AU SECOURS ORDI TOTALEMENT INFECTE
Fermé
juanangel
-
19 févr. 2008 à 03:05
noctambule28 Messages postés 31810 Date d'inscription samedi 12 mai 2007 Statut Webmaster Dernière intervention 13 février 2022 - 2 mars 2008 à 17:15
noctambule28 Messages postés 31810 Date d'inscription samedi 12 mai 2007 Statut Webmaster Dernière intervention 13 février 2022 - 2 mars 2008 à 17:15
A voir également:
- AU SECOURS ORDI TOTALEMENT INFECTE
- Mon ordi rame que faire - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Ordi ecran noir - Guide
- Comment retourner ecran ordi - Guide
28 réponses
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
19 févr. 2008 à 04:12
19 févr. 2008 à 04:12
Salut
Tu fais de l'elevage ! ;))
je pense que tu peux te preparer à passer quelques jours avec nous .....
bon, en premier tu va renommer hijackthis.exe en abcde.exe
ensuite ..........je commence par quoi ^^
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis ( renommé)
a+
Tu fais de l'elevage ! ;))
je pense que tu peux te preparer à passer quelques jours avec nous .....
bon, en premier tu va renommer hijackthis.exe en abcde.exe
ensuite ..........je commence par quoi ^^
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis ( renommé)
a+
voila ce que cela ma envoyé a la fin de ce que tu ma dis de faire
[b][u]SDFix: Version 1.143[/u][/b]
Run by moi on 19/02/2008 at 13:57
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\moi\Bureau\SDFix
[b][u]Checking Services[/u][/b]:
Name:
wnss
eomoeaeuuelsaae
LSA41
Path:
C:\WINDOWS\system32\wnss.exe
C:\WINDOWS\system32\zacdyebhjiwg.exe /service
System32\Drivers\Lsa41.sys
wnss - Deleted
eomoeaeuuelsaae - Deleted
LSA41 - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HKCU HomePage
Restoring Default Desktop Wallpaper
Rebooting...
Service USB2_04 - Deleted after Reboot
[b][u]Checking Files[/u][/b]:
Trojan Files Found:
C:\WINDOWS\system32\drivers\LSA41.sys - Deleted
C:\WINDOWS\SYSTEM32\DDCDDEC.DLL - Deleted
C:\WINDOWS\SYSTEM32\EFCBBYA.DLL - Deleted
C:\WINDOWS\SYSTEM32\FCCBCYV.DLL - Deleted
C:\WINDOWS\SYSTEM32\GEBXUUR.DLL - Deleted
C:\WINDOWS\SYSTEM32\HGGDEEE.DLL - Deleted
C:\WINDOWS\SYSTEM32\HGGEEBX.DLL - Deleted
C:\WINDOWS\SYSTEM32\IIFCCAA.DLL - Deleted
C:\WINDOWS\SYSTEM32\KHFEEEC.DLL - Deleted
C:\WINDOWS\SYSTEM32\LJJKLJH.DLL - Deleted
C:\WINDOWS\SYSTEM32\LJJKLLL.DLL - Deleted
C:\WINDOWS\SYSTEM32\MLJIFCA.DLL - Deleted
C:\WINDOWS\SYSTEM32\PMNLIIH.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMKHHF.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMMLIH.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMMMKI.DLL - Deleted
C:\WINDOWS\SYSTEM32\RQRROPQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SSQQQNO.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVTQQP.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVTSTS.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVVTTS.DLL - Deleted
C:\WINDOWS\SYSTEM32\VTURPNK.DLL - Deleted
C:\WINDOWS\SYSTEM32\WVURPNK.DLL - Deleted
C:\WINDOWS\SYSTEM32\WVURSTR.DLL - Deleted
C:\WINDOWS\SYSTEM32\YAYYXXY.DLL - Deleted
C:\Documents and Settings\moi\Application Data\Deskbar_{E420738A-A1BA-4bbf-A916-D97D3E580699}\log.txt - Deleted
C:\Program Files\dbar\basis.xml - Deleted
C:\Program Files\dbar\dbaruninst.exe - Deleted
C:\Program Files\dbar\deskbar.crc - Deleted
C:\Program Files\dbar\deskbar.dll - Deleted
C:\Program Files\dbar\deskbar.inf - Deleted
C:\Program Files\dbar\logo.bmp - Deleted
C:\Program Files\dbar\mbback.bmp - Deleted
C:\Program Files\dbar\mbbigopen.bmp - Deleted
C:\Program Files\dbar\mbclose.bmp - Deleted
C:\Program Files\dbar\mbfwd.bmp - Deleted
C:\Program Files\dbar\mblogo.bmp - Deleted
C:\Program Files\dbar\mbsep.bmp - Deleted
C:\Program Files\dbar\nav1.bmp - Deleted
C:\Program Files\dbar\nav2.bmp - Deleted
C:\Program Files\dbar\version.txt - Deleted
C:\Program Files\drmupgds\Drmupgds.exe - Deleted
C:\Program Files\Temporary\InsiDERInst.exe - Deleted
C:\Program Files\winvi\Uninst.exe - Deleted
C:\Program Files\winvi\update.exe - Deleted
C:\Program Files\winvi\version.ini - Deleted
C:\Program Files\winvi\wupda.exe - Deleted
C:\Program Files\winvi\dsktp\AC_RunActiveContent.js - Deleted
C:\Program Files\winvi\dsktp\desktop.html - Deleted
C:\Program Files\winvi\dsktp\internetDetection.swf - Deleted
C:\Program Files\winvi\dsktp\settings.sol - Deleted
C:\Program Files\winvi\temp\version.ini - Deleted
C:\Program Files\Words\list.txt - Deleted
C:\Program Files\Words\script.txt - Deleted
C:\Program Files\Words\UnInstall.exe - Deleted
C:\Program Files\Words\Words.exe - Deleted
C:\Program Files\xInsIDE\xInsIDE.exe - Deleted
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe - Deleted
C:\WINDOWS\b122.exe - Deleted
C:\WINDOWS\b128.exe - Deleted
C:\WINDOWS\b143.exe - Deleted
C:\WINDOWS\b147.exe - Deleted
C:\WINDOWS\b149.exe - Deleted
C:\WINDOWS\b153.exe - Deleted
C:\WINDOWS\system32\9_exception.nls - Deleted
C:\WINDOWS\system32\LogCrypt.dll - Deleted
C:\WINDOWS\system32\WLCtrl32.dll - Deleted
C:\WINDOWS\system32\wnss.exe - Deleted
C:\WINDOWS\xpupdate.exe - Deleted
C:\WINDOWS\System32\drivers\nkv2.sys - Deleted
Folder C:\Documents and Settings\moi\Application Data\Deskbar_{E420738A-A1BA-4bbf-A916-D97D3E580699} - Removed
Folder C:\Program Files\dbar - Removed
Folder C:\Program Files\drmupgds - Removed
Folder C:\Program Files\InetGet2 - Removed
Folder C:\Program Files\Insider - Removed
Folder C:\Program Files\Temporary - Removed
Folder C:\Program Files\winvi - Removed
Folder C:\Program Files\Words - Removed
Folder C:\Program Files\xInsIDE - Removed
Removing Temp Files...
[b][u]ADS Check[/u][/b]:
[b][u]Final Check[/u][/b]:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 14:06:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000a5
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 36
[b][u]Remaining Services[/u][/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Webtarot\\webtarot.exe"="C:\\Program Files\\Webtarot\\webtarot.exe:*:Enabled:jeu de tarot"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\wnss.exe"="C:\\WINDOWS\\system32\\wnss.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\68.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\68.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\31.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\31.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\47.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\47.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\57.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\57.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\83.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\83.exe:*:Enabled:Windows Network Security Service"
"\\??\\C:\\WINDOWS\\system32\\winlogon.exe"="\\??\\C:\\WINDOWS\\system32\\winlogon.exewinlogon.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Wireless 802.11g Monitor\\WLService.exe"="C:\\Program Files\\Wireless 802.11g Monitor\\WLService.exeC:\\Program Files\\Wireless 802.11g Monitor\\WLService.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\56.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\56.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\65.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\65.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\12.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\12.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\00.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\00.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\WINDOWS\\system32\\Ati2evxx.exe"="C:\\WINDOWS\\system32\\Ati2evxx.exeC:\\WINDOWS\\system32\\Ati2evxx.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\system32\\services.exe"="C:\\WINDOWS\\system32\\services.exeC:\\WINDOWS\\system32\\services.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"="C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exeC:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\system32\\logonui.exe"="C:\\WINDOWS\\system32\\logonui.exelogonui.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\System32\\svchost.exe"="C:\\WINDOWS\\System32\\svchost.exeC:\\WINDOWS\\System32\\svchost.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXEC:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exeC:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Explorateur Windows"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b][u]Remaining Files[/u][/b]:
File Backups: - C:\DOCUME~1\moi\Bureau\SDFix\backups\backups.zip
[b][u]Files with Hidden Attributes[/u][/b]:
Mon 11 Feb 2008 23 A.SH. --- "C:\WINDOWS\system32\adbce3_r.dll"
Wed 23 Jan 2008 79,360 ..SHR --- "C:\WINDOWS\system32\rmwsvc.exe"
Sat 20 Oct 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 16 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 14 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b79817f6eaff5d013a81bd2aff4f2954\BITAA.tmp"
[b]Finished![/b]
voila mon nouvea hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:27:32, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\owepyopq.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
[b][u]SDFix: Version 1.143[/u][/b]
Run by moi on 19/02/2008 at 13:57
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\moi\Bureau\SDFix
[b][u]Checking Services[/u][/b]:
Name:
wnss
eomoeaeuuelsaae
LSA41
Path:
C:\WINDOWS\system32\wnss.exe
C:\WINDOWS\system32\zacdyebhjiwg.exe /service
System32\Drivers\Lsa41.sys
wnss - Deleted
eomoeaeuuelsaae - Deleted
LSA41 - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HKCU HomePage
Restoring Default Desktop Wallpaper
Rebooting...
Service USB2_04 - Deleted after Reboot
[b][u]Checking Files[/u][/b]:
Trojan Files Found:
C:\WINDOWS\system32\drivers\LSA41.sys - Deleted
C:\WINDOWS\SYSTEM32\DDCDDEC.DLL - Deleted
C:\WINDOWS\SYSTEM32\EFCBBYA.DLL - Deleted
C:\WINDOWS\SYSTEM32\FCCBCYV.DLL - Deleted
C:\WINDOWS\SYSTEM32\GEBXUUR.DLL - Deleted
C:\WINDOWS\SYSTEM32\HGGDEEE.DLL - Deleted
C:\WINDOWS\SYSTEM32\HGGEEBX.DLL - Deleted
C:\WINDOWS\SYSTEM32\IIFCCAA.DLL - Deleted
C:\WINDOWS\SYSTEM32\KHFEEEC.DLL - Deleted
C:\WINDOWS\SYSTEM32\LJJKLJH.DLL - Deleted
C:\WINDOWS\SYSTEM32\LJJKLLL.DLL - Deleted
C:\WINDOWS\SYSTEM32\MLJIFCA.DLL - Deleted
C:\WINDOWS\SYSTEM32\PMNLIIH.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMKHHF.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMMLIH.DLL - Deleted
C:\WINDOWS\SYSTEM32\QOMMMKI.DLL - Deleted
C:\WINDOWS\SYSTEM32\RQRROPQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SSQQQNO.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVTQQP.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVTSTS.DLL - Deleted
C:\WINDOWS\SYSTEM32\TUVVTTS.DLL - Deleted
C:\WINDOWS\SYSTEM32\VTURPNK.DLL - Deleted
C:\WINDOWS\SYSTEM32\WVURPNK.DLL - Deleted
C:\WINDOWS\SYSTEM32\WVURSTR.DLL - Deleted
C:\WINDOWS\SYSTEM32\YAYYXXY.DLL - Deleted
C:\Documents and Settings\moi\Application Data\Deskbar_{E420738A-A1BA-4bbf-A916-D97D3E580699}\log.txt - Deleted
C:\Program Files\dbar\basis.xml - Deleted
C:\Program Files\dbar\dbaruninst.exe - Deleted
C:\Program Files\dbar\deskbar.crc - Deleted
C:\Program Files\dbar\deskbar.dll - Deleted
C:\Program Files\dbar\deskbar.inf - Deleted
C:\Program Files\dbar\logo.bmp - Deleted
C:\Program Files\dbar\mbback.bmp - Deleted
C:\Program Files\dbar\mbbigopen.bmp - Deleted
C:\Program Files\dbar\mbclose.bmp - Deleted
C:\Program Files\dbar\mbfwd.bmp - Deleted
C:\Program Files\dbar\mblogo.bmp - Deleted
C:\Program Files\dbar\mbsep.bmp - Deleted
C:\Program Files\dbar\nav1.bmp - Deleted
C:\Program Files\dbar\nav2.bmp - Deleted
C:\Program Files\dbar\version.txt - Deleted
C:\Program Files\drmupgds\Drmupgds.exe - Deleted
C:\Program Files\Temporary\InsiDERInst.exe - Deleted
C:\Program Files\winvi\Uninst.exe - Deleted
C:\Program Files\winvi\update.exe - Deleted
C:\Program Files\winvi\version.ini - Deleted
C:\Program Files\winvi\wupda.exe - Deleted
C:\Program Files\winvi\dsktp\AC_RunActiveContent.js - Deleted
C:\Program Files\winvi\dsktp\desktop.html - Deleted
C:\Program Files\winvi\dsktp\internetDetection.swf - Deleted
C:\Program Files\winvi\dsktp\settings.sol - Deleted
C:\Program Files\winvi\temp\version.ini - Deleted
C:\Program Files\Words\list.txt - Deleted
C:\Program Files\Words\script.txt - Deleted
C:\Program Files\Words\UnInstall.exe - Deleted
C:\Program Files\Words\Words.exe - Deleted
C:\Program Files\xInsIDE\xInsIDE.exe - Deleted
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe - Deleted
C:\WINDOWS\b122.exe - Deleted
C:\WINDOWS\b128.exe - Deleted
C:\WINDOWS\b143.exe - Deleted
C:\WINDOWS\b147.exe - Deleted
C:\WINDOWS\b149.exe - Deleted
C:\WINDOWS\b153.exe - Deleted
C:\WINDOWS\system32\9_exception.nls - Deleted
C:\WINDOWS\system32\LogCrypt.dll - Deleted
C:\WINDOWS\system32\WLCtrl32.dll - Deleted
C:\WINDOWS\system32\wnss.exe - Deleted
C:\WINDOWS\xpupdate.exe - Deleted
C:\WINDOWS\System32\drivers\nkv2.sys - Deleted
Folder C:\Documents and Settings\moi\Application Data\Deskbar_{E420738A-A1BA-4bbf-A916-D97D3E580699} - Removed
Folder C:\Program Files\dbar - Removed
Folder C:\Program Files\drmupgds - Removed
Folder C:\Program Files\InetGet2 - Removed
Folder C:\Program Files\Insider - Removed
Folder C:\Program Files\Temporary - Removed
Folder C:\Program Files\winvi - Removed
Folder C:\Program Files\Words - Removed
Folder C:\Program Files\xInsIDE - Removed
Removing Temp Files...
[b][u]ADS Check[/u][/b]:
[b][u]Final Check[/u][/b]:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 14:06:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000a5
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 36
[b][u]Remaining Services[/u][/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Webtarot\\webtarot.exe"="C:\\Program Files\\Webtarot\\webtarot.exe:*:Enabled:jeu de tarot"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\wnss.exe"="C:\\WINDOWS\\system32\\wnss.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\68.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\68.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\31.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\31.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\47.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\47.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\57.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\57.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\83.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\83.exe:*:Enabled:Windows Network Security Service"
"\\??\\C:\\WINDOWS\\system32\\winlogon.exe"="\\??\\C:\\WINDOWS\\system32\\winlogon.exewinlogon.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Wireless 802.11g Monitor\\WLService.exe"="C:\\Program Files\\Wireless 802.11g Monitor\\WLService.exeC:\\Program Files\\Wireless 802.11g Monitor\\WLService.exe:*:Enabled:Windows Network Security Service"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\56.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\56.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\65.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\65.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\12.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\12.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\00.exe"="C:\\DOCUME~1\\moi\\LOCALS~1\\Temp\\00.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\WINDOWS\\system32\\Ati2evxx.exe"="C:\\WINDOWS\\system32\\Ati2evxx.exeC:\\WINDOWS\\system32\\Ati2evxx.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\system32\\services.exe"="C:\\WINDOWS\\system32\\services.exeC:\\WINDOWS\\system32\\services.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"="C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exeC:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\system32\\logonui.exe"="C:\\WINDOWS\\system32\\logonui.exelogonui.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\System32\\svchost.exe"="C:\\WINDOWS\\System32\\svchost.exeC:\\WINDOWS\\System32\\svchost.exe:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXEC:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Windows Network Security Service"
"C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exeC:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe:*:Enabled:Windows Network Security Service"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Explorateur Windows"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b][u]Remaining Files[/u][/b]:
File Backups: - C:\DOCUME~1\moi\Bureau\SDFix\backups\backups.zip
[b][u]Files with Hidden Attributes[/u][/b]:
Mon 11 Feb 2008 23 A.SH. --- "C:\WINDOWS\system32\adbce3_r.dll"
Wed 23 Jan 2008 79,360 ..SHR --- "C:\WINDOWS\system32\rmwsvc.exe"
Sat 20 Oct 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 16 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 14 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b79817f6eaff5d013a81bd2aff4f2954\BITAA.tmp"
[b]Finished![/b]
voila mon nouvea hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:27:32, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\owepyopq.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
19 févr. 2008 à 16:44
19 févr. 2008 à 16:44
salut
bon l'ecurie commence à se vider.....
je t'avais demandé de renommer hijackthis, c'est pas pour faire jolie, ou parce que le nom m'insupporte , c'est qu'il y a des infections qui se cache de hijackthis, donc il faudrai que tu le fasses.
tu va sur le fichier hijackthis , tu fais un clic droit et renommer
et à lea place de hijackthis tu mets abcde
ensuite tu me remets un hijackthis.
a+
bon l'ecurie commence à se vider.....
je t'avais demandé de renommer hijackthis, c'est pas pour faire jolie, ou parce que le nom m'insupporte , c'est qu'il y a des infections qui se cache de hijackthis, donc il faudrai que tu le fasses.
tu va sur le fichier hijackthis , tu fais un clic droit et renommer
et à lea place de hijackthis tu mets abcde
ensuite tu me remets un hijackthis.
a+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:58, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\bwin\bwinPoker.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\tcunqavm.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
Scan saved at 16:55:58, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\bwin\bwinPoker.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\tcunqavm.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
19 févr. 2008 à 17:07
19 févr. 2008 à 17:07
regarde
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
c'est ce fichier que je voudrais que tu renommes, donc tu suis le chemin
demarrer-->poste de travail-->c:-->programfiles-->trendmicro-->hijackthis-->hijackthis.exe et la tu clic droit dessus pour renommer
et tu refait un scan
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
c'est ce fichier que je voudrais que tu renommes, donc tu suis le chemin
demarrer-->poste de travail-->c:-->programfiles-->trendmicro-->hijackthis-->hijackthis.exe et la tu clic droit dessus pour renommer
et tu refait un scan
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:24:29, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\bwin\bwinPoker.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\ncdjfuwm.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
Scan saved at 17:24:29, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ylkbmz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\bwin\bwinPoker.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] C:\DOCUME~1\moi\LOCALS~1\Temp\00.exe
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\ncdjfuwm.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Print Spooler Service (eomoeaeuuelsaae) - Unknown owner - C:\WINDOWS\system32\zacdyebhjiwg.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
minas123tirith
Messages postés
73
Date d'inscription
vendredi 15 février 2008
Statut
Membre
Dernière intervention
26 mai 2008
9
19 févr. 2008 à 18:11
19 févr. 2008 à 18:11
Salut les gars, sincerment ne perdez pas votre temps à manipulez tous, reformate ta partition et puis on en parle plus.
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
19 févr. 2008 à 18:50
19 févr. 2008 à 18:50
bon, c'est pas encore, ça , je vais essayer de faire sans
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer.
Clique sur le bouton Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
Démarre ton PC à nouveau.
Copie/colle le rapport (c:\vundofix.txt) dans ta réponse
a+
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer.
Clique sur le bouton Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
Démarre ton PC à nouveau.
Copie/colle le rapport (c:\vundofix.txt) dans ta réponse
a+
jai fait ce que tu ma di
mais je nai pa pu faire de copié collé
je n'ai pas trouvé a quelle moment le faire
mais cela a fait du bien a mon ordi
je suis nul en informatique
desolé merci de ton aide
mais je nai pa pu faire de copié collé
je n'ai pas trouvé a quelle moment le faire
mais cela a fait du bien a mon ordi
je suis nul en informatique
desolé merci de ton aide
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
21 févr. 2008 à 18:30
21 févr. 2008 à 18:30
salut
tu ouvres le rapport qui est ici (c:\vundofix.txt) tu selectionne tout , pour ça tu vas dans le menu edition, et "tout selectionner"
puis copier
et enfin tu le colle sur le forum
il me faut se rapport pour continuer
a+
tu ouvres le rapport qui est ici (c:\vundofix.txt) tu selectionne tout , pour ça tu vas dans le menu edition, et "tout selectionner"
puis copier
et enfin tu le colle sur le forum
il me faut se rapport pour continuer
a+
AH CA Y EST VOILA LE RAPPORT
MERCI
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
MERCI
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
AH CA Y EST VOILA LE RAPPORT
MERCI
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
MERCI
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
22 févr. 2008 à 18:09
22 févr. 2008 à 18:09
ouaip!!
* Lance Vundofix mais ne clique pas sur Scan for Vundo.
* Fais un clic droit sur la fenêtre blanche et choisis add more files.
* Indique les fichiers suivants dans les cases (un fichier par case) :
C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\gebaxwt.dll
* Clique sur add files puis close windows.
* Clique sur Remove Vundo. Un redémarrage sera peut-être nécessaire.
* Poste le rapport généré+ un nouveau HijackThis, il se trouve ici : C:\vundofix.txt
a+
* Lance Vundofix mais ne clique pas sur Scan for Vundo.
* Fais un clic droit sur la fenêtre blanche et choisis add more files.
* Indique les fichiers suivants dans les cases (un fichier par case) :
C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\gebaxwt.dll
* Clique sur add files puis close windows.
* Clique sur Remove Vundo. Un redémarrage sera peut-être nécessaire.
* Poste le rapport généré+ un nouveau HijackThis, il se trouve ici : C:\vundofix.txt
a+
VOILA POUR LE PREMIER
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Performing Repairs to the registry.
Done!
VOILA LE HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:55, on 23/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\rwlreudy.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\RunServices: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\RunServices: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
VundoFix V6.7.8
Checking Java version...
Scan started at 18:55:11 19/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebyaxx.dll
C:\windows\system32\gebyy.dll
C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywxvs.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtsq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\awtst.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\brxpfiol.dll
C:\WINDOWS\system32\brxpfiol.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\byxursr.dll
C:\WINDOWS\system32\byxursr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaab.dll
C:\WINDOWS\system32\cbxyaab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxyaxy.dll
C:\WINDOWS\system32\cbxyaxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ddaba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\ddayx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcbaaa.dll
C:\WINDOWS\system32\ddcbaaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcabab.dll
C:\WINDOWS\system32\efcabab.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\efcbaya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcccby.dll
C:\WINDOWS\system32\efcccby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fccdabb.dll
C:\WINDOWS\system32\fccdabb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\gebcdby.dll
C:\WINDOWS\system32\gebcdby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\gebya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyaxx.dll
C:\WINDOWS\system32\gebyaxx.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggdcby.dll
C:\WINDOWS\system32\hggdcby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggffd.dll
C:\WINDOWS\system32\hgggffd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggggda.dll
C:\WINDOWS\system32\hggggda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcaby.dll
C:\WINDOWS\system32\iifcaby.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefcy.dll
C:\WINDOWS\system32\iifefcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifefff.dll
C:\WINDOWS\system32\iifefff.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifgffc.dll
C:\WINDOWS\system32\iifgffc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjgf.dll
C:\WINDOWS\system32\jkkjjgf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkjjkl.dll
C:\WINDOWS\system32\jkkjjkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfcday.dll
C:\WINDOWS\system32\khfcday.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfecde.dll
C:\WINDOWS\system32\khfecde.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjhgec.dll
C:\WINDOWS\system32\ljjhgec.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ljjiiif.dll
C:\WINDOWS\system32\ljjiiif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljheba.dll
C:\WINDOWS\system32\mljheba.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljkkhh.dll
C:\WINDOWS\system32\mljkkhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\nnnljif.dll
C:\WINDOWS\system32\nnnljif.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnnlkkl.dll
C:\WINDOWS\system32\nnnlkkl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\okxkahre.dll
C:\WINDOWS\system32\okxkahre.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ollstssn.dll
C:\WINDOWS\system32\ollstssn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owepyopq.dll
C:\WINDOWS\system32\owepyopq.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\pmnklmm.dll
C:\WINDOWS\system32\pmnklmm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnliig.dll
C:\WINDOWS\system32\pmnliig.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnljjg.dll
C:\WINDOWS\system32\pmnljjg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qomnnlk.dll
C:\WINDOWS\system32\qomnnlk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrropm.dll
C:\WINDOWS\system32\rqrropm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rqrrpoo.dll
C:\WINDOWS\system32\rqrrpoo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sojqmwcs.dll
C:\WINDOWS\system32\sojqmwcs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tcunqavm.dll
C:\WINDOWS\system32\tcunqavm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjtllnyv.dll
C:\WINDOWS\system32\tjtllnyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvtrrp.dll
C:\WINDOWS\system32\tuvtrrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvusro.dll
C:\WINDOWS\system32\tuvusro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tuvvsss.dll
C:\WINDOWS\system32\tuvvsss.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqomki.dll
C:\WINDOWS\system32\urqomki.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqpnno.dll
C:\WINDOWS\system32\urqpnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urqrsqq.dll
C:\WINDOWS\system32\urqrsqq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\vtutq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\vtutt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wujyldjc.dll
C:\WINDOWS\system32\wujyldjc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuuuro.dll
C:\WINDOWS\system32\wvuuuro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvuvtuv.dll
C:\WINDOWS\system32\wvuvtuv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxyvwur.dll
C:\WINDOWS\system32\xxyvwur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xxywwxu.dll
C:\WINDOWS\system32\xxywwxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywwxv.dll
C:\WINDOWS\system32\yaywwxv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yaywxvs.dll
C:\WINDOWS\system32\yaywxvs.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ncdjfuwm.dll
C:\WINDOWS\system32\ncdjfuwm.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.7.8
Checking Java version...
Scan started at 15:34:30 20/02/2008
Listing files found while scanning....
C:\windows\system32\awvtq.dll
C:\WINDOWS\system32\gebaxwt.dll
C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini2
C:\WINDOWS\system32\rlpyeulr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Attempting to delete C:\windows\system32\qtvwa.ini
C:\windows\system32\qtvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\qtvwa.ini2
C:\windows\system32\qtvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rlpyeulr.dll
C:\WINDOWS\system32\rlpyeulr.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\gebaxwt.dll Could not be deleted.
Performing Repairs to the registry.
Done!
VOILA LE HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:55, on 23/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rmwsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\rwlreudy.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\RunServices: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\RunServices: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
23 févr. 2008 à 19:23
23 févr. 2008 à 19:23
salut
ça tu l'avais deja fait
c'est ça qu'il me faudrait
http://www.commentcamarche.net/forum/affich 5087129 au secours ordi totalement infecte#14
ça tu l'avais deja fait
c'est ça qu'il me faudrait
http://www.commentcamarche.net/forum/affich 5087129 au secours ordi totalement infecte#14
VOILA HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:34:03, on 25/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\rwlreudy.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\RunServices: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\RunServices: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:34:03, on 25/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\Run: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKLM\..\Run: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Control Server] rmwsvc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [08b64544] rundll32.exe "C:\WINDOWS\system32\rwlreudy.dll",b
O4 - HKLM\..\RunServices: [ylkbmz] C:\WINDOWS\system32\ylkbmz.exe
O4 - HKLM\..\RunServices: [zacdyebhjiwg] C:\WINDOWS\system32\zacdyebhjiwg.exe
O4 - HKLM\..\RunServices: [wswtdyuzl] C:\WINDOWS\system32\wswtdyuzl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
noctambule28
Messages postés
31810
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
25 févr. 2008 à 05:42
25 févr. 2008 à 05:42
salut
le rapport vundo que tu me donne , n'est pas le bon ( il date du 20/02)
celui qu'il me faut c'est celui apres avoir fait ce qui est noté au post 14.
a+
le rapport vundo que tu me donne , n'est pas le bon ( il date du 20/02)
celui qu'il me faut c'est celui apres avoir fait ce qui est noté au post 14.
a+
Checking Java version...
Scan started at 15:14:57 26/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\aidtvlqf.dll
C:\WINDOWS\system32\asihaglc.dll
C:\WINDOWS\system32\fqlvtdia.ini
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\jjjlm.ini
C:\WINDOWS\system32\jjjlm.ini2
C:\WINDOWS\system32\likycqls.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\slqcykil.ini
Scan started at 15:14:57 26/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\aidtvlqf.dll
C:\WINDOWS\system32\asihaglc.dll
C:\WINDOWS\system32\fqlvtdia.ini
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\jjjlm.ini
C:\WINDOWS\system32\jjjlm.ini2
C:\WINDOWS\system32\likycqls.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\slqcykil.ini
Checking Java version...
Scan started at 15:14:57 26/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\aidtvlqf.dll
C:\WINDOWS\system32\asihaglc.dll
C:\WINDOWS\system32\fqlvtdia.ini
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\jjjlm.ini
C:\WINDOWS\system32\jjjlm.ini2
C:\WINDOWS\system32\likycqls.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\slqcykil.ini
Scan started at 15:14:57 26/02/2008
Listing files found while scanning....
C:\WINDOWS\system32\aidtvlqf.dll
C:\WINDOWS\system32\asihaglc.dll
C:\WINDOWS\system32\fqlvtdia.ini
C:\WINDOWS\system32\gebaxwt.dll
C:\WINDOWS\system32\jjjlm.ini
C:\WINDOWS\system32\jjjlm.ini2
C:\WINDOWS\system32\likycqls.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\slqcykil.ini