Help me pour analyse scan hijack

moyess -  
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,
j'y conais pas grand chose en informatique mais en parcourant vos forum ,j'ai vu que lorque l'on a un souci avec son ordi il faut faire une analyse hijack,donc si quelqu'un veut bien m'aider se serait cool, car je suis desesperé.

merci


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40, on 2008-02-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\A29EA09FA9A3A4A.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\bhij.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\DOCUME~1\KILAMA~1\LOCALS~1\Temp\Répertoire temporaire 2 pour HiJackThis.zip\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [19151716201A1B1A1] A29EA09FA9A3A4A.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
A voir également:

39 réponses

  • 1
  • 2
Réponse 1 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonsoir il faut expliqué ton soucis !

pour commencer
relance hijack et coche ceci
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O4 - HKLM\..\Run: [19151716201A1B1A1] A29EA09FA9A3A4A.exe
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
ensuite clic sur fix checked

ensuite
Télécharger sur le bureau

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
= Copier ce texte en gras

C:\bhij.exe

= Double-clic sur OTMoveIt.exe
= Dans le cadre de Gauche ==> clic-droit ==> coller
= Clic MoveIt!
= si redémarrage demandé==> Clic : YES
= Un rapport dans ==> C:_\OTMoveItMovedFilesdate du jour à copier/coller dans la réponse + nouveau rapport hijackthis.
@+
0
Réponse 2 / 39
moyess
 
merci pour ton aide,donc j'ai fais tout ce que tu m'as dis et quand l'ordi a redemarrer ca m'a demander d'inserer le disk trayapp et c'est impossible de le faire ou de le fermer,impossible aussi de t'envoyer le rapport de ot movelt, quand je clic sur C:_\OTMoveItMovedFilesdate du jour, (bhij.exe )ya rien ki s'ouvre et voila le rapport hijack.une petite question tu peu me dire quel est le soucis sur mon ordi qui expliquerais qu'il soit si lent et qu'il y est un virus.
merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13, on 2008-02-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\CONFIG~1\NDSTray.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\COMMAN~1\TFncKy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\CONFIG~1\CFXFER.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsiExec.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\KILAMA~1\LOCALS~1\Temp\Répertoire temporaire 4 pour HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [WintelUpdate] C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)
O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Media Center Extender Service (McrdSvc) - Unknown owner - C:\WINDOWS\ehome\mcrdsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - Unknown owner - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (file missing)
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)
0
Réponse 3 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
tu n'as pas posté le rapport de OTMoveIt

ensuite hijack et mal installer
supprime le
et fait ceci %temp% et vide le contenu
si tu ne peux pas fait le en mode sans échec
ensuite réinstalle hijack dans c:=>programmes files
normalement il doit te proposer ce chemin donc il faut suivre
ce qu'il dit
une fouis fait refais un nouveau hijack
0
Réponse 4 / 39
moyess
 
jt'envoi ca d'un autre ordi car le mien a planté.j'ai fais ce que tu m'as dis en mode sans echec et quand j'ai voulu le redemarer en mode normal pour reinstaller hijack et bien plus rien, j'ai juste la foto que j'avais mis en plein ecran.

j'ai peur d'avoir fais une grosse boulette!!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 39
moyess
 
je l'ai redemarrer c bon, je vai reinstaller hijack
0
Réponse 6 / 39
moyess
 
impossible de poste le rapport ot movelt, il ne s'ouvre pas comme je te disais auparavant et voici le nouvo rapport hijack.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20, on 2008-02-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\TPSMain.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\COMMAN~1\TFncKy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\CONFIG~1\CFXFER.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [WintelUpdate] C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)
O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Media Center Extender Service (McrdSvc) - Unknown owner - C:\WINDOWS\ehome\mcrdsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - Unknown owner - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (file missing)
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)
0
Réponse 7 / 39
moyess
 
rapport ot movelt
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20, on 2008-02-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\TPSMain.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\COMMAN~1\TFncKy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\CONFIG~1\CFXFER.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [WintelUpdate] C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)
O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Media Center Extender Service (McrdSvc) - Unknown owner - C:\WINDOWS\ehome\mcrdsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - Unknown owner - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (file missing)
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)
0
Réponse 8 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
supprime de ton pc OTMoveIt
qui se trouve dans c:
ensuite
Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
= Installer
= Le lancer
= Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport
@+
0
Réponse 9 / 39
moyess
 
c la galere avec ot movelt ,impossibl de leffacer, quand je passe par panneau de configuration ,et supprimer des programmes il n'apparait pas et quand je veux le supprimer directement par c:/ et bien ca ne marche pas et ca dis kil est impossible de supprimer MsnMsgr.Exe. cette ressource est utilisé par une autre personne ou un autre programme.
0
Réponse 10 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
fait le en mode sans echec
0
Réponse 11 / 39
moyess
 
j'ai une fenetre TrayApp qui s'ouvre et qui met du temps a se fermer a chaque fois que je redemarre l'ordi,je dois appuyer plein de fois sur annuler pour que ca se ferme.ca a commencer apre avoir installer ot movelt,et meme apres l'avoir desinstaller ca continue de me mettre qu'il y a une erreur avec ce fichier.

bon voila le rapport AVG

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 00:22 2008-02-03

+ Résultat de l'analyse:



C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020567.exe -> Backdoor.Agent.alm : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP263\A0020659.exe -> Backdoor.Agent.alm : Nettoyé.
C:\_OTMoveIt\MovedFiles\02022008_204403\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe -> Backdoor.Small.crw : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\sdmjfy.exe -> Backdoor.VanBot.ej : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP263\A0020654.exe -> Downloader.Agent.cbx : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\b128.exe.vir -> Downloader.Agent.ezc : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020668.exe -> Downloader.Agent.ezc : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\mrofinu1148.exe.vir -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP248\A0015754.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP248\A0016878.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP248\A0016879.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP248\A0016896.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP248\A0016897.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020529.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020530.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020564.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020565.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020566.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020619.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020620.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020622.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020642.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020643.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020646.exe -> Downloader.Agent.hql : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020666.exe -> Downloader.Agent.hql : Nettoyé.
C:\WINDOWS\17PHolmes1148.exe -> Downloader.Agent.hql : Nettoyé.
C:\WINDOWS\mrofinu1148.exe.tmp -> Downloader.Agent.hql : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir -> Downloader.Agent.hvj : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020667.exe -> Downloader.Agent.hvj : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020583.exe -> Downloader.Small.huv : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020607.exe -> Downloader.Small.huv : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020640.exe -> Downloader.Small.huv : Nettoyé.
C:\upaq.exe -> Downloader.Small.huv : Nettoyé.
C:\_OTMoveIt\MovedFiles\02022008_190422\WINDOWS\system32\A29EA09FA9A3A4A.exe -> Downloader.VB.chy : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP263\A0020658.sys -> Rootkit.Agent.pr : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@connextra[6].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\KILAMA GOUET\Cookies\kilama_gouet@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8031VT97\sdfsdf[1].htm -> Trojan.Agent.eeu : Nettoyé.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8031VT97\sdfsdf[2].htm -> Trojan.Agent.eeu : Nettoyé.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JSGD0OZU\sdfsdf[1].htm -> Trojan.Agent.eeu : Nettoyé.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JSGD0OZU\sdfsdf[3].htm -> Trojan.Agent.eeu : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020531.sys -> Worm.Agent.l : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020582.sys -> Worm.Agent.l : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020636.sys -> Worm.Agent.l : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP263\A0020662.sys -> Worm.Agent.l : Nettoyé.
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020726.sys -> Worm.Agent.l : Nettoyé.
C:\WINDOWS\system32\drivers\smtpdrv.sys -> Worm.Agent.l : Nettoyé.


Fin du rapport

@+
0
Réponse 12 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonjour
on va voir ça
maintenant on va faire un scan en ligne

avec bitdefender et colle le rapport

https://www.bitdefender.com/toolbox/

un tuto
https://kerio.probb.fr/
+ un nouveau rapport hijack stp
@+
0
Réponse 13 / 39
moyess
 
j'ai le rapport hijack ms comment on fait pour t'envoyer le rapport bitdefender et j'arrive pas aller sur ton tuto,https://kerio.probb.fr/

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:00, on 2008-02-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\_OTMOV~1\MOVEDF~1\021C64~1\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\COMMAN~1\TFncKy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_OTMoveIt\MovedFiles\02022008_204403\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Toolbar Suite\msn_sl.exe
C:\_OTMoveIt\MovedFiles\02022008_204403\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [WintelUpdate] C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\_OTMoveIt\MovedFiles\02022008_204403\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)
O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Media Center Extender Service (McrdSvc) - Unknown owner - C:\WINDOWS\ehome\mcrdsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - Unknown owner - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 14 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
le rapport hijack et à faire après le scan en ligne de bitdefender

voici un autre lien pour le tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
@+
0
Réponse 15 / 39
moyess
 
VOILA, jespere que c'est ce que tu attendais!!!

BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 13:58:48 03/02/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\full_scan\1202043528_1_02.xml

Scan Paths:Path0000: C:\


Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes


Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : No
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :


Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None


Scan engines summaryNumber of virus signatures : 978773
Archive plugins : 41
Email plugins : 6
Scan plugins : 12
Archive plugins : 41
System plugins : 4
Unpack plugins : 7


Overall scan summaryScanned items : 92634
Infected items : 760
Suspicious items : 1
Resolved items : 730
Individual viruses found : 12
Scanned directories : 6406
Scanned boot sectors : 2
Scanned archives : 37
Input-output errors : 29
Scan time : 00:00:38:20
Files per second : 40


Scanned processes summaryScanned : 38
Infected : 0


Scanned registry keys summaryScanned : 357
Infected : 0


Scanned cookies summaryScanned : 0
Infected : 0


Remaining issues:Object Name Threat Name Final Status
C:\QooBox\Quarantine\C\Program Files\Helper\superfindout.dll.vir Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020528.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020563.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020588.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020608.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020645.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020671.dll Adware.BHO.WQR Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024111.exe=](Quarantine-2) Adware.Whenu.I Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024110.exe=](Quarantine-2) Application.Adware.Savenow.G Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024338.exe Backdoor.Sdbot.DFEO Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020512.exe BehavesLike:Win32.Backdoor Suspect
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP267\A0024045.exe Packer.Expressor.B Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020523.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020589.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020610.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020647.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP263\A0020656.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024130.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024210.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024225.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024324.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024411.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024532.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024564.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024565.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024655.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024702.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024766.exe Trojan.DNSChanger.BX Disinfect Failed
C:\tuwwp.exe Trojan.DNSChanger.BX Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP261\A0020521.exe Trojan.Peed.Gen Disinfect Failed
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP262\A0020557.exe Trojan.Peed.Gen Disinfect Failed


Resolved issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP257\A0017931.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020699.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020700.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020701.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020703.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP264\A0020704.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024112.exe=](Quarantine-2) Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024113.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024114.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024115.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024116.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024117.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024118.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024119.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024120.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024121.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024122.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024123.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024124.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024125.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024126.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024127.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024128.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024129.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024131.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024132.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024133.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024134.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024135.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024136.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024137.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024138.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024139.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024140.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024141.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024142.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024143.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024144.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024145.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024146.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024147.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024148.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024149.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024150.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024151.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024152.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024153.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024154.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024155.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024156.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024157.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024158.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024159.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024160.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024161.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024162.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024163.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024164.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024165.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024166.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024167.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024168.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024169.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024170.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024171.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024172.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024173.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024174.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024175.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024176.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024177.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024178.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024179.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024180.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024181.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024182.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024183.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024184.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024185.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024186.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024187.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024188.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024189.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024190.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024191.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024192.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024193.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024194.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024195.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024196.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024197.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024198.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024199.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024200.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024201.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024202.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024203.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024204.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024205.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024206.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024207.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024208.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024209.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024211.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024212.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024213.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024214.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024215.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024216.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024217.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024218.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024219.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024220.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024221.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024222.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024223.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024224.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024226.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024227.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024228.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024229.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024230.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024231.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024232.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024233.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024234.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024235.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024236.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024237.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024238.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024239.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024240.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024241.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024242.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024243.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024244.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024245.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024246.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024247.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024248.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024249.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024250.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024251.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024252.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024253.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024254.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024255.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024256.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024257.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024258.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024259.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024260.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024261.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024262.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024263.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024264.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024265.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024266.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024267.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024268.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024269.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024270.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024271.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024272.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024273.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024274.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024275.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024276.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024277.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024278.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024279.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024280.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024281.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024282.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024283.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024284.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024285.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024286.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024287.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024288.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024289.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024290.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024291.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024292.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024293.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024294.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024295.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024296.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024297.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024298.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024299.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024300.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024301.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024302.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024303.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024304.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024305.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024306.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024307.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024308.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024309.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024310.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024311.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024312.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024313.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024314.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024315.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024316.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024317.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024318.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024319.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024320.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024321.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024322.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024323.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024325.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024326.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024327.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024328.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024329.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024330.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024331.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024332.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024333.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024334.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024335.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024336.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024337.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024339.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024340.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024341.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024342.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024343.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024344.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024345.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024346.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024347.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024348.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024349.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024350.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024351.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024352.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024353.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024354.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024355.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024356.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024357.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024358.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024359.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024360.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024361.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024362.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024363.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024364.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024365.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024366.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024367.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024368.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024369.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024370.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024371.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024372.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024373.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024374.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024375.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024376.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024377.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024378.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024379.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024380.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024381.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024382.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024383.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024384.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024385.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024386.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024387.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024388.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024389.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024390.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024391.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024392.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024393.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024394.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024395.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024396.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024397.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024398.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024399.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024400.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024401.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024402.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024403.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024404.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024405.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024406.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024407.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024408.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024409.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024410.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024412.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024413.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024414.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024415.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024416.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024417.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024418.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024419.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024420.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024421.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024422.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024423.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024424.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024425.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024426.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024427.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024428.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024429.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024430.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024431.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024432.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024433.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024434.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024435.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024436.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024437.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024438.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024439.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024440.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024441.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024442.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024443.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024444.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024445.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024446.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024447.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024448.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024449.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024450.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024451.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024452.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024453.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024454.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024455.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024456.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024457.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024458.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024459.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024460.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024461.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024462.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024463.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024464.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024465.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024466.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024467.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024468.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024469.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024470.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024471.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024472.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024473.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024474.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024475.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024476.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024477.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024478.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024479.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024480.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024481.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024482.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024483.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024484.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024485.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024486.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024487.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024488.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024489.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024490.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024491.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024492.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024493.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024494.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024495.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024496.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024497.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024498.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024499.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024500.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024501.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024502.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024503.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024504.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024505.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024506.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024507.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024508.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024509.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024510.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024511.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024512.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024513.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024514.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024515.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024516.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024517.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024518.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024519.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024520.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024521.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024522.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024523.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024524.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024525.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024526.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024527.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024528.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024529.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024530.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024531.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024533.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024534.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024535.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024536.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024537.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024538.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024539.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024540.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024541.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024542.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024543.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024544.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024545.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024546.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024547.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024548.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024549.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024550.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024551.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024552.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024553.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024554.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024555.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024556.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024557.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024558.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024559.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024560.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024561.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024562.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024563.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024566.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024567.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024568.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024569.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024570.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024571.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024572.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP270\A0024573.exe Backdoor.Sdbot.DFEO Deleted
C:\System Volume Information\_restore{626D9BD5-11D8-49A1
0
Réponse 16 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
très bien refais hijack stp
0
Réponse 17 / 39
moyess
 
voila,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:39, on 2008-02-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\CONFIG~1\NDSTray.exe
C:\_OTMOV~1\MOVEDF~1\021C64~1\_OTMOV~1\MOVEDF~1\020220~1\PROGRA~1\TOSHIBA\COMMAN~1\TFncKy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\_OTMoveIt\MovedFiles\02022008_204403\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN Toolbar Suite\MSNFirstRunWiz.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\_OTMoveIt\MovedFiles\02022008_190422\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\internet explorer\iexplore.exe
C:\_OTMoveIt\MovedFiles\02022008_204403\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [WintelUpdate] C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\_OTMoveIt\MovedFiles\02022008_204403\_OTMoveIt\MovedFiles\02022008_190422\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)
O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Media Center Extender Service (McrdSvc) - Unknown owner - C:\WINDOWS\ehome\mcrdsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Unknown owner - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - Unknown owner - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: windows mail service - Unknown owner - C:\WINDOWS\mail.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 18 / 39
ep44 Messages postés 7432 Statut Contributeur 3
 
supprime ceci
C:\_OTMoveIt\MovedFiles\02022008_190422\bhij.exe

ensuite dit moi si tu as encore des soucis ?

@+
0
Réponse 19 / 39
moyess
 
ca y est j'ai enfin reussi a le supprimer et je n'ai plus le meme souci au demarrage mais par contre je trouve que mon ordi continue a ramer pas mal.en ce qui concerne le virus il n'a ete supprimer car bitdefender me dis qu'il le met en quarantaine, donc pr le moment c bon, mais je crois que bit defender est seulement gratuit pendant 30j et apres ce delai que va t'il se passer?
0
Réponse 20 / 39
moyess
 
autre chose, je ne sais pa si tout est lié mais je dois mis prendre a plusieurs essai pour ouvrir mon msn a chaque fois que j'eteins l'ordi et que je le redemarre et quand l'ordi s'allume, il me dit que je n'ai pas de pare feu
0

Discussions similaires

télécharger router scan v2.6 ou v3.6
naf_2019 -
brucine -

2 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
comment lire des bd gratuitement en ligne sur internet ?
theodu13480 -
Ereka -

2 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse