AVG!!!
Par contre befender na rien detecté

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:52:31 05/07/2007

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj -> Adware.CoolWebSearch : Ignoré.
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1 -> Adware.CoolWebSearch : Ignoré.
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CLSID -> Adware.CoolWebSearch : Ignoré.
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CurVer -> Adware.CoolWebSearch : Ignoré.
C:\Program Files\InternetGameBox\uninst.exe -> Adware.NaviPromo : Ignoré.
C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll -> Adware.Softomate : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP150\A0061338.exe/crack.exe -> Adware.Virtumonde : Ignoré.
[1268] C:\WINDOWS\system32\mljge.dll -> Adware.Virtumonde : Ignoré.
[1980] C:\WINDOWS\system32\mljge.dll -> Adware.Virtumonde : Ignoré.
[2516] C:\WINDOWS\system32\mljge.dll -> Adware.Virtumonde : Ignoré.
[2948] C:\WINDOWS\system32\mljge.dll -> Adware.Virtumonde : Ignoré.
C:\Documents and Settings\moi\Menu Démarrer\3.tmp -> Downloader.Agent.brr : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP150\A0061338.exe/keygen.exe -> Downloader.LoadAdv : Ignoré.
C:\WINDOWS\Temp\winD47.tmp.exe -> Downloader.PurityScan.eg : Ignoré.
C:\cwainda.exe -> Downloader.Tiny.gx : Ignoré.
C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\9K0KKY00\srvfeo[1].exe -> Heuristic.Win32.Dialer : Ignoré.
C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\9K0KKY00\srvxjw[1].exe -> Heuristic.Win32.Dialer : Ignoré.
C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\HU8P6RGJ\srvthf[1].exe -> Heuristic.Win32.Dialer : Ignoré.
C:\WINDOWS\Temp\win2434.tmp.exe -> Heuristic.Win32.Dialer : Ignoré.
C:\WINDOWS\Temp\win2437.tmp.exe -> Heuristic.Win32.Dialer : Ignoré.
C:\WINDOWS\Temp\win2438.tmp.exe -> Heuristic.Win32.Dialer : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP148\A0061195.exe -> Hijacker.Agent.is : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065753.dll -> Hijacker.Small.mw : Ignoré.
D:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071515.exe -> Logger.BuffaMov.c : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP150\A0061341.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071804.exe -> Proxy.Dlena.ad : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WinOpts -> Proxy.Small : Ignoré.
:mozilla.170:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.32:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.33:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.34:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.35:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.36:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.37:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.38:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.39:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.40:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.41:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.43:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.44:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.45:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@saxobank.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.100:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.97:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@4.adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.154:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adition : Ignoré.
:mozilla.155:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adition : Ignoré.
:mozilla.210:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.211:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.86:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.87:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.88:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.89:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@advertising[2].txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.198:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Adviva : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@adviva[2].txt -> TrackingCookie.Adviva : Ignoré.
:mozilla.16:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.186:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.96:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Clickhype : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Ignoré.
:mozilla.31:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@enhance[2].txt -> TrackingCookie.Enhance : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@estat[1].txt -> TrackingCookie.Estat : Ignoré.
:mozilla.107:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@findwhat[1].txt -> TrackingCookie.Findwhat : Ignoré.
:mozilla.153:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.175:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Ignoré.
:mozilla.10:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@overture[1].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@overture[2].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@www.paypal[1].txt -> TrackingCookie.Paypal : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.204:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.205:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.53:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.54:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.55:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.56:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.57:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.58:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.59:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@stats1.reliablestats[3].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@stats1.reliablestats[4].txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.142:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.143:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@www.saxobank[1].txt -> TrackingCookie.Saxobank : Ignoré.
:mozilla.118:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.119:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.120:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.121:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.122:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.244:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.75:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.76:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.77:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.78:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.183:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Spylog : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@statcounter[2].txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.15:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Toplist : Ignoré.
:mozilla.229:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.167:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.176:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.74:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Webtrends : Ignoré.
:mozilla.90:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.91:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.92:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.93:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.94:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.95:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.214:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
:mozilla.215:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\g70gkm12.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
C:\Documents and Settings\moi\Cookies\moi@zedo[2].txt -> TrackingCookie.Zedo : Ignoré.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065755.exe -> Trojan.Agent.anr : Ignoré.


Fin du rapport
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
Bonsoir

Dans ton rapport AVG tout ets ignoré, recommence et pense à bien tout supprimé si besoin regarde le lien que je t'ai donné ci-dessus



¤ ¤ Fais ce nettoyage: à faire réguliérement

*Télécharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> http://www.infos-du-net.com/telecharger/CCleaner,0301-1039.html

- Dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis clic en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs" et tu auras un message pour sauvegarder ta base de registre tu clic "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites, tu pourras les supprimer si ton ordinateur n'a plus de problémes.

- Relance Ccleaner, vas dans l'onglet "nettoyeur" présent sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Si tu as besoin d'aide avec Ccleaner, regarde ce tutoriel :
http://redir.fr/gmll



On verra ce que dit Bitdefender ;-)
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Voilà le rapport bitdefender (belle collection de virus eradiquer, un vrai genocide!) et ccleaner a tout supprimer. Merci encore, et prévien moi si ya plus rien a faire


BitDefender Online Scanner







Scan report generated at: Fri, Jul 06, 2007 - 19:41:15









Scan path: C:\;D:\;E:\;F:\;G:\;















Statistics

Time


01:07:39

Files


481038

Folders


8056

Boot Sectors


4

Archives


7403

Packed Files


21604







Results

Identified Viruses


17

Infected Files


148

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


148







Engines Info

Virus Definitions


637344

Engine build


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\WINDOWS\system32\rqopfpby.dll


Infected with: Trojan.Spy.VBStat.B

C:\WINDOWS\system32\rqopfpby.dll


Deleted

C:\WINDOWS\system32\ljjgdcc.dll


Infected with: Trojan.Virtumonde.IG

C:\WINDOWS\system32\ljjgdcc.dll


Disinfection failed

C:\WINDOWS\system32\ljjgdcc.dll


Deleted

C:\WINDOWS\system32\esmmcpuh.exe


Infected with: Trojan.Clicker.Agent.NP

C:\WINDOWS\system32\esmmcpuh.exe


Disinfection failed

C:\WINDOWS\system32\esmmcpuh.exe


Deleted

C:\WINDOWS\system32\trz25B3.tmp


Infected with: Trojan.Fotomoto.A

C:\WINDOWS\system32\trz25B3.tmp


Disinfection failed

C:\WINDOWS\system32\trz25B3.tmp


Deleted

C:\WINDOWS\system32\tnrojwns.exe


Infected with: Trojan.Clicker.Agent.NP

C:\WINDOWS\system32\tnrojwns.exe


Disinfection failed

C:\WINDOWS\system32\tnrojwns.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065751.exe


Infected with: Trojan.Click.Small.MW

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065751.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065751.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065752.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065752.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065752.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065754.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065754.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065756.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065756.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065756.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065757.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065757.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065759.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065759.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP170\A0065759.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP171\A0066113.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP171\A0066113.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP171\A0066114.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP171\A0066114.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071805.dll


Infected with: Trojan.Virtumod.ALZ

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071805.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071805.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071806.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071806.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071806.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071807.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071807.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071808.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071808.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071808.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071809.dll


Infected with: DeepScan:Generic.Virtumonde2.ge.3B1D42DE

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071809.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071809.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071810.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071810.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071810.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071811.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071811.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071812.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071812.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071813.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071813.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071814.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071814.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071815.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071815.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071815.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071816.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071816.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071816.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071817.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071817.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071818.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071818.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071819.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071819.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071820.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071820.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071820.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071821.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071821.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071822.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071822.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071822.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071823.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071823.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071823.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071824.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071824.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071825.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071825.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071826.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071826.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071827.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071827.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071827.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071828.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071828.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071829.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071829.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071830.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071830.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071855.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071855.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071855.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071907.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071907.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071907.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071909.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071909.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071909.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071910.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071910.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071911.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071911.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071912.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071912.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071912.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071913.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071913.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071915.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071915.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071916.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071916.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071916.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071917.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071917.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071917.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071918.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071918.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071919.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071919.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071919.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071921.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071921.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071921.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071923.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071923.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071923.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071926.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071926.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071926.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071927.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071927.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071927.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071928.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071928.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071928.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071930.dll


Infected with: GenPack:Trojan.Vundo.DLZ

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071930.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071930.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071931.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071931.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071931.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071934.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071934.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071934.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071935.dll


Infected with: Trojan.JuanSearch.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071935.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071935.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071944.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071944.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071944.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071947.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071947.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071949.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071949.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071949.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071951.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071951.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071952.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071952.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071952.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071955.dll


Infected with: Trojan.Virtumonde.IC

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071955.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071955.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071958.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071958.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071958.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071959.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071959.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071959.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071973.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071973.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071973.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071974.dll


Infected with: Trojan.BHO.BP

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071974.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071974.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071978.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071978.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071978.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071982.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071982.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071982.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071984.dll


Infected with: MemScan:Trojan.BHO.BM

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071984.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071984.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071988.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071988.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071988.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071990.dll


Infected with: Trojan.Vundo.DMA

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071990.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071990.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071991.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071991.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071991.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071994.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071994.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071996.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071996.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071996.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071999.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071999.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071999.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072000.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072000.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072000.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072002.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072002.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072002.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072004.dll


Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072004.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072004.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072005.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072005.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072005.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072009.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072009.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072009.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072010.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072010.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072010.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072013.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072013.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072013.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072016.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072016.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072016.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072017.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072017.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072017.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072018.dll


Infected with: Trojan.BHO.AQ

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072018.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072018.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072019.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072019.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072019.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072065.exe


Infected with: Trojan.Downloader.Tiny.GG

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072065.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072065.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072098.exe


Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072098.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072098.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073509.dll


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073509.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073510.dll


Infected with: Trojan.Virtumonde.IG

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073510.dll


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073510.dll


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073511.exe


Infected with: Trojan.Clicker.Agent.NP

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073511.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073511.exe


Deleted

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073512.exe


Infected with: Trojan.Clicker.Agent.NP

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073512.exe


Disinfection failed

C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP180\A0073512.exe


Deleted

C:\VundoFix Backups\atehrbrw.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\atehrbrw.exe.bad


Disinfection failed

C:\VundoFix Backups\atehrbrw.exe.bad


Deleted

C:\VundoFix Backups\awvedicw.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\awvedicw.exe.bad


Disinfection failed

C:\VundoFix Backups\awvedicw.exe.bad


Deleted

C:\VundoFix Backups\bcjtswig.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\bcjtswig.dll.bad


Deleted

C:\VundoFix Backups\bcoywmxo.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\bcoywmxo.dll.bad


Deleted

C:\VundoFix Backups\bgdpfjmx.dll.bad


Infected with: MemScan:Trojan.BHO.BM

C:\VundoFix Backups\bgdpfjmx.dll.bad


Disinfection failed

C:\VundoFix Backups\bgdpfjmx.dll.bad


Deleted

C:\VundoFix Backups\bnauschf.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\bnauschf.dll.bad


Deleted

C:\VundoFix Backups\cbwrspll.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\cbwrspll.dll.bad


Deleted

C:\VundoFix Backups\cifakjin.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\cifakjin.exe.bad


Disinfection failed

C:\VundoFix Backups\cifakjin.exe.bad


Deleted

C:\VundoFix Backups\ckndqelf.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\ckndqelf.exe.bad


Disinfection failed

C:\VundoFix Backups\ckndqelf.exe.bad


Deleted

C:\VundoFix Backups\cttcsshk.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\cttcsshk.dll.bad


Deleted

C:\VundoFix Backups\cvftpyhy.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\cvftpyhy.exe.bad


Disinfection failed

C:\VundoFix Backups\cvftpyhy.exe.bad


Deleted

C:\VundoFix Backups\dcghlyoc.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\dcghlyoc.exe.bad


Disinfection failed

C:\VundoFix Backups\dcghlyoc.exe.bad


Deleted

C:\VundoFix Backups\ehaaaiwx.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\ehaaaiwx.exe.bad


Disinfection failed

C:\VundoFix Backups\ehaaaiwx.exe.bad


Deleted

C:\VundoFix Backups\faknsadc.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\faknsadc.exe.bad


Disinfection failed

C:\VundoFix Backups\faknsadc.exe.bad


Deleted

C:\VundoFix Backups\fanhjxba.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\fanhjxba.exe.bad


Disinfection failed

C:\VundoFix Backups\fanhjxba.exe.bad


Deleted

C:\VundoFix Backups\fdyqphxq.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\fdyqphxq.exe.bad


Disinfection failed

C:\VundoFix Backups\fdyqphxq.exe.bad


Deleted

C:\VundoFix Backups\fjwbaurg.dll.bad


Infected with: GenPack:Trojan.Vundo.DLZ

C:\VundoFix Backups\fjwbaurg.dll.bad


Disinfection failed

C:\VundoFix Backups\fjwbaurg.dll.bad


Deleted

C:\VundoFix Backups\flbhmbvx.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\flbhmbvx.exe.bad


Disinfection failed

C:\VundoFix Backups\flbhmbvx.exe.bad


Deleted

C:\VundoFix Backups\giinqmdb.dll.bad


Infected with: Trojan.Vundo.AY

C:\VundoFix Backups\giinqmdb.dll.bad


Disinfection failed

C:\VundoFix Backups\giinqmdb.dll.bad


Deleted

C:\VundoFix Backups\gmmvikhl.dll.bad


Infected with: Trojan.JuanSearch.A

C:\VundoFix Backups\gmmvikhl.dll.bad


Disinfection failed

C:\VundoFix Backups\gmmvikhl.dll.bad


Deleted

C:\VundoFix Backups\jmvgefcc.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\jmvgefcc.exe.bad


Disinfection failed

C:\VundoFix Backups\jmvgefcc.exe.bad


Deleted

C:\VundoFix Backups\jytrotuy.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\jytrotuy.dll.bad


Deleted

C:\VundoFix Backups\klfdnwvn.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\klfdnwvn.exe.bad


Disinfection failed

C:\VundoFix Backups\klfdnwvn.exe.bad


Deleted

C:\VundoFix Backups\kpclaqem.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\kpclaqem.dll.bad


Deleted

C:\VundoFix Backups\kvxehaeu.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\kvxehaeu.exe.bad


Disinfection failed

C:\VundoFix Backups\kvxehaeu.exe.bad


Deleted

C:\VundoFix Backups\ljjgdcc.dll.bad


Infected with: Trojan.Virtumonde.IG

C:\VundoFix Backups\ljjgdcc.dll.bad


Disinfection failed

C:\VundoFix Backups\ljjgdcc.dll.bad


Deleted

C:\VundoFix Backups\ljjhedb.dll.bad


Infected with: Trojan.Virtumonde.IC

C:\VundoFix Backups\ljjhedb.dll.bad


Disinfection failed

C:\VundoFix Backups\ljjhedb.dll.bad


Deleted

C:\VundoFix Backups\lvxvynxo.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\lvxvynxo.exe.bad


Disinfection failed

C:\VundoFix Backups\lvxvynxo.exe.bad


Deleted

C:\VundoFix Backups\mcrropgy.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\mcrropgy.exe.bad


Disinfection failed

C:\VundoFix Backups\mcrropgy.exe.bad


Deleted

C:\VundoFix Backups\qhaqwocf.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\qhaqwocf.exe.bad


Disinfection failed

C:\VundoFix Backups\qhaqwocf.exe.bad


Deleted

C:\VundoFix Backups\qnmlcgbt.dll.bad


Infected with: Trojan.BHO.BP

C:\VundoFix Backups\qnmlcgbt.dll.bad


Disinfection failed

C:\VundoFix Backups\qnmlcgbt.dll.bad


Deleted

C:\VundoFix Backups\rvdtjxul.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\rvdtjxul.exe.bad


Disinfection failed

C:\VundoFix Backups\rvdtjxul.exe.bad


Deleted

C:\VundoFix Backups\siybtmiv.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\siybtmiv.exe.bad


Disinfection failed

C:\VundoFix Backups\siybtmiv.exe.bad


Deleted

C:\VundoFix Backups\smlxvbib.dll.bad


Infected with: MemScan:Trojan.BHO.BM

C:\VundoFix Backups\smlxvbib.dll.bad


Disinfection failed

C:\VundoFix Backups\smlxvbib.dll.bad


Deleted

C:\VundoFix Backups\srbdaenc.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\srbdaenc.exe.bad


Disinfection failed

C:\VundoFix Backups\srbdaenc.exe.bad


Deleted

C:\VundoFix Backups\ssqnopm.dll.bad


Infected with: Trojan.Vundo.DMA

C:\VundoFix Backups\ssqnopm.dll.bad


Disinfection failed

C:\VundoFix Backups\ssqnopm.dll.bad


Deleted

C:\VundoFix Backups\suaaiddk.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\suaaiddk.exe.bad


Disinfection failed

C:\VundoFix Backups\suaaiddk.exe.bad


Deleted

C:\VundoFix Backups\tgtplgkf.dll.bad


Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\tgtplgkf.dll.bad


Deleted

C:\VundoFix Backups\tqqhprjl.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\tqqhprjl.exe.bad


Disinfection failed

C:\VundoFix Backups\tqqhprjl.exe.bad


Deleted

C:\VundoFix Backups\unmldhch.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\unmldhch.exe.bad


Disinfection failed

C:\VundoFix Backups\unmldhch.exe.bad


Deleted

C:\VundoFix Backups\uvssfoka.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\uvssfoka.exe.bad


Disinfection failed

C:\VundoFix Backups\uvssfoka.exe.bad


Deleted

C:\VundoFix Backups\vmekcwwi.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\vmekcwwi.exe.bad


Disinfection failed

C:\VundoFix Backups\vmekcwwi.exe.bad


Deleted

C:\VundoFix Backups\vqixdbrm.dll.bad


Infected with: Trojan.Vundo.AY

C:\VundoFix Backups\vqixdbrm.dll.bad


Disinfection failed

C:\VundoFix Backups\vqixdbrm.dll.bad


Deleted

C:\VundoFix Backups\vswwgmvj.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\vswwgmvj.exe.bad


Disinfection failed

C:\VundoFix Backups\vswwgmvj.exe.bad


Deleted

C:\VundoFix Backups\wnjaxyaq.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\wnjaxyaq.exe.bad


Disinfection failed

C:\VundoFix Backups\wnjaxyaq.exe.bad


Deleted

C:\VundoFix Backups\worqqgyc.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\worqqgyc.exe.bad


Disinfection failed

C:\VundoFix Backups\worqqgyc.exe.bad


Deleted

C:\VundoFix Backups\xcmduxmd.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\xcmduxmd.exe.bad


Disinfection failed

C:\VundoFix Backups\xcmduxmd.exe.bad


Deleted

C:\VundoFix Backups\xmijccmb.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\xmijccmb.exe.bad


Disinfection failed

C:\VundoFix Backups\xmijccmb.exe.bad


Deleted

C:\VundoFix Backups\xswwbfus.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\xswwbfus.exe.bad


Disinfection failed

C:\VundoFix Backups\xswwbfus.exe.bad


Deleted

C:\VundoFix Backups\xvlbasba.dll.bad


Infected with: Trojan.BHO.AQ

C:\VundoFix Backups\xvlbasba.dll.bad


Disinfection failed

C:\VundoFix Backups\xvlbasba.dll.bad


Deleted

C:\VundoFix Backups\xyqmulpf.exe.bad


Infected with: Trojan.Fotomoto.A

C:\VundoFix Backups\xyqmulpf.exe.bad


Disinfection failed

C:\VundoFix Backups\xyqmulpf.exe.bad


Deleted

D:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071512.exe


Infected with: Trojan.Genlot.QV

D:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071512.exe


Disinfection failed

D:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0071512.exe


Deleted
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
C'est pas terminé ton PC est bien infecté :-)

Supprime ce dossier ici en gras : C:\VundoFix Backups\


¤ Recommence un scan complet avec AVG antispyware et colle le rapport ici


¤ Télécharge ce programme puis double clic dessus (ferme ton antivirus s'il te détecte quoi que ce soit)
http://www.suspectfile.com/systemscan/

* Coche uniquement ces cases, décoche tout le reste :

- Recent Files, 60 days

Puis clic sur scan now, soit patient.
Une fois qu'il aura terminé, un rapport va s'ouvrir, copie et colle son contenu ici et vérifie qu'il soit bien en entier, si besoin crée deux messages.
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Slt, voial le rappor de suspect files, il n'est pas très long... Sinon AVG est en train de scanner. A oui pour suspetfiles j'avais pas pas arrêter avast lors du très cour scan et il avait rien dit, c quan meme bon?


SystemScan - www.suspectfile.com - ver. 3.2.0

Running on: Windows XP HOME Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS

Date: 07/07/2007
Time: 18:10:44

Output limited to:
-Recent files

===================== Recent files (60 days old)=====================

----- recent files in C:\
21/05/2007 18:59:14 90 byte 47 days old -- Setup.log
30/05/2007 15:07:40 5694 byte 38 days old -- Sdicon32.ico
05/07/2007 17:26:26 18750 byte 2 days old -- VundoFix.txt
05/07/2007 20:38:30 216 byte 2 days old -- boot.ini
07/07/2007 14:10:24 1071763456 byte 0 days old -- hiberfil.sys
07/07/2007 14:10:24 (DIR)1610612736 byte 0 days old -- pagefile.sys
07/07/2007 18:05:32 (DIR) 0 byte 0 days old -- suspectfile

----- recent files in C:\WINDOWS\
21/05/2007 19:05:46 (DIR) 0 byte 47 days old -- ie7
21/05/2007 19:06:52 (DIR) 0 byte 47 days old -- msdownld.tmp
21/05/2007 19:50:36 (DIR) 0 byte 47 days old -- $NtUninstallKB930916$
21/05/2007 19:50:40 (DIR) 0 byte 47 days old -- $NtUninstallKB903235$
21/05/2007 19:50:42 (DIR) 0 byte 47 days old -- $NtUninstallKB890046$
21/05/2007 19:51:36 (DIR) 0 byte 47 days old -- $NtUninstallKB929969$
22/05/2007 21:59:38 (DIR) 0 byte 46 days old -- $NtUninstallKB927891$
23/05/2007 20:10:34 (DIR) 0 byte 45 days old -- $NtUninstallWudf01000$
23/05/2007 20:11:10 (DIR) 0 byte 45 days old -- $NtUninstallWMFDist11$
23/05/2007 20:11:24 316640 byte 45 days old -- WMSysPr9.prx
23/05/2007 20:11:58 (DIR) 0 byte 45 days old -- $NtUninstallwmp11$
23/05/2007 20:12:32 (DIR) 0 byte 45 days old -- $NtUninstallMSCompPackV1$
23/05/2007 20:12:42 (DIR) 0 byte 45 days old -- $NtUninstallKB926239$
24/05/2007 19:36:04 (DIR) 0 byte 44 days old -- $NtUninstallKB929399$
27/05/2007 18:05:34 0 byte 41 days old -- nsreg.dat
27/05/2007 18:18:06 2316 byte 41 days old -- mozver.dat
28/05/2007 15:31:26 (DIR) 0 byte 40 days old -- PIF
28/05/2007 21:48:26 806 byte 40 days old -- Sof2.INI
29/05/2007 20:37:16 (DIR) 0 byte 39 days old -- $NtUninstallKB921883$
13/06/2007 17:51:30 (DIR) 0 byte 24 days old -- $NtUninstallKB935839$
13/06/2007 17:53:14 (DIR) 0 byte 24 days old -- $NtUninstallKB935840$
13/06/2007 17:53:20 (DIR) 0 byte 24 days old -- $NtUninstallKB929123$
15/06/2007 20:52:38 910133 byte 22 days old -- Prison Tycoon 2 Uninstaller.exe
17/06/2007 11:30:28 (DIR) 0 byte 20 days old -- wb
05/07/2007 19:09:00 (DIR) 0 byte 2 days old -- BDOSCAN8
05/07/2007 20:38:30 227 byte 2 days old -- system.ini
06/07/2007 23:44:56 (DIR) 0 byte 1 days old -- Internet Logs
06/07/2007 23:53:48 337530 byte 1 days old -- ntbtlog.txt
06/07/2007 23:55:44 0 byte 1 days old -- setuperr.log
06/07/2007 23:55:44 60 byte 1 days old -- setupact.log
07/07/2007 14:09:42 32618 byte 0 days old -- SchedLgU.Txt
07/07/2007 14:09:44 50 byte 0 days old -- wiaservc.log
07/07/2007 14:10:32 2048 byte 0 days old -- bootstat.dat
07/07/2007 14:10:42 0 byte 0 days old -- 0.log
07/07/2007 14:11:50 159 byte 0 days old -- wiadebug.log
07/07/2007 14:12:00 5124 byte 0 days old -- ModemLog_Modem Bluetooth.txt
07/07/2007 14:15:08 842 byte 0 days old -- win.ini
07/07/2007 16:00:38 1212 byte 0 days old -- wmsetup.log
07/07/2007 16:00:38 1429858 byte 0 days old -- WindowsUpdate.log
07/07/2007 16:04:28 829 byte 0 days old -- setupapi.log

----- recent files in C:\WINDOWS\Downloaded Program Files\

----- recent files in C:\WINDOWS\system\

----- recent files in C:\WINDOWS\system32\
16/05/2007 17:13:54 683520 byte 52 days old -- inetcomm.dll
16/05/2007 20:15:52 188 byte 52 days old -- eDataSecurity.dat
21/05/2007 19:25:02 359424 byte 47 days old -- zpjfywa.exe~
21/05/2007 19:25:02 259113 byte 47 days old -- zpjfywa_nav.dat
23/05/2007 20:16:52 16832 byte 45 days old -- amcompat.tlb
23/05/2007 20:16:52 23392 byte 45 days old -- nscompat.tlb
28/05/2007 18:04:40 98304 byte 40 days old -- CmdLineExt.dll
29/05/2007 18:24:34 11802 byte 39 days old -- zpjfywa.dat
29/05/2007 18:25:08 1715 byte 39 days old -- zpjfywa_navps.dat
06/06/2007 08:38:42 15747032 byte 31 days old -- MRT.exe
06/06/2007 21:51:28 1105369 byte 31 days old -- ghpumcwb.ini
11/06/2007 23:13:18 943806 byte 26 days old -- wytdgbja.ini
12/06/2007 17:19:52 948278 byte 25 days old -- acvxsvfn.ini
13/06/2007 18:07:22 948350 byte 24 days old -- xkhmndbg.ini
13/06/2007 18:17:28 948290 byte 24 days old -- vtrxkfyo.ini
15/06/2007 21:36:58 921848 byte 22 days old -- nvckogst.ini
16/06/2007 15:34:14 921976 byte 21 days old -- asebrjph.ini
16/06/2007 23:10:56 405 byte 21 days old -- pynoipsm.ini
20/06/2007 20:54:58 904301 byte 17 days old -- mjhrtrtb.ini
21/06/2007 07:48:26 350584 byte 16 days old -- FNTCACHE.DAT
21/06/2007 21:36:24 3121 byte 16 days old -- CONFIG.NT
25/06/2007 19:52:32 4896 byte 12 days old -- lvcoinst.log
25/06/2007 20:19:40 345 byte 12 days old -- ltwhxqmb.ini
27/06/2007 20:20:12 405 byte 10 days old -- tpamkomi.ini
27/06/2007 20:26:34 465 byte 10 days old -- hjnxxanp.ini
02/07/2007 17:10:32 999576 byte 5 days old -- cshacxsc.ini
03/07/2007 20:39:08 1030890 byte 4 days old -- nalmotig.tmp
05/07/2007 07:34:36 124436 byte 2 days old -- genwkuaq.dll
05/07/2007 07:34:52 345 byte 2 days old -- qaukwneg.ini
05/07/2007 17:31:28 944534 byte 2 days old -- egjlm.bak1
05/07/2007 20:17:10 951537 byte 2 days old -- egjlm.ini
05/07/2007 20:18:04 143 byte 2 days old -- mcrh.tmp
06/07/2007 22:20:36 196608 byte 1 days old -- ssleay32.dll
06/07/2007 22:20:58 61114 byte 1 days old -- xpdx.sys
06/07/2007 23:46:24 (DIR) 0 byte 1 days old -- ZoneLabs
06/07/2007 23:46:40 4212 byte 1 days old -- zllictbl.dat
07/07/2007 14:12:00 1158 byte 0 days old -- wpa.dbl
07/07/2007 14:12:02 52662 byte 0 days old -- vsconfig.xml
07/07/2007 14:13:50 537 byte 0 days old -- eRLog.ini

----- recent files in C:\WINDOWS\system32\drivers\
23/05/2007 20:10:38 (DIR) 0 byte 45 days old -- UMDF
30/05/2007 14:10:42 10872 byte 38 days old -- AvgAsCln.sys

----- recent files in C:\WINDOWS\temp\
05/07/2007 22:25:08 16384 byte 2 days old -- Perflib_Perfdata_104.dat
07/07/2007 12:38:40 0 byte 0 days old -- T30DebugLogFile.txt
07/07/2007 14:10:42 256 byte 0 days old -- ZLT05376.TMP
07/07/2007 14:10:44 256 byte 0 days old -- ZLT05379.TMP
07/07/2007 14:10:50 255 byte 0 days old -- WGAErrLog.txt
07/07/2007 14:11:12 16384 byte 0 days old -- Perflib_Perfdata_1bc.dat
07/07/2007 14:11:38 0 byte 0 days old -- CLML_AGENT_LOG1.txt
07/07/2007 14:11:38 2048 byte 0 days old -- sqlite_iQbnNrd1ghl8Ut8
07/07/2007 14:13:08 409 byte 0 days old -- WGANotify.settings

----- recent files in C:\Program Files\
21/05/2007 19:23:42 (DIR) 0 byte 47 days old -- MSN Messenger
21/05/2007 19:24:26 (DIR) 0 byte 47 days old -- MSN Apps
22/05/2007 18:25:30 (DIR) 0 byte 46 days old -- Pando Networks
23/05/2007 16:51:48 (DIR) 0 byte 45 days old -- Rapidshare Unlimited
23/05/2007 20:12:08 (DIR) 0 byte 45 days old -- Windows Media Connect 2
24/05/2007 22:10:54 (DIR) 0 byte 44 days old -- LimeWire
25/05/2007 19:24:26 (DIR) 0 byte 43 days old -- MindArk
26/05/2007 14:07:38 (DIR) 0 byte 42 days old -- Azureus
26/05/2007 14:39:06 (DIR) 0 byte 42 days old -- uTorrent
26/05/2007 20:29:16 (DIR) 0 byte 42 days old -- Common Files
27/05/2007 18:18:02 (DIR) 0 byte 41 days old -- Mozilla Firefox
31/05/2007 11:46:48 (DIR) 0 byte 37 days old -- RegCleaner
12/06/2007 17:15:36 (DIR) 0 byte 25 days old -- Project entropia
20/06/2007 21:11:00 (DIR) 0 byte 17 days old -- Lavalys
25/06/2007 07:28:18 (DIR) 0 byte 12 days old -- Microsoft Games
02/07/2007 20:54:58 (DIR) 0 byte 5 days old -- HijackThis

----- recent files in C:\Program Files\Fichiers communs\
30/05/2007 15:07:56 (DIR) 0 byte 38 days old -- Thraex Software
09/06/2007 17:56:58 40183 byte 28 days old -- Yazzle1162OinUninstaller.exe
21/06/2007 18:39:42 (DIR) 0 byte 16 days old -- 3DO Shared

----- recent files in C:\Documents and Settings\moi\Application Data\
18/05/2007 23:35:22 43 byte 50 days old -- .zreglib
21/05/2007 19:23:52 (DIR) 0 byte 47 days old -- SlySoft
24/05/2007 22:11:04 (DIR) 0 byte 44 days old -- LimeWire
26/05/2007 14:07:46 (DIR) 0 byte 42 days old -- Azureus
26/05/2007 14:39:08 (DIR) 0 byte 42 days old -- uTorrent
27/05/2007 18:05:28 (DIR) 0 byte 41 days old -- Mozilla
12/06/2007 23:05:48 (DIR) 0 byte 25 days old -- Intel
05/07/2007 18:13:42 (DIR) 0 byte 2 days old -- Grisoft

----- recent files in C:\DOCUME~1\moi\LOCALS~1\Temp\
06/07/2007 23:44:54 71680 byte 1 days old -- GLB8.tmp
06/07/2007 23:44:56 (DIR) 0 byte 1 days old -- 070607234454
06/07/2007 23:51:18 49152 byte 1 days old -- ~DFDDA5.tmp
06/07/2007 23:51:34 16384 byte 1 days old -- ~DF3882.tmp
07/07/2007 12:40:14 (DIR) 0 byte 0 days old -- _avast4_
07/07/2007 14:09:38 98304 byte 0 days old -- ~DF9D6C.tmp
07/07/2007 14:13:18 (DIR) 0 byte 0 days old -- WPDNSE
07/07/2007 14:14:36 98304 byte 0 days old -- ~DF37A9.tmp
07/07/2007 14:14:42 16384 byte 0 days old -- Perflib_Perfdata_b44.dat
07/07/2007 14:15:10 16384 byte 0 days old -- Perflib_Perfdata_efc.dat
07/07/2007 14:15:10 16384 byte 0 days old -- Perflib_Perfdata_770.dat
07/07/2007 14:19:12 342 byte 0 days old -- jusched.log
07/07/2007 14:41:06 (DIR) 0 byte 0 days old -- Google Toolbar
07/07/2007 16:13:00 (DIR) 0 byte 0 days old -- OIS
07/07/2007 16:22:04 1612 byte 0 days old -- wmplog00.sqm
07/07/2007 16:44:06 1244 byte 0 days old -- LVCOMSX.LOG
07/07/2007 16:44:32 1520 byte 0 days old -- wmplog01.sqm
07/07/2007 16:47:02 (DIR) 0 byte 0 days old -- e4j5.tmp_dir19229
07/07/2007 18:04:02 16384 byte 0 days old -- Perflib_Perfdata_8f4.dat
07/07/2007 18:10:24 (DIR) 0 byte 0 days old -- nsp10.tmp
07/07/2007 18:10:26 16384 byte 0 days old -- ~DFE1C8.tmp

==========================================
Scan completed in 0 minutes
End of report
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Voila le rappor d'AVG, j'ai pris dailleur l'initiative den refaire un autre juste après et il en a rerouver 1. En plus jai fais un petit nettoyage avec zone alarm, mai j'ai pas de rapport. Merci encore



AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 18:38:45 07/07/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072067.exe -> Adware.NaviPromo : Nettoyé.
C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP179\A0072066.dll -> Adware.Softomate : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\moi\Cookies\moi@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Program Files\Alcohol Soft\Alcohol 120\star_syn_client.dll -> Trojan.Agent.abd : Nettoyé.


Fin du rapport
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
Télécharge OTMoveIt sur ton bureau
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

Double clic sur OTMoveIt.exe
Sélectionne et copie les lignes ci-dessous

C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
C:\WINDOWS\system32\zpjfywa.exe
C:\WINDOWS\system32\zpjfywa_nav.dat
C:\WINDOWS\system32\zpjfywa.dat
C:\WINDOWS\system32\zpjfywa_navps.dat
C:\WINDOWS\system32\ghpumcwb.ini
C:\WINDOWS\system32\wytdgbja.ini
C:\WINDOWS\system32\acvxsvfn.ini
C:\WINDOWS\system32\xkhmndbg.ini
C:\WINDOWS\system32\vtrxkfyo.ini
C:\WINDOWS\system32\nvckogst.ini
C:\WINDOWS\system32\asebrjph.ini
C:\WINDOWS\system32\pynoipsm.ini
C:\WINDOWS\system32\mjhrtrtb.ini
C:\WINDOWS\system32\tpamkomi.ini
C:\WINDOWS\system32\ltwhxqmb.ini
C:\WINDOWS\system32\hjnxxanp.ini
C:\WINDOWS\system32\cshacxsc.ini
C:\WINDOWS\system32\nalmotig.tmp
C:\WINDOWS\system32\genwkuaq.dll
C:\WINDOWS\system32\qaukwneg.ini
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\xpdx.sys

Retourne dans OTMoveit, fais un clic droit dans la fenêtre "Paste List of Files/Folders to be moved" et choisis "coller".
Clic sur le boutton rouge Moveit et ferme OTMoveIt
Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir l'exécution, si c'est le cas, clic sur "Yes"
Copie et colle le rapport qu'il va te générer ici stp. Le rapport d'OTMoveit se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles



¤ Télécharge ComboFix sur ton bureau
---> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Ferme ton navigateur web avant d'exécuter ce programme.
Double-clic dessus et appuye sur "1" pour continuer
Attends quelques minutes..
Un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici .

PS : il se peut qu'il y est un autre rapport colle son contenu ici ausi
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Voila celui de OTMoveIt, c'est normal que avast détecte des logiciel malveillant dans ce dossier?

C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe moved successfully.
File/Folder C:\WINDOWS\system32\zpjfywa.exe not found.
C:\WINDOWS\system32\zpjfywa_nav.dat moved successfully.
C:\WINDOWS\system32\zpjfywa.dat moved successfully.
C:\WINDOWS\system32\zpjfywa_navps.dat moved successfully.
C:\WINDOWS\system32\ghpumcwb.ini moved successfully.
C:\WINDOWS\system32\wytdgbja.ini moved successfully.
C:\WINDOWS\system32\acvxsvfn.ini moved successfully.
C:\WINDOWS\system32\xkhmndbg.ini moved successfully.
C:\WINDOWS\system32\vtrxkfyo.ini moved successfully.
C:\WINDOWS\system32\nvckogst.ini moved successfully.
C:\WINDOWS\system32\asebrjph.ini moved successfully.
C:\WINDOWS\system32\pynoipsm.ini moved successfully.
C:\WINDOWS\system32\mjhrtrtb.ini moved successfully.
C:\WINDOWS\system32\tpamkomi.ini moved successfully.
C:\WINDOWS\system32\ltwhxqmb.ini moved successfully.
C:\WINDOWS\system32\hjnxxanp.ini moved successfully.
C:\WINDOWS\system32\cshacxsc.ini moved successfully.
C:\WINDOWS\system32\nalmotig.tmp moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\genwkuaq.dll
C:\WINDOWS\system32\genwkuaq.dll NOT unregistered.
C:\WINDOWS\system32\genwkuaq.dll moved successfully.
C:\WINDOWS\system32\qaukwneg.ini moved successfully.
C:\WINDOWS\system32\egjlm.bak1 moved successfully.
C:\WINDOWS\system32\egjlm.ini moved successfully.
C:\WINDOWS\system32\mcrh.tmp moved successfully.
File move failed. C:\WINDOWS\system32\xpdx.sys scheduled to be moved on reboot.

Created on 07/07/2007 19:44:59
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
"Voila celui de OTMoveIt, c'est normal que avast détecte des logiciel malveillant dans ce dossier?"


Oui, puisque l'on vient de les mettres en quarataine avec OTMoveIt lol :-)
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Et maintenant c'est celui de Combofix


"moi" - 2007-07-07 20:01:16 - ComboFix 07-07-07.3 - Service Pack 2 [color=red][b]FAT32 [/b][/color]


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1.\TEMP
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\TEMP\8FB6501C.TMP
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll
C:\WINDOWS\system32\xpdx.sys


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NPF
-------\nm
-------\NPF
-------\xpdx


((((((((((((((((((((((((( Files Created from 2007-06-07 to 2007-07-07 )))))))))))))))))))))))))))))))


2007-07-07 19:59 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-06 23:46 54,936 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2007-07-06 23:46 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-07-06 23:46 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-07-06 23:46 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2007-07-06 23:44 <REP> d-------- C:\WINDOWS\Internet Logs
2007-07-05 19:08 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-07-05 18:13 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-05 07:28 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-07-05 07:28 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-07-05 07:28 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-07-05 07:28 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris
2007-07-05 07:28 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-07-05 07:28 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-07-05 07:28 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-07-05 07:28 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-07-05 07:28 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
2007-07-01 16:09 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-07-01 16:09 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-07-01 16:09 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-07-01 16:09 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-07-01 16:09 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-07-01 16:09 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-07-01 16:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-07-01 16:09 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-06-25 07:28 <REP> d-------- C:\Program Files\Microsoft Games
2007-06-22 20:37 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
2007-06-21 18:39 <REP> d-------- C:\Program Files\Fichiers communs\3DO Shared
2007-06-20 21:10 <REP> d-------- C:\Program Files\Lavalys
2007-06-17 11:30 <REP> d-------- C:\WINDOWS\wb
2007-06-12 23:05 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\Intel
2007-06-12 17:15 <REP> d-------- C:\Program Files\Project entropia


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-06 20:20:36 196,608 ----a-w C:\WINDOWS\system32\ssleay32.dll
2007-06-15 18:52:38 910,133 ----a-w C:\WINDOWS\Prison Tycoon 2 Uninstaller.exe
2007-05-31 09:46:48 -------- d-----w C:\Program Files\RegCleaner
2007-05-30 13:07:56 -------- d-----w C:\Program Files\Fichiers communs\Thraex Software
2007-05-28 16:04:40 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-05-27 16:18:06 2,316 ----a-w C:\WINDOWS\mozver.dat
2007-05-27 16:05:34 0 ----a-w C:\WINDOWS\nsreg.dat
2007-05-26 18:29:16 -------- d-----w C:\Program Files\Common Files
2007-05-26 12:39:08 -------- d-----w C:\DOCUME~1\moi\APPLIC~1\uTorrent
2007-05-26 12:39:06 -------- d-----w C:\Program Files\uTorrent
2007-05-26 12:07:46 -------- d-----w C:\DOCUME~1\moi\APPLIC~1\Azureus
2007-05-26 12:07:38 -------- d-----w C:\Program Files\Azureus
2007-05-25 17:24:26 -------- d-----w C:\Program Files\MindArk
2007-05-24 20:11:04 -------- d-----w C:\DOCUME~1\moi\APPLIC~1\LimeWire
2007-05-24 20:10:54 -------- d-----w C:\Program Files\LimeWire
2007-05-23 18:12:08 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-05-23 14:51:48 -------- d-----w C:\Program Files\Rapidshare Unlimited
2007-05-22 16:25:30 -------- d-----w C:\Program Files\Pando Networks
2007-05-21 17:24:26 -------- d-----w C:\Program Files\MSN Apps
2007-05-21 17:23:52 -------- d-----w C:\DOCUME~1\moi\APPLIC~1\SlySoft
2007-05-21 17:23:42 -------- d-----w C:\Program Files\MSN Messenger
2007-05-16 18:15:52 188 ----a-w C:\WINDOWS\system32\eDataSecurity.dat
2007-05-16 15:13:54 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-01 13:51:36 760 ----a-w C:\WINDOWS\eReg.dat
2007-04-30 14:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 14:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-25 14:22:36 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 15:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-11 13:20:44 306 ----a-w C:\WINDOWS\system32\rqgjpwu_navps.dat
2007-04-11 13:20:42 4,703 ----a-w C:\WINDOWS\system32\rqgjpwu.dat
2007-04-11 13:10:06 325,632 ----a-w C:\WINDOWS\system32\rqgjpwu.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2004-12-14 01:56 63136 --a------ c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{706312FD-6400-4D5B-AE44-9483D7AB54F7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2006-11-09 15:21 440056 --a------ C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2006-08-31 20:33 322368 --a------ C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
2004-08-13 17:42 155648 --a------ C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9AE99EC3-BBE2-4E0F-8214-AF0ABACC0A09}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-19 23:56 2436160 -ra------ c:\program files\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-06-27 21:29 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
2006-01-17 16:04 282624 --a------ C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\HijackThis\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"LaunchApp"="Alaunch" []
"RTHDCPL"="RTHDCPL.EXE" [2005-11-16 20:27 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 03:43 C:\WINDOWS\Alcmtr.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-11-02 00:11]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-02 00:11]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2005-12-02 15:42]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-10-19 09:30]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2005-12-06 17:11]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 04:19]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 13:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-01-17 18:28]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-16 11:58]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 16:42]
"Aticcc"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-01-11 20:01]
"ZoneAlarm Client"="C:\Program Files\HijackThis\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-27 21:29]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\HijackThis\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge]
C:\WINDOWS\system32\mljge.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwil32]
winwil32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^moi^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk]
path=C:\Documents and Settings\moi\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk
backup=C:\WINDOWS\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
"C:\Program Files\CloneCD\CloneCDTray.exe" /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
"C:\Program Files\D-Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j8271833]
rundll32 C:\WINDOWS\system32\j8271833.dll sook

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\program files\steam\steam.exe" -silent


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af08534e-a1af-11db-b70b-0016cef0e4f3}]
AutoRun\command- I:\autorun.exe


Contents of the 'Scheduled Tasks' folder
2007-03-20 14:44:20 C:\WINDOWS\tasks\Low Battery Alarm Program.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-07 20:08:04
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-07 20:12:24 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-07 20:12

--- E O F ---
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
et sont rappor sur la quarantaine:

[code]
2005-08-03 05:08 61440 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\WanPacket.dll.vir
2005-08-03 05:08 81920 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\packet.dll.vir
2005-08-03 05:10 32512 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\npf.sys.vir
2005-08-03 05:18 233472 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\wpcap.dll.vir
2005-08-03 05:24 53299 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\pthreadVC.dll.vir
2007-02-01 19:20 22 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\nvs2.inf.vir
2007-05-22 01:09 102 --a------ C:\Qoobox\Quarantine\C\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP\8FB6501C.TMP.vir
2007-07-06 22:20 61114 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\xpdx.sys.vir
2007-07-07 20:03 1212 --a------ C:\Qoobox\Quarantine\Registry_backups\LEGACY_NPF.reg.cf
2007-07-07 20:03 1352 --a------ C:\Qoobox\Quarantine\Registry_backups\services_NPF.reg.cf
2007-07-07 20:03 200 --a------ C:\Qoobox\Quarantine\Registry_backups\services_xpdx.reg.cf
2007-07-07 20:03 352 --a------ C:\Qoobox\Quarantine\Registry_backups\services_nm.reg.cf
2007-07-07 20:03 846 --a------ C:\Qoobox\Quarantine\Registry_backups\LEGACY_DOMAINSERVICE.reg.cf


Structure du dossier pour le volume ACER
Le num‚ro de s‚rie du volume est 320D-180E
C:\QOOBOX
\---Quarantine
+---Registry_backups
| LEGACY_DOMAINSERVICE.reg.cf
| LEGACY_NPF.reg.cf
| services_nm.reg.cf
| services_NPF.reg.cf
| services_xpdx.reg.cf
|
\---C
+---WINDOWS
| \---system32
| | packet.dll.vir
| | pthreadVC.dll.vir
| | WanPacket.dll.vir
| | wpcap.dll.vir
| | nvs2.inf.vir
| | xpdx.sys.vir
| |
| \---drivers
| npf.sys.vir
|
\---DOCUME~1
\---ALLUSE~1
\---APPLIC~1
\---TEMP
8FB6501C.TMP.vir

[/code]
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
Bien, c'est déjà mieux !


¤ Fais un clic droit sur ce lien :Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip

Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Au menu principal, choisis 4 et valide.

Le fix va te demander de saisir le nom de fichier.
Saisies ce qui est en gras ci-dessous et rien d'autre puis valide:

rqgjpwu

Le fix va te demander de le resaisir, fais-le et valide

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre



¤Rends toi sur se site
http://www.virustotal.com/en/virustotalx.html


En haut à droite clic sur "choisir"
Tu vas dans C:, windows, tu cherches le processus ci-dessous et tu clic sur "ouvrir"

C:\WINDOWS\Prison Tycoon 2 Uninstaller.exe

dès que c'est fait, clic sur "send"
Tu attends un peu qu'il analyse ton fichier ça peut duré plusieurs minutes et colle le rapport ici une fois qu'il a terminé stp

Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Premiere étape, et jattaque la deuxieme...


Clean Navipromo version 2.0.5 commencé le 07/07/2007 à 20:52:22,50

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO


Mode suppression par méthode manuelle

Nom du fichier saisi : rqgjpwu

*** Recherche, Creation backups et suppression ***

C:\WINDOWS\system32\rqgjpwu_nav.dat absent !
C:\WINDOWS\system32\rqgjpwu_navup.dat absent !
C:\WINDOWS\system32\rqgjpwu_navtmp.dat absent !
C:\WINDOWS\system32\rqgjpwu_m2s.xml absent !
C:\WINDOWS\prefetch\rqgjpwu*.pf absent !

C:\WINDOWS\System32\rqgjpwu.exe trouvé !
Copie C:\WINDOWS\system32\rqgjpwu.exe réalise avec succes !
C:\WINDOWS\system32\rqgjpwu.exe supprimé !

C:\WINDOWS\System32\rqgjpwu.dat trouvé !
Copie C:\WINDOWS\system32\rqgjpwu.dat réalise avec succes !
C:\WINDOWS\system32\rqgjpwu.dat supprimé !

C:\WINDOWS\System32\rqgjpwu_navps.dat trouvé !
Copie C:\WINDOWS\system32\rqgjpwu_navps.dat réalise avec succes !
C:\WINDOWS\system32\rqgjpwu_navps.dat supprimé !


*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***

C:\Program Files\InternetGameBox ...suppression...
C:\Program Files\InternetGameBox supprimé !


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\moi\Application Data ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\moi\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalise avec succes !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********
C:\WINDOWS\System32\zpjfywa.exe~ trouvé !
Copie C:\WINDOWS\system32\zpjfywa.exe~ réalise avec succes !
C:\WINDOWS\system32\zpjfywa.exe~ supprimé !


3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

4)Certificats :

Certificat Egroup supprimé !

*** Nettoyage termine le 07/07/2007 à 20:56:41,12 ***
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Pour le site que tu ma donner il me dise que je suis 478 eme et que fallais que j'attende entre 51 et 73 min... Faut que je reste connecté? Pasque ma connexion wifi est plutot instable, elle se déconnecte de temp en temp
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
N'installe plus Internet Gamebox c'est de la saloperie, pense à refaire AVG car il l'avait détecté et apparemment tu n'as pas refais le scan sinon il aurait été supprimé, à moins que tu l'as réinstallé ;-)
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
Jmen suis jamais servi dailleur, mai sa fais quand même la 3 eme fois que j'ai fais AVG et j'ai tout le temps supprimer. A oui pis un scan avec zone alarm qui ma enlevé 5 fichier... Mais bon je reessayerai
Messages postés
22963
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 517
ok, donc ça devrait être bon.
Analyse le fichier après je pense que ton problème devrait se résoudre ;-)
Messages postés
76
Date d'inscription
mercredi 6 juin 2007
Statut
Membre
Dernière intervention
8 juillet 2009
22
dsl pour le retard mais j'ai eu qque probleme de coupure internet don je t parler (signal trop faible) mais voila, jattent ton verdict

AhnLab-V3 2007.7.7.0 07.06.2007 no virus found
AntiVir 7.4.0.39 07.07.2007 no virus found
Authentium 4.93.8 07.07.2007 W32/PWStealer.NGL
Avast 4.7.997.0 07.06.2007 no virus found
AVG 7.5.0.476 07.07.2007 no virus found
BitDefender 7.2 07.07.2007 no virus found
CAT-QuickHeal 9.00 07.07.2007 no virus found
ClamAV devel-20070416 07.07.2007 no virus found
DrWeb 4.33 07.07.2007 no virus found
eSafe 7.0.15.0 07.06.2007 no virus found
eTrust-Vet 30.8.3769 07.07.2007 no virus found
Ewido 4.0 07.07.2007 no virus found
FileAdvisor 1 07.07.2007 no virus found
Fortinet 2.91.0.0 07.07.2007 no virus found
F-Prot 4.3.2.48 07.06.2007 W32/PWStealer.NGL
F-Secure 6.70.13260.0 07.07.2007 no virus found
Ikarus T3.1.1.8 07.07.2007 no virus found
Kaspersky 4.0.2.24 07.07.2007 no virus found
McAfee 5069 07.06.2007 no virus found
Microsoft 1.2704 07.07.2007 no virus found
NOD32v2 2383 07.06.2007 no virus found
Norman 5.80.02 07.06.2007 no virus found
Panda 9.0.0.4 07.07.2007 no virus found
Sophos 4.19.0 07.06.2007 no virus found
Sunbelt 2.2.907.0 07.07.2007 no virus found
Symantec 10 07.07.2007 no virus found
TheHacker 6.1.6.143 07.05.2007 no virus found
VBA32 3.12.0.2 07.07.2007 no virus found
VirusBuster 4.3.23:9 07.07.2007 no virus found
Webwasher-Gateway 6.0.1 07.07.2007 no virus found