Win32 + "your computer may be infected...&quo
Résolu
Cath69
-
meastikmetal -
meastikmetal -
Bonjour,
Depuis quelque temps, j'ai des fenêtres qui s'affichent sur mes pages internet à la place des publicités avec le message suivant : "your computer may be infected..." avec une croix rouge.
Par ailleurs, j'ai des pages qui s'ouvrent toute seules avec des propositions pour des antivirus ou des publicités pour des ordinateurs (VLAZE), des régimes, des sites de rencontre...
Mon antivirus (avast) me dit que mon ordi est infecté par win32...
Que faire ?
merci pour la réponse précise car je ne m'y connais pas en informatique.
Depuis quelque temps, j'ai des fenêtres qui s'affichent sur mes pages internet à la place des publicités avec le message suivant : "your computer may be infected..." avec une croix rouge.
Par ailleurs, j'ai des pages qui s'ouvrent toute seules avec des propositions pour des antivirus ou des publicités pour des ordinateurs (VLAZE), des régimes, des sites de rencontre...
Mon antivirus (avast) me dit que mon ordi est infecté par win32...
Que faire ?
merci pour la réponse précise car je ne m'y connais pas en informatique.
A voir également:
- Win32 + "your computer may be infected...&quo
- Can't load android system your data may be corrupt traduction francais - Forum Téléphones & tablettes Android
- To be filled by o.e.m - Forum Windows
- Steam needs to be online to update. please confirm your network connection and try again. ✓ - Forum MacOS
- Puadimanager win32/offercore ✓ - Forum Virus
- Over current have been detected on your usb device ✓ - Forum Windows
138 réponses
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jpelajfa
*******************
Script file located at: \??\C:\WINDOWS\rqgtawxf.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\SYSTEM32\APNLHWGU.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\AQDHXWHU.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\BJVFYWOG.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\CPLNMTUW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\DIDWFMLR.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\GMVTFNMW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\HYPXSGTP.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LOTSVJEX.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\NUPABWJK.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\PFINFNBB.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\SWGHWSWS.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\XBYLJKSA.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\YJSJMYBG.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\KBJPYSSY.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LAUNFGTI.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LHVUGTEC.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\RAMAOCGS.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\THFSCVKV.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\UCEPDDTW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\XFMOWBGM.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\SERCHGNO.DLL deleted successfully.
File C:\WINDOWS\SYSTEM32\TEXOHWYP.DLL deleted successfully.
File C:\WINDOWS\SYSTEM32\XDXILEUN.DLL deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jpelajfa
*******************
Script file located at: \??\C:\WINDOWS\rqgtawxf.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\SYSTEM32\APNLHWGU.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\AQDHXWHU.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\BJVFYWOG.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\CPLNMTUW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\DIDWFMLR.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\GMVTFNMW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\HYPXSGTP.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LOTSVJEX.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\NUPABWJK.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\PFINFNBB.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\SWGHWSWS.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\XBYLJKSA.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\YJSJMYBG.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\KBJPYSSY.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LAUNFGTI.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\LHVUGTEC.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\RAMAOCGS.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\THFSCVKV.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\UCEPDDTW.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\XFMOWBGM.INI deleted successfully.
File C:\WINDOWS\SYSTEM32\SERCHGNO.DLL deleted successfully.
File C:\WINDOWS\SYSTEM32\TEXOHWYP.DLL deleted successfully.
File C:\WINDOWS\SYSTEM32\XDXILEUN.DLL deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Parfait le script a bien fonctionné...comme quoi l'anglais ça sert !
----->submitted mais pas désinfecté!!!
Sérieusement jamais vu une telle infection Vundo incapable d'être virée par les outils spécifique !
C'est quoi ton Fire-wall ?
je suis inquiet ...de ta réponse ?
e) je ne sais pas.
Tu vas courir vers ceci:
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
installes-le sur ton PC.
* Disinfected: 0 * Renamed: 2 * Deleted: 0 * None: 25 * Submitted: 25
----->submitted mais pas désinfecté!!!
Sérieusement jamais vu une telle infection Vundo incapable d'être virée par les outils spécifique !
C'est quoi ton Fire-wall ?
je suis inquiet ...de ta réponse ?
e) je ne sais pas.
Tu vas courir vers ceci:
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
installes-le sur ton PC.
Avant l'infection, j'avais Mc Affe (payé très cher pour le résultat que tu connais). Je l'ai désinstallé pour mettre avast...je ne sais pas si j'ai bien fait.
Vires Avast et met ANTIVIR
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
et le fire-wall c'est fait ?
*****Dans chaque église, il y a toujours quelque chose qui cloche******
Je n'ai pas la prétention de résoudre les problèmes, j'essaie simplement de rendre service ;-)
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
et le fire-wall c'est fait ?
*****Dans chaque église, il y a toujours quelque chose qui cloche******
Je n'ai pas la prétention de résoudre les problèmes, j'essaie simplement de rendre service ;-)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
AAAAAAAAAArrrghhhhhhh ! J'ai installé Antivir et là, grosse catastrophe : il a détecté quelque chose et a ouvert plein de fenêtres me demandant une mise en quarantaine ou une suppression. Il n'a pas été capable de faire ni l'un ni l'autre donc il a ouvert en boucle lesdites fenêtres jusqu'à ce que l'ordinateur plante.
Conclusion, je l'ai désinstallé en mode sans échec et laissé avast.
Pour la réponse à ta question sur le fire wall, je ne sais pas...
Conclusion, je l'ai désinstallé en mode sans échec et laissé avast.
Pour la réponse à ta question sur le fire wall, je ne sais pas...
Donc ton PC est encore infecté et Avast ne le détecte pas.
tu as pris note du fichier en question ?
Fais ceci (absolument)
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
Le tuto est ici:
http://www.commentcamarche.net/faq/sujet 2612 firewall installation et configuration du pare feu zonealarm
tu as pris note du fichier en question ?
Fais ceci (absolument)
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
Le tuto est ici:
http://www.commentcamarche.net/faq/sujet 2612 firewall installation et configuration du pare feu zonealarm
Bonjour,
Wahooo ! que de problèmes hier soir avec l'installation du fire-wall.
Après l'installation de ZoneAlarm, l'anti-virus-anti-espion s'est mis en route et à détecté 18 virus et 6 espions. Il a automatiquement mis en quarantaine les virus (réparation impossible) et a supprimé les espions. Lorsque j'ai relancé la machine :
- l'ordinateur ne s'éteignait plus,
- 10 minutes pour rebooter
- lenteur extrême...
quand il a bien voulu s'allumer, vers 23h00, avast me disait qu'il était en conflit, je l'ai donc enlevé. Depuis, lenteurs pour s'éteindre, s'allumer et naviguer sur internet persistent...Arrgh
Seule bonne nouvelle j'ai maintenant un fire-wall...mais ce n'est pas encore gagné !
(grosse fatigue pour aujourd'hui mais je tiens bon et prend les choses avec PHILO-sophie)
Wahooo ! que de problèmes hier soir avec l'installation du fire-wall.
Après l'installation de ZoneAlarm, l'anti-virus-anti-espion s'est mis en route et à détecté 18 virus et 6 espions. Il a automatiquement mis en quarantaine les virus (réparation impossible) et a supprimé les espions. Lorsque j'ai relancé la machine :
- l'ordinateur ne s'éteignait plus,
- 10 minutes pour rebooter
- lenteur extrême...
quand il a bien voulu s'allumer, vers 23h00, avast me disait qu'il était en conflit, je l'ai donc enlevé. Depuis, lenteurs pour s'éteindre, s'allumer et naviguer sur internet persistent...Arrgh
Seule bonne nouvelle j'ai maintenant un fire-wall...mais ce n'est pas encore gagné !
(grosse fatigue pour aujourd'hui mais je tiens bon et prend les choses avec PHILO-sophie)
je ne suis pas là !
de quel logiciel sagit-il ?
" l'anti-virus-anti-espion s'est mis en route et à détecté 18 virus et 6 espions."
je pense que tu t'es auto-réinfecté en cours de route.
Il va falloir vérifer que le fire-wall de XP est désactivé !
regardes ici:
https://www.informatruc.com
de quel logiciel sagit-il ?
" l'anti-virus-anti-espion s'est mis en route et à détecté 18 virus et 6 espions."
je pense que tu t'es auto-réinfecté en cours de route.
Il va falloir vérifer que le fire-wall de XP est désactivé !
regardes ici:
https://www.informatruc.com
pas mal !
l'anti-virus-anti-espion----> c'est le Fire-wall
L'antivirus c'est Avast.
Tu peux me dire de quels fichier il sagit ?
Il doit avoir un journal des alertes dans Zone-Alarm
Je crois qu'on doit pouvoir y avoir accès sans trop de soucis.
Lis aussi ceci :
http://www.commentcamarche.net/faq/sujet 3907 mythes zonealarm et avast sont incompatibles
copies-moi le journal des alertes de Zone-Alarm
Il doit être en mode txt dans---->
c:\Windows\Internet Logs\ZAlog.txt
"Zone Alarm vous offre la possibilité d'enregistrer dans un fichier "log" ("journal") toutes les alertes que vous subissez. Pour y arriver, il suffit de cocher la case à côté de "Log alerts..." La ligne suivante précise à quel endroit de votre PC est stocké le "log". Un logiciel comme Wordpad suffit pour le consulter.
Si vous cochez également la case en regard de "Show the alert popup window", vous aurez droit à un message "popup" chaque fois qu'une nouvelle alerte sera enregistrée. Je vous conseil de décocher cette case parce que ca devient agaçant à la longue. "
l'anti-virus-anti-espion----> c'est le Fire-wall
L'antivirus c'est Avast.
Tu peux me dire de quels fichier il sagit ?
Il doit avoir un journal des alertes dans Zone-Alarm
Je crois qu'on doit pouvoir y avoir accès sans trop de soucis.
Lis aussi ceci :
http://www.commentcamarche.net/faq/sujet 3907 mythes zonealarm et avast sont incompatibles
copies-moi le journal des alertes de Zone-Alarm
Il doit être en mode txt dans---->
c:\Windows\Internet Logs\ZAlog.txt
"Zone Alarm vous offre la possibilité d'enregistrer dans un fichier "log" ("journal") toutes les alertes que vous subissez. Pour y arriver, il suffit de cocher la case à côté de "Log alerts..." La ligne suivante précise à quel endroit de votre PC est stocké le "log". Un logiciel comme Wordpad suffit pour le consulter.
Si vous cochez également la case en regard de "Show the alert popup window", vous aurez droit à un message "popup" chaque fois qu'une nouvelle alerte sera enregistrée. Je vous conseil de décocher cette case parce que ca devient agaçant à la longue. "
ZoneAlarm Logging Client v7.0.362.000
Windows XP-5.1.2600-Service Pack 2-SP
type,date,time,source,destination,transport (Security)
type,date,time,virus name,file name,mode,e-mail id (Anti-Virus)
type,date,time,source,destination,action,service (IM Security)
type,date,time,source,destination,program,action (Malicious Code Protection)
type,date,time,action,product,file,event,subevent,class,data,data,... (OSFirewall)
type,date,time,name,type,mode (Anti-Spyware)
PE,2007/11/03,21:22:58 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
FWOUT,2007/11/03,21:23:10 +1:00 GMT,192.168.2.147:1151,192.168.2.164:139,TCP (flags:S)
FWOUT,2007/11/03,21:24:02 +1:00 GMT,192.168.2.147:1153,192.168.2.164:139,TCP (flags:S)
ACCESS,2007/11/03,21:24:36 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis envoyer des données vers Internet (192.168.2.1:DNS).,N/A,N/A
FWOUT,2007/11/03,21:24:52 +1:00 GMT,192.168.2.147:1155,192.168.2.164:139,TCP (flags:S)
FWIN,2007/11/03,21:25:18 +1:00 GMT,192.168.2.1:53,192.168.2.147:1108,UDP
PE,2007/11/03,21:25:18 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
ACCESS,2007/11/03,21:25:18 +1:00 GMT,Generic Host Process for Win32 Services n'a pas pu obtenir l'autorisation pour envoyer des données vers Internet (192.168.2.1:DNS) ; l'accès a été refusé.,N/A,N/A
PE,2007/11/03,21:25:20 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,0.0.0.0:135,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,127.0.0.1:1037,N/A
ACCESS,2007/11/03,21:25:30 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis envoyer des données vers Internet (192.168.2.1:DNS).,N/A,N/A
ACCESS,2007/11/03,21:25:30 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à Internet (192.168.2.1:DNS).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1037).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1052).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1051).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1038).,N/A,N/A
OSFW,2007/11/03,21:27:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
PE,2007/11/03,21:27:08 +1:00 GMT,avast! antivirus service,C:\Program Files\Alwil Software\Avast4\ashServ.exe,74.86.125.40:0,N/A
AV/treatment,2007/11/03,21:27:08 +1:00 GMT,,,,Auto
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
PE,2007/11/03,21:27:14 +1:00 GMT,avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,74.86.125.40:53,N/A
PE,2007/11/03,21:28:14 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,127.0.0.1:1172,N/A
PE,2007/11/03,21:28:20 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,209.85.5.41:53,N/A
PE,2007/11/03,21:28:20 +1:00 GMT,avast! Web Scanner,C:\Program Files\Alwil Software\Avast4\ashWebSv.exe,209.85.135.147:80,N/A
OSFW,2007/11/03,21:29:46 +1:00 GMT,UNKNOWN(0),LSA Shell (Export Version),C:\WINDOWS\system32\lsass.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,21:29:46 +1:00 GMT,UNKNOWN(0),LSA Shell (Export Version),C:\WINDOWS\system32\lsass.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
ZLUpdate,2007/11/03,21:30:28 +1:00 GMT,,,Manual
AV/update,2007/11/03,21:33:12 +1:00 GMT,,Update Install Completed,Manual
ZLUpdate,2007/11/03,21:34:00 +1:00 GMT,,,Manual
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,21:35:08 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,Infecté,Manuel
AV/treatment,2007/11/03,21:36:32 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
PE,2007/11/03,21:41:02 +1:00 GMT,ZoneAlarm Client,C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe,62.161.94.103:53,N/A
FWOUT,2007/11/03,21:41:02 +1:00 GMT,192.168.2.147:1108,192.168.2.1:53,UDP
AV/treatment,2007/11/03,21:45:14 +1:00 GMT,Trojan-Downloader.JS.Psyme.ls,C:\Documents and Settings\www.NOM-1607AC21F06\Local Settings\Temporary Internet Files\Content.IE5\3POQRLGM\ZE[1].0TM,Échec de réparation du fichier,Manuel
,2007/11/03,21:45:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:16 +1:00 GMT,Trojan.Win32.Agent.bck,C:\Program Files\Navilog1\Backupnavi\DMBAFOIQ.0XE,Échec de réparation du fichier,Manuel
,2007/11/03,22:07:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:18 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:54 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP1\A0000064.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:58 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP2\A0000098.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:04 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0000248.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:08 +1:00 GMT,Trojan.Win32.Agent.bck,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001405.exe,Échec de réparation du fichier,Manuel
,2007/11/03,22:08:08 +1:00 GMT,
AV/treatment,2007/11/03,22:08:10 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001468.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:16 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001532.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:18 +1:00 GMT,not-a-virus:RiskTool.Win32.PsKill.k,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001589.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:18 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001600.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:20 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001634.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:24 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001681.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:24 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001690.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:28 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP6\A0001736.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:42 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\VundoFix Backups\hjqphtwi.dll.bad,Infecté,Manuel
AV/scan,2007/11/03,22:24:20 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\VundoFix Backups\hjqphtwi.dll.bad,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP6\A0001736.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001690.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001681.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001634.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001600.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.PsKill.k,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001589.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001532.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001468.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0000248.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP2\A0000098.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP1\A0000064.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:54 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,Infecté,Manuel
AV/scan,2007/11/03,22:27:54 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Manuel
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
OSFW,2007/11/03,22:28:50 +1:00 GMT,UNKNOWN(0),Client Server Runtime Process,C:\WINDOWS\system32\csrss.exe,PROCESS,TERMINATEPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,22:35:42 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:35:48 +1:00 GMT,,,,Auto
PE,2007/11/03,22:36:00 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
OSFW,2007/11/03,22:36:04 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:37:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:38:04 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:38:20 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:42:28 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:42:34 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:42:46 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:42:56 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SVCHOST.EXE
OSFW,2007/11/03,22:43:02 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\USERINIT.EXE
PE,2007/11/03,22:45:06 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,207.46.197.32:123,N/A
OSFW,2007/11/03,22:45:12 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\system32\winlogon.exe
OSFW,2007/11/03,22:45:36 +1:00 GMT,UNKNOWN(0),Notifications Windows Genuine Advantage,C:\WINDOWS\system32\WgaTray.exe,PHYSMEM,MAP,SRC
OSFW,2007/11/03,22:45:56 +1:00 GMT,UNKNOWN(0),Exécuter une DLL en tant qu'application,C:\WINDOWS\system32\rundll32.exe,EXECUTION,GLOBALWINDOWSHOOK,SRC
PE,2007/11/03,22:46:04 +1:00 GMT,Windows Messenger,C:\Program Files\Messenger\msmsgs.exe,65.54.239.20:1863,N/A
PE,2007/11/03,22:46:56 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,0.0.0.0:135,N/A
OSFW,2007/11/03,22:47:32 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,CREATE,SRC,AVASTTESTSERVICE
OSFW,2007/11/03,22:47:32 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AVASTTESTSERVICE
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI\PARAMETERS
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI\ENUM
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI
OSFW,2007/11/03,22:50:36 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\PARAMETERS
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\PARAMETERS2
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\ENUM
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWMON2\ENUM
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWMON2
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AAVMKER4\ENUM
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AAVMKER4
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,REGISTRY,DELVALUE,SRC,HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN,avast!
OSFW,2007/11/03,22:50:42 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,EVENTLOG\ANTIVIRUS\AVAST!
OSFW,2007/11/03,22:50:42 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,EVENTLOG\ANTIVIRUS
OSFW,2007/11/03,22:56:16 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
AV/treatment,2007/11/03,22:56:24 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:56:32 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:57:04 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\system32\services.exe
OSFW,2007/11/03,22:57:18 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,22:57:34 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/03,23:12:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,23:12:58 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:12:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,23:13:14 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,23:13:16 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,23:15:00 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\TASKMGR.EXE
OSFW,2007/11/03,23:15:00 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\TASKMGR.EXE
OSFW,2007/11/03,23:20:44 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
OSFW,2007/11/03,23:20:44 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,23:20:46 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:21:02 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,23:21:16 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,23:21:18 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/03,23:21:38 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\WGATRAY.EXE
OSFW,2007/11/03,23:34:18 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
AV/treatment,2007/11/03,23:34:22 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:34:36 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,23:34:52 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,23:35:20 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\WGATRAY.EXE
OSFW,2007/11/03,23:47:24 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\LOGON.SCR
ZLUpdate,2007/11/03,23:51:04 +1:00 GMT,,,Auto
ZLUpdate,2007/11/03,23:51:10 +1:00 GMT,,,Auto
AV/update,2007/11/04,12:00:48 +1:00 GMT,,Update Install Completed,Auto
AV/scan,2007/11/04,13:14:20 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Auto
AV/update,2007/11/04,13:17:30 +1:00 GMT,,Update Install Completed,Auto
AV/update,2007/11/04,14:00:42 +1:00 GMT,,Update Install Completed,Auto
AV/update,2007/11/04,15:00:46 +1:00 GMT,,Update Install Completed,Auto
PE,2007/11/04,15:23:42 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,127.0.0.1:1412,N/A
PE,2007/11/04,15:23:54 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,195.95.194.8:53,N/A
OSFW,2007/11/04,15:47:42 +1:00 GMT,UNKNOWN(0),CCleaner,C:\Program Files\CCleaner\CCleaner.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:47:50 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:50 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:54 +1:00 GMT,UNKNOWN(0),CCleaner,C:\Program Files\CCleaner\CCleaner.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:47:56 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:56 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:50:44 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\USERINIT.EXE
OSFW,2007/11/04,15:50:54 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:53:54 +1:00 GMT,UNKNOWN(0),Panneau de configuration Windows,C:\WINDOWS\system32\control.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:54:30 +1:00 GMT,UNKNOWN(0),Panneau de configuration Windows,C:\WINDOWS\system32\control.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
Windows XP-5.1.2600-Service Pack 2-SP
type,date,time,source,destination,transport (Security)
type,date,time,virus name,file name,mode,e-mail id (Anti-Virus)
type,date,time,source,destination,action,service (IM Security)
type,date,time,source,destination,program,action (Malicious Code Protection)
type,date,time,action,product,file,event,subevent,class,data,data,... (OSFirewall)
type,date,time,name,type,mode (Anti-Spyware)
PE,2007/11/03,21:22:58 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
FWOUT,2007/11/03,21:23:10 +1:00 GMT,192.168.2.147:1151,192.168.2.164:139,TCP (flags:S)
FWOUT,2007/11/03,21:24:02 +1:00 GMT,192.168.2.147:1153,192.168.2.164:139,TCP (flags:S)
ACCESS,2007/11/03,21:24:36 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis envoyer des données vers Internet (192.168.2.1:DNS).,N/A,N/A
FWOUT,2007/11/03,21:24:52 +1:00 GMT,192.168.2.147:1155,192.168.2.164:139,TCP (flags:S)
FWIN,2007/11/03,21:25:18 +1:00 GMT,192.168.2.1:53,192.168.2.147:1108,UDP
PE,2007/11/03,21:25:18 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
ACCESS,2007/11/03,21:25:18 +1:00 GMT,Generic Host Process for Win32 Services n'a pas pu obtenir l'autorisation pour envoyer des données vers Internet (192.168.2.1:DNS) ; l'accès a été refusé.,N/A,N/A
PE,2007/11/03,21:25:20 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,0.0.0.0:135,N/A
PE,2007/11/03,21:25:22 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,127.0.0.1:1037,N/A
ACCESS,2007/11/03,21:25:30 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis envoyer des données vers Internet (192.168.2.1:DNS).,N/A,N/A
ACCESS,2007/11/03,21:25:30 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à Internet (192.168.2.1:DNS).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1037).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1052).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1051).,N/A,N/A
ACCESS,2007/11/03,21:25:44 +1:00 GMT,Generic Host Process for Win32 Services a été temporairement bloqué depuis se connecter à la zone locale (127.0.0.1:Port 1038).,N/A,N/A
OSFW,2007/11/03,21:27:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
PE,2007/11/03,21:27:08 +1:00 GMT,avast! antivirus service,C:\Program Files\Alwil Software\Avast4\ashServ.exe,74.86.125.40:0,N/A
AV/treatment,2007/11/03,21:27:08 +1:00 GMT,,,,Auto
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,21:27:08 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
PE,2007/11/03,21:27:14 +1:00 GMT,avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,74.86.125.40:53,N/A
PE,2007/11/03,21:28:14 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,127.0.0.1:1172,N/A
PE,2007/11/03,21:28:20 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,209.85.5.41:53,N/A
PE,2007/11/03,21:28:20 +1:00 GMT,avast! Web Scanner,C:\Program Files\Alwil Software\Avast4\ashWebSv.exe,209.85.135.147:80,N/A
OSFW,2007/11/03,21:29:46 +1:00 GMT,UNKNOWN(0),LSA Shell (Export Version),C:\WINDOWS\system32\lsass.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,21:29:46 +1:00 GMT,UNKNOWN(0),LSA Shell (Export Version),C:\WINDOWS\system32\lsass.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
ZLUpdate,2007/11/03,21:30:28 +1:00 GMT,,,Manual
AV/update,2007/11/03,21:33:12 +1:00 GMT,,Update Install Completed,Manual
ZLUpdate,2007/11/03,21:34:00 +1:00 GMT,,,Manual
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
OSFW,2007/11/03,21:35:04 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,21:35:08 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,Infecté,Manuel
AV/treatment,2007/11/03,21:36:32 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
PE,2007/11/03,21:41:02 +1:00 GMT,ZoneAlarm Client,C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe,62.161.94.103:53,N/A
FWOUT,2007/11/03,21:41:02 +1:00 GMT,192.168.2.147:1108,192.168.2.1:53,UDP
AV/treatment,2007/11/03,21:45:14 +1:00 GMT,Trojan-Downloader.JS.Psyme.ls,C:\Documents and Settings\www.NOM-1607AC21F06\Local Settings\Temporary Internet Files\Content.IE5\3POQRLGM\ZE[1].0TM,Échec de réparation du fichier,Manuel
,2007/11/03,21:45:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:16 +1:00 GMT,Trojan.Win32.Agent.bck,C:\Program Files\Navilog1\Backupnavi\DMBAFOIQ.0XE,Échec de réparation du fichier,Manuel
,2007/11/03,22:07:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:18 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:54 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP1\A0000064.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:58 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP2\A0000098.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:04 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0000248.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:08 +1:00 GMT,Trojan.Win32.Agent.bck,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001405.exe,Échec de réparation du fichier,Manuel
,2007/11/03,22:08:08 +1:00 GMT,
AV/treatment,2007/11/03,22:08:10 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001468.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:16 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001532.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:18 +1:00 GMT,not-a-virus:RiskTool.Win32.PsKill.k,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001589.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:18 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001600.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:20 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001634.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:24 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001681.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:24 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001690.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:08:28 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP6\A0001736.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:08:42 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\VundoFix Backups\hjqphtwi.dll.bad,Infecté,Manuel
AV/scan,2007/11/03,22:24:20 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\VundoFix Backups\hjqphtwi.dll.bad,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP6\A0001736.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001690.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001681.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001634.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001600.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:RiskTool.Win32.PsKill.k,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001589.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:50 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001532.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0001468.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP3\A0000248.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:AdWare.Win32.SecToolBar.h,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP2\A0000098.dll,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP1\A0000064.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:52 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:27:54 +1:00 GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,Infecté,Manuel
AV/scan,2007/11/03,22:27:54 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Manuel
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:00 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
,2007/11/03,22:28:02 +1:00 GMT,
OSFW,2007/11/03,22:28:50 +1:00 GMT,UNKNOWN(0),Client Server Runtime Process,C:\WINDOWS\system32\csrss.exe,PROCESS,TERMINATEPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,22:35:42 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:35:48 +1:00 GMT,,,,Auto
PE,2007/11/03,22:36:00 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,192.168.2.1:53,N/A
OSFW,2007/11/03,22:36:04 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:37:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:38:04 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:38:20 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:42:28 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,22:42:34 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:42:46 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:42:56 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SVCHOST.EXE
OSFW,2007/11/03,22:43:02 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\USERINIT.EXE
PE,2007/11/03,22:45:06 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,207.46.197.32:123,N/A
OSFW,2007/11/03,22:45:12 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\system32\winlogon.exe
OSFW,2007/11/03,22:45:36 +1:00 GMT,UNKNOWN(0),Notifications Windows Genuine Advantage,C:\WINDOWS\system32\WgaTray.exe,PHYSMEM,MAP,SRC
OSFW,2007/11/03,22:45:56 +1:00 GMT,UNKNOWN(0),Exécuter une DLL en tant qu'application,C:\WINDOWS\system32\rundll32.exe,EXECUTION,GLOBALWINDOWSHOOK,SRC
PE,2007/11/03,22:46:04 +1:00 GMT,Windows Messenger,C:\Program Files\Messenger\msmsgs.exe,65.54.239.20:1863,N/A
PE,2007/11/03,22:46:56 +1:00 GMT,Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,0.0.0.0:135,N/A
OSFW,2007/11/03,22:47:32 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,CREATE,SRC,AVASTTESTSERVICE
OSFW,2007/11/03,22:47:32 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AVASTTESTSERVICE
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI\PARAMETERS
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI\ENUM
OSFW,2007/11/03,22:50:08 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWTDI
OSFW,2007/11/03,22:50:36 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\PARAMETERS
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\PARAMETERS2
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR\ENUM
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWRDR
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWMON2\ENUM
OSFW,2007/11/03,22:50:38 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,ASWMON2
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AAVMKER4\ENUM
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,AAVMKER4
OSFW,2007/11/03,22:50:40 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,REGISTRY,DELVALUE,SRC,HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN,avast!
OSFW,2007/11/03,22:50:42 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,EVENTLOG\ANTIVIRUS\AVAST!
OSFW,2007/11/03,22:50:42 +1:00 GMT,UNKNOWN(0),avast! antivirus Update,C:\Program Files\Alwil Software\Avast4\Setup\avast.setup,DRIVER,DELETE,SRC,EVENTLOG\ANTIVIRUS
OSFW,2007/11/03,22:56:16 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
AV/treatment,2007/11/03,22:56:24 +1:00 GMT,,,,Auto
OSFW,2007/11/03,22:56:32 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,22:57:04 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\system32\services.exe
OSFW,2007/11/03,22:57:18 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,22:57:34 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/03,23:12:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,23:12:58 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:12:58 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,MODIFY,SRC,KL1
OSFW,2007/11/03,23:13:14 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,23:13:16 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
OSFW,2007/11/03,23:15:00 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\TASKMGR.EXE
OSFW,2007/11/03,23:15:00 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\TASKMGR.EXE
OSFW,2007/11/03,23:20:44 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
OSFW,2007/11/03,23:20:44 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,DRIVER,UNLOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\KLIF
AV/treatment,2007/11/03,23:20:46 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:21:02 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,23:21:16 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,23:21:18 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/03,23:21:38 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\WGATRAY.EXE
OSFW,2007/11/03,23:34:18 +1:00 GMT,UNKNOWN(0),Applications Services et Contrôleur,C:\WINDOWS\system32\services.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
AV/treatment,2007/11/03,23:34:22 +1:00 GMT,,,,Auto
OSFW,2007/11/03,23:34:36 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\Rdbss
OSFW,2007/11/03,23:34:52 +1:00 GMT,UNKNOWN(0),Generic Host Process for Win32 Services,C:\WINDOWS\system32\svchost.exe,PROCESS,OPENPROCESS,DST,C:\WINDOWS\System32\svchost.exe
OSFW,2007/11/03,23:35:20 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\WGATRAY.EXE
OSFW,2007/11/03,23:47:24 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\LOGON.SCR
ZLUpdate,2007/11/03,23:51:04 +1:00 GMT,,,Auto
ZLUpdate,2007/11/03,23:51:10 +1:00 GMT,,,Auto
AV/update,2007/11/04,12:00:48 +1:00 GMT,,Update Install Completed,Auto
AV/scan,2007/11/04,13:14:20 +1:00 GMT,Plusieurs fichiers,Analyse effectuée,Auto
AV/update,2007/11/04,13:17:30 +1:00 GMT,,Update Install Completed,Auto
AV/update,2007/11/04,14:00:42 +1:00 GMT,,Update Install Completed,Auto
AV/update,2007/11/04,15:00:46 +1:00 GMT,,Update Install Completed,Auto
PE,2007/11/04,15:23:42 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,127.0.0.1:1412,N/A
PE,2007/11/04,15:23:54 +1:00 GMT,Firefox,C:\Program Files\Mozilla Firefox\firefox.exe,195.95.194.8:53,N/A
OSFW,2007/11/04,15:47:42 +1:00 GMT,UNKNOWN(0),CCleaner,C:\Program Files\CCleaner\CCleaner.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:47:50 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:50 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:54 +1:00 GMT,UNKNOWN(0),CCleaner,C:\Program Files\CCleaner\CCleaner.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:47:56 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:47:56 +1:00 GMT,BLOCKED,CCleaner,C:\Program Files\CCleaner\CCleaner.exe,FILE,WRITE,SRC,WINDIR\Internet Logs\ZALog.txt
OSFW,2007/11/04,15:50:44 +1:00 GMT,UNKNOWN(0),Application d'ouverture de session Windows NT,C:\WINDOWS\system32\winlogon.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\SYSTEM32\USERINIT.EXE
OSFW,2007/11/04,15:50:54 +1:00 GMT,UNKNOWN(0),Explorateur Windows,C:\WINDOWS\explorer.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:53:54 +1:00 GMT,UNKNOWN(0),Panneau de configuration Windows,C:\WINDOWS\system32\control.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
OSFW,2007/11/04,15:54:30 +1:00 GMT,UNKNOWN(0),Panneau de configuration Windows,C:\WINDOWS\system32\control.exe,PROCESS,SPAWNPROCESS,SRC,C:\WINDOWS\system32\rundll32.exe,f5402cd4-7b7389dd-c21f9211-9a906eee,ee,a66fc
La majorité de ces alertes sont des faux positif...
-----------
GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,I nfecté,Manuel
AV/treatment,2007/11/03,21:36:32 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:16 +1:00 GMT,Trojan.Win32.Agent.bck,C:\Program Files\Navilog1\Backupnavi\DMBAFOIQ.0XE,Échec de réparation du fichier,Manuel
,2007/11/03,22:07:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:18 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
--------------------
pas de panique avec ça !
de plus tes points de restaurations aussi sont infectés
Mais une chose à la fois !
fais ceci:
https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/
tuto
https://www.malekal.com/scan-antivirus-ligne-nod32/
copies le rapport
-----------
GMT,not-a-virus:AdWare.Win32.Virtumonde.agh,C:\avenger\backup-03.11.2007-20.11.12,23.zip,I nfecté,Manuel
AV/treatment,2007/11/03,21:36:32 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Documents and Settings\Catherine Theiller\Bureau\SmitfraudFix.exe,Infecté,Manuel
AV/treatment,2007/11/03,22:07:16 +1:00 GMT,Trojan.Win32.Agent.bck,C:\Program Files\Navilog1\Backupnavi\DMBAFOIQ.0XE,Échec de réparation du fichier,Manuel
,2007/11/03,22:07:16 +1:00 GMT,
AV/treatment,2007/11/03,22:07:18 +1:00 GMT,not-a-virus:RiskTool.Win32.Reboot.f,C:\Program Files\Navilog1\reboot.exe,Infecté,Manuel
--------------------
pas de panique avec ça !
de plus tes points de restaurations aussi sont infectés
Mais une chose à la fois !
fais ceci:
https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/
tuto
https://www.malekal.com/scan-antivirus-ligne-nod32/
copies le rapport
Avant de commencer, qu'est-ce que je fais avec mon fire-wall (zone alarm), l'anti virus de zone alarm (qui est actif) et avast (que j'ai désinstallé hier soir) ??
pour le moment fais le scan avec Panda.
Peut-être tu devras désactiver ZA , pour le scan en ligne, ?
Peut-être tu devras désactiver ZA , pour le scan en ligne, ?
Incident Status Location
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00361F1.dat
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ahbacpwq.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/bepoqrtc.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/bmlkyngv.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/dtatcrpp.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ebuhnvqm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ehmxjkex.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/eqwterkr.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/gohbdpwe.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ithblgeb.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/nubciyrm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/pprtvwle.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/qgcsmqsr.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/quslmblx.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/rrnskyqk.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/sqpkmhra.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/tnilytue.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/uyciuxfm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/wdiyputf.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0035560.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c004CECC.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c009207A.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0092A77.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0098B8.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c009ED10.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00BC8CD.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00C8440.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00CEAAF.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00D9661.dat]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Catherine Theiller\Application Data\Mozilla\Firefox\Profiles\qczg3145.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Catherine Theiller\Application Data\Mozilla\Firefox\Profiles\qczg3145.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@clickbank[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@tradedoubler[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@weborama[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@xiti[1].txt
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Catherine Theiller\Local Settings\Temporary Internet Files\Content.IE5\2Z3OK9IT\mosx1024[1]
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@ccbill[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter16.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter7.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter9.sextracker[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@hg1.hitbox[2].txt
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@sexlist[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@sextracker[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@statcounter[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@www6.addfreestats[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@xxxcounter[2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@yadro[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Navilog1\Process.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\aadahyoj.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\afohxoil.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bmmgbegi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bstdbokt.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bwfyguui.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\cnjdpdpx.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\cyinxixs.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\dqdlicws.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\eerckoxv.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ffqouxqy.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\fkggiqcr.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\fusxiodf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ggksxrmb.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jdfligxo.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jpdgiqmi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jvtdugqi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\lpirbsjf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\mnxucybn.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\naglngpv.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\oejekabc.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ouscwkdd.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\pmfoputf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\qupfcsdy.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\swcpeaxc.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\uahacpja.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\vedlptwt.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\wnvpcmqm.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ynqvvihr.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0015F6F.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0021113.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00218B1.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0030B8C.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c003E8D6.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c004A3C8.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c004C6E2.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0050F30.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00583B.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c005AEDB.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c007FC01.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00862A.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c009316.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00B5BD8.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00B95F5.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00C2B0A.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00DBC59.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00E9E09.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00F1E64.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00361F1.dat
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ahbacpwq.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/bepoqrtc.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/bmlkyngv.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/dtatcrpp.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ebuhnvqm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ehmxjkex.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/eqwterkr.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/gohbdpwe.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/ithblgeb.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/nubciyrm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/pprtvwle.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/qgcsmqsr.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/quslmblx.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/rrnskyqk.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/sqpkmhra.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/tnilytue.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/uyciuxfm.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/wdiyputf.dll]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0035560.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c004CECC.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c009207A.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0092A77.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c0098B8.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c009ED10.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00BC8CD.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00C8440.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00CEAAF.dat]
Adware:Adware/PurityScan Not disinfected C:\avenger\backup-02.11.2007-18.43.04,45.zip[avenger/__c00D9661.dat]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Catherine Theiller\Application Data\Mozilla\Firefox\Profiles\qczg3145.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Catherine Theiller\Application Data\Mozilla\Firefox\Profiles\qczg3145.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@clickbank[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@tradedoubler[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@weborama[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Catherine Theiller\Cookies\catherine_theiller@xiti[1].txt
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Catherine Theiller\Local Settings\Temporary Internet Files\Content.IE5\2Z3OK9IT\mosx1024[1]
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@ccbill[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter16.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter7.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@counter9.sextracker[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@hg1.hitbox[2].txt
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@sexlist[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@sextracker[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@statcounter[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@www6.addfreestats[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@xxxcounter[2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\www.NOM-1607AC21F06\Cookies\www@yadro[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Navilog1\Process.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\aadahyoj.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\afohxoil.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bmmgbegi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bstdbokt.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\bwfyguui.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\cnjdpdpx.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\cyinxixs.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\dqdlicws.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\eerckoxv.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ffqouxqy.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\fkggiqcr.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\fusxiodf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ggksxrmb.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jdfligxo.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jpdgiqmi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\jvtdugqi.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\lpirbsjf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\mnxucybn.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\naglngpv.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\oejekabc.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ouscwkdd.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\pmfoputf.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\qupfcsdy.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\swcpeaxc.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\uahacpja.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\vedlptwt.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\wnvpcmqm.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\ynqvvihr.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0015F6F.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0021113.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00218B1.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0030B8C.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c003E8D6.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c004A3C8.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c004C6E2.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c0050F30.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00583B.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c005AEDB.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c007FC01.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00862A.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c009316.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00B5BD8.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00B95F5.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00C2B0A.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00DBC59.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00E9E09.dat
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\__c00F1E64.dat
mets ta machine en mode sans échec.
https://leblogdeclaude.blogspot.com/
-----------------------------------------------------------------------------
ouvre ton notepad.exe
copie exactement ceci:
enregistre-le en : fix.txt sur ton bureau (efface l'ancien)
-------------------------------------------------------------------------------
Files to Delete:
C:\WINDOWS\system32\naglngpv.dll
C:\WINDOWS\system32\oejekabc.dll
C:\WINDOWS\system32\ouscwkdd.dll
C:\WINDOWS\system32\pmfoputf.dll
C:\WINDOWS\system32\qupfcsdy.dll
C:\WINDOWS\system32\swcpeaxc.dll
C:\WINDOWS\system32\uahacpja.dll
C:\WINDOWS\system32\vedlptwt.dll
C:\WINDOWS\system32\wnvpcmqm.dll
C:\WINDOWS\system32\ynqvvihr.dll
C:\WINDOWS\system32\__c0015F6F.dat
C:\WINDOWS\system32\__c0021113.dat
C:\WINDOWS\system32\__c00218B1.dat
C:\WINDOWS\system32\__c0030B8C.dat
C:\WINDOWS\system32\__c003E8D6.dat
C:\WINDOWS\system32\__c004A3C8.dat
C:\WINDOWS\system32\__c004C6E2.dat
C:\WINDOWS\system32\__c0050F30.dat
C:\WINDOWS\system32\__c00583B.dat
C:\WINDOWS\system32\__c005AEDB.dat
C:\WINDOWS\system32\__c007FC01.dat
C:\WINDOWS\system32\__c00862A.dat
C:\WINDOWS\system32\__c009316.dat
C:\WINDOWS\system32\__c00B5BD8.dat
C:\WINDOWS\system32\__c00B95F5.dat
C:\WINDOWS\system32\__c00C2B0A.dat
C:\WINDOWS\system32\__c00DBC59.dat
C:\WINDOWS\system32\__c00E9E09.dat
C:\WINDOWS\system32\__c00F1E64.dat
-----------------------------------------
lance The Avenger.
coche load script fron file (lire un script à partir d'un fichier) recherche alors fix.txt qui est sur ton bureau.
Ensuite lance-le avec l'icone du feu vert.
copies le rapport
https://leblogdeclaude.blogspot.com/
-----------------------------------------------------------------------------
ouvre ton notepad.exe
copie exactement ceci:
enregistre-le en : fix.txt sur ton bureau (efface l'ancien)
-------------------------------------------------------------------------------
Files to Delete:
C:\WINDOWS\system32\naglngpv.dll
C:\WINDOWS\system32\oejekabc.dll
C:\WINDOWS\system32\ouscwkdd.dll
C:\WINDOWS\system32\pmfoputf.dll
C:\WINDOWS\system32\qupfcsdy.dll
C:\WINDOWS\system32\swcpeaxc.dll
C:\WINDOWS\system32\uahacpja.dll
C:\WINDOWS\system32\vedlptwt.dll
C:\WINDOWS\system32\wnvpcmqm.dll
C:\WINDOWS\system32\ynqvvihr.dll
C:\WINDOWS\system32\__c0015F6F.dat
C:\WINDOWS\system32\__c0021113.dat
C:\WINDOWS\system32\__c00218B1.dat
C:\WINDOWS\system32\__c0030B8C.dat
C:\WINDOWS\system32\__c003E8D6.dat
C:\WINDOWS\system32\__c004A3C8.dat
C:\WINDOWS\system32\__c004C6E2.dat
C:\WINDOWS\system32\__c0050F30.dat
C:\WINDOWS\system32\__c00583B.dat
C:\WINDOWS\system32\__c005AEDB.dat
C:\WINDOWS\system32\__c007FC01.dat
C:\WINDOWS\system32\__c00862A.dat
C:\WINDOWS\system32\__c009316.dat
C:\WINDOWS\system32\__c00B5BD8.dat
C:\WINDOWS\system32\__c00B95F5.dat
C:\WINDOWS\system32\__c00C2B0A.dat
C:\WINDOWS\system32\__c00DBC59.dat
C:\WINDOWS\system32\__c00E9E09.dat
C:\WINDOWS\system32\__c00F1E64.dat
-----------------------------------------
lance The Avenger.
coche load script fron file (lire un script à partir d'un fichier) recherche alors fix.txt qui est sur ton bureau.
Ensuite lance-le avec l'icone du feu vert.
copies le rapport
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\wexbwkyf
*******************
Script file located at: \??\C:\WINDOWS\iwoyqlsb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\naglngpv.dll deleted successfully.
File C:\WINDOWS\system32\oejekabc.dll deleted successfully.
File C:\WINDOWS\system32\ouscwkdd.dll deleted successfully.
File C:\WINDOWS\system32\pmfoputf.dll deleted successfully.
File C:\WINDOWS\system32\qupfcsdy.dll deleted successfully.
File C:\WINDOWS\system32\swcpeaxc.dll deleted successfully.
File C:\WINDOWS\system32\uahacpja.dll deleted successfully.
File C:\WINDOWS\system32\vedlptwt.dll deleted successfully.
File C:\WINDOWS\system32\wnvpcmqm.dll deleted successfully.
File C:\WINDOWS\system32\ynqvvihr.dll deleted successfully.
File C:\WINDOWS\system32\__c0015F6F.dat deleted successfully.
File C:\WINDOWS\system32\__c0021113.dat deleted successfully.
File C:\WINDOWS\system32\__c00218B1.dat deleted successfully.
File C:\WINDOWS\system32\__c0030B8C.dat deleted successfully.
File C:\WINDOWS\system32\__c003E8D6.dat deleted successfully.
File C:\WINDOWS\system32\__c004A3C8.dat deleted successfully.
File C:\WINDOWS\system32\__c004C6E2.dat deleted successfully.
File C:\WINDOWS\system32\__c0050F30.dat deleted successfully.
File C:\WINDOWS\system32\__c00583B.dat deleted successfully.
File C:\WINDOWS\system32\__c005AEDB.dat deleted successfully.
File C:\WINDOWS\system32\__c007FC01.dat deleted successfully.
File C:\WINDOWS\system32\__c00862A.dat deleted successfully.
File C:\WINDOWS\system32\__c009316.dat deleted successfully.
File C:\WINDOWS\system32\__c00B5BD8.dat deleted successfully.
File C:\WINDOWS\system32\__c00B95F5.dat deleted successfully.
File C:\WINDOWS\system32\__c00C2B0A.dat deleted successfully.
File C:\WINDOWS\system32\__c00DBC59.dat deleted successfully.
File C:\WINDOWS\system32\__c00E9E09.dat deleted successfully.
File C:\WINDOWS\system32\__c00F1E64.dat deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\wexbwkyf
*******************
Script file located at: \??\C:\WINDOWS\iwoyqlsb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\naglngpv.dll deleted successfully.
File C:\WINDOWS\system32\oejekabc.dll deleted successfully.
File C:\WINDOWS\system32\ouscwkdd.dll deleted successfully.
File C:\WINDOWS\system32\pmfoputf.dll deleted successfully.
File C:\WINDOWS\system32\qupfcsdy.dll deleted successfully.
File C:\WINDOWS\system32\swcpeaxc.dll deleted successfully.
File C:\WINDOWS\system32\uahacpja.dll deleted successfully.
File C:\WINDOWS\system32\vedlptwt.dll deleted successfully.
File C:\WINDOWS\system32\wnvpcmqm.dll deleted successfully.
File C:\WINDOWS\system32\ynqvvihr.dll deleted successfully.
File C:\WINDOWS\system32\__c0015F6F.dat deleted successfully.
File C:\WINDOWS\system32\__c0021113.dat deleted successfully.
File C:\WINDOWS\system32\__c00218B1.dat deleted successfully.
File C:\WINDOWS\system32\__c0030B8C.dat deleted successfully.
File C:\WINDOWS\system32\__c003E8D6.dat deleted successfully.
File C:\WINDOWS\system32\__c004A3C8.dat deleted successfully.
File C:\WINDOWS\system32\__c004C6E2.dat deleted successfully.
File C:\WINDOWS\system32\__c0050F30.dat deleted successfully.
File C:\WINDOWS\system32\__c00583B.dat deleted successfully.
File C:\WINDOWS\system32\__c005AEDB.dat deleted successfully.
File C:\WINDOWS\system32\__c007FC01.dat deleted successfully.
File C:\WINDOWS\system32\__c00862A.dat deleted successfully.
File C:\WINDOWS\system32\__c009316.dat deleted successfully.
File C:\WINDOWS\system32\__c00B5BD8.dat deleted successfully.
File C:\WINDOWS\system32\__c00B95F5.dat deleted successfully.
File C:\WINDOWS\system32\__c00C2B0A.dat deleted successfully.
File C:\WINDOWS\system32\__c00DBC59.dat deleted successfully.
File C:\WINDOWS\system32\__c00E9E09.dat deleted successfully.
File C:\WINDOWS\system32\__c00F1E64.dat deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
