Sujet Précédent Sujet Suivant

Mon ordi ne detect pas windows system32 pmnlk

Fermé
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010 - 15 mars 2008 à 03:25
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 13 mai 2008 à 23:40
Bonjour,
est-il possible de faire quelque chose sans le cd windows?
A voir également:

11 réponses

Réponse 1 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
15 mars 2008 à 03:48
Tsniper,

tu es infecté, ce n´est pas un fichier qui te manque...

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+
1
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
15 mars 2008 à 04:16
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:14:00, on 15/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0a\aoltray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: load=C:\WINDOWS\system32\pmnlk.exe
O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DE966A5-5C74-4845-AFC4-C2027C847D18} - C:\WINDOWS\system32\pmnlk.dll (file missing)
O2 - BHO: {6ae5c9f2-a2a5-4dea-57e4-d45aadfdea33} - {33aedfda-a54d-4e75-aed4-5a2a2f9c5ea6} - C:\WINDOWS\system32\ktioicwv.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {89AF1DCA-6355-4465-94B0-E3D49FD2896B} - C:\WINDOWS\system32\opnlklm.dll (file missing)
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\pbosroym.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [14ac587f] rundll32.exe "C:\WINDOWS\system32\sbxlndih.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BM179f6be3] Rundll32.exe "C:\WINDOWS\system32\ignvknhc.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ecran de veille] C:\Program Files\Fichiers communs\AOL\Screensaver\ygpsstra.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O20 - Winlogon Notify: opnlklm - opnlklm.dll (file missing)
O20 - Winlogon Notify: pbosroym - pbosroym.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
TSniper Messages postés 778 Date d'inscription lundi 14 janvier 2008 Statut Membre Dernière intervention 15 novembre 2016 157
19 mars 2008 à 11:02
non je ne suis pas infecté
0
Réponse 2 / 11
TSniper Messages postés 778 Date d'inscription lundi 14 janvier 2008 Statut Membre Dernière intervention 15 novembre 2016 157
15 mars 2008 à 03:33
comment ca??
0
Réponse 3 / 11
TSniper Messages postés 778 Date d'inscription lundi 14 janvier 2008 Statut Membre Dernière intervention 15 novembre 2016 157
15 mars 2008 à 03:34
il ne peut pas acceder à windows??
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
15 mars 2008 à 03:42
je ni connait rien en ordi et kan je l allume il me dit ke c:windows/systeme32/pmnlk.exe.est introuvable
Ke doi-je faire ou ke pui-je faire
Dsl mais j'ai du mal avec les ordis !!
merci
0
Réponse 4 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
15 mars 2008 à 04:28
re,

fais ceci :

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message ainsi qu´un nouveau rapport hijack this.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
15 mars 2008 à 05:43
ComboFix 08-03-14.4 - math 2008-03-15 5:15:40.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.489 [GMT 1:00]
Endroit: C:\Documents and Settings\math\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\Documents and Settings\math\Local Settings\Application Data\jfaci.dat
c:\documents and settings\math\local settings\application data\jfaci.exe
c:\Documents and Settings\math\Local Settings\Application Data\jfaci_nav.dat
c:\Documents and Settings\math\Local Settings\Application Data\jfaci_navps.dat
C:\WINDOWS\BM179f6be3.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\agsxvpay.dll
C:\WINDOWS\system32\aguxbooc.dll
C:\WINDOWS\system32\ajjgluel.dll
C:\WINDOWS\system32\avtxhwwf.dll
C:\WINDOWS\system32\awtuust.dll
C:\WINDOWS\system32\bbatbaka.ini
C:\WINDOWS\system32\bckdufvq.dll
C:\WINDOWS\system32\bsrdejeh.dll
C:\WINDOWS\system32\buoysbyp.ini
C:\WINDOWS\system32\ciwycgxw.ini
C:\WINDOWS\system32\ckmccrty.dll
C:\WINDOWS\system32\cosvxjaj.dll
C:\WINDOWS\system32\criptgpx.dll
C:\WINDOWS\system32\csqxmbja.ini
C:\WINDOWS\system32\cuvdxwvj.dll
C:\WINDOWS\system32\cvhkmlsn.dll
C:\WINDOWS\system32\dajykxjk.ini
C:\WINDOWS\system32\dbawhhrw.dll
C:\WINDOWS\system32\ddelxwtx.dll
C:\WINDOWS\system32\dixtlkwc.dll
C:\WINDOWS\system32\ebhndkvj.ini
C:\WINDOWS\system32\ejcmhwga.dll
C:\WINDOWS\system32\elqvehdp.dll
C:\WINDOWS\system32\elwxqpuc.ini
C:\WINDOWS\system32\eqrrgoaa.dll
C:\WINDOWS\system32\etmsluje.ini
C:\WINDOWS\system32\fbsdulil.dll
C:\WINDOWS\system32\fklsamdk.dll
C:\WINDOWS\system32\flsjfrxi.ini
C:\WINDOWS\system32\frtgeeur.ini
C:\WINDOWS\system32\futvfvmb.dll
C:\WINDOWS\system32\gepxilyg.ini
C:\WINDOWS\system32\ghwtwbup.dll
C:\WINDOWS\system32\gifymmla.dll
C:\WINDOWS\system32\gqjmpunv.dll
C:\WINDOWS\system32\hfxdanql.dll
C:\WINDOWS\system32\hidnlxbs.ini
C:\WINDOWS\system32\hlbuohis.dll
C:\WINDOWS\system32\hoqssqhy.dll
C:\WINDOWS\system32\hujddskf.dll
C:\WINDOWS\system32\idqvudoh.dll
C:\WINDOWS\system32\ieubqmdx.dll
C:\WINDOWS\system32\ignvknhc.dll
C:\WINDOWS\system32\iiawgotk.dll
C:\WINDOWS\system32\ijgrjfga.ini
C:\WINDOWS\system32\ikaeuekt.ini
C:\WINDOWS\system32\ipddxoel.dll
C:\WINDOWS\system32\ismpttbr.dll
C:\WINDOWS\system32\ivkobttj.dll
C:\WINDOWS\system32\ivujcykq.dll
C:\WINDOWS\system32\ixutmkwb.dll
C:\WINDOWS\system32\jevgbjwh.dll
C:\WINDOWS\system32\jhbwtpsl.dll
C:\WINDOWS\system32\jkhhh.dll
C:\WINDOWS\system32\jxngylxs.ini
C:\WINDOWS\system32\klnmp.ini
C:\WINDOWS\system32\klnmp.ini2
C:\WINDOWS\system32\ktioicwv.dll
C:\WINDOWS\system32\ktktxskx.dll
C:\WINDOWS\system32\laggmudt.dll
C:\WINDOWS\system32\lccrasid.dll
C:\WINDOWS\system32\lhrdegrx.dll
C:\WINDOWS\system32\ljjjkig.dll
C:\WINDOWS\system32\lnlcmeea.dll
C:\WINDOWS\system32\lusqkobl.dll
C:\WINDOWS\system32\mdfxdjbi.dll
C:\WINDOWS\system32\mgaktolg.ini
C:\WINDOWS\system32\mgnwalki.ini
C:\WINDOWS\system32\mllmm.dll
C:\WINDOWS\system32\nmdeudqw.dll
C:\WINDOWS\system32\nnranmgo.dll
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\nylehqau.dll
C:\WINDOWS\system32\ojflyess.dll
C:\WINDOWS\system32\okkjnvnv.dll
C:\WINDOWS\system32\ougimydj.dll
C:\WINDOWS\system32\pavribsj.dll
C:\WINDOWS\system32\pcrsdkcu.ini
C:\WINDOWS\system32\pcubwwbc.dll
C:\WINDOWS\system32\pdhevqle.ini
C:\WINDOWS\system32\phirrgak.ini
C:\WINDOWS\system32\piuwgxkm.dll
C:\WINDOWS\system32\pncwemne.ini
C:\WINDOWS\system32\pnghakay.dll
C:\WINDOWS\system32\pnpfdycc.dll
C:\WINDOWS\system32\pouqxluh.dll
C:\WINDOWS\system32\ppjokhvs.dll
C:\WINDOWS\system32\ppvqfoys.ini
C:\WINDOWS\system32\psnpdhgi.ini
C:\WINDOWS\system32\qaifjflu.dll
C:\WINDOWS\system32\qhdgrsvm.dll
C:\WINDOWS\system32\qkbioskq.dll
C:\WINDOWS\system32\qpvwvswp.dll
C:\WINDOWS\system32\qxfagqct.dll
C:\WINDOWS\system32\rckbjjed.ini
C:\WINDOWS\system32\rgsvhene.dll
C:\WINDOWS\system32\rjroehca.ini
C:\WINDOWS\system32\rphlgrsx.dll
C:\WINDOWS\system32\ruhrhklv.dll
C:\WINDOWS\system32\ryocfidn.dll
C:\WINDOWS\system32\sbxlndih.dll
C:\WINDOWS\system32\ssyjooxf.dll
C:\WINDOWS\system32\tbkrcocs.dll
C:\WINDOWS\system32\tcqgafxq.ini
C:\WINDOWS\system32\tipbbxpc.dll
C:\WINDOWS\system32\tiusouqy.dll
C:\WINDOWS\system32\tkeueaki.dll
C:\WINDOWS\system32\tvntebmy.dll
C:\WINDOWS\system32\twconyfc.dll
C:\WINDOWS\system32\twpvalhr.dll
C:\WINDOWS\system32\uaaoqjth.dll
C:\WINDOWS\system32\udwwnhgv.ini
C:\WINDOWS\system32\ugmjcwtr.dll
C:\WINDOWS\system32\umqnpeay.dll
C:\WINDOWS\system32\uovypehj.ini
C:\WINDOWS\system32\upacucvm.dll
C:\WINDOWS\system32\uyoofcbi.dll
C:\WINDOWS\system32\vgrdrile.ini
C:\WINDOWS\system32\vnutgttk.dll
C:\WINDOWS\system32\vyhkrvte.dll
C:\WINDOWS\system32\wacinxqs.dll
C:\WINDOWS\system32\wlckdbld.dll
C:\WINDOWS\system32\wljxsjtm.ini
C:\WINDOWS\system32\wpxubsru.dll
C:\WINDOWS\system32\wsvaupva.dll
C:\WINDOWS\system32\wvywpbmj.ini
C:\WINDOWS\system32\xalbjfmb.ini
C:\WINDOWS\system32\xjhxmmqy.ini
C:\WINDOWS\system32\xoqvrxxx.dll
C:\WINDOWS\system32\xpwniqek.dll
C:\WINDOWS\system32\xsxqpxeq.dll
C:\WINDOWS\system32\yqaucxwh.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-15 to 2008-03-15 ))))))))))))))))))))))))))))))))))))
.

2008-03-15 04:12 . 2008-03-15 04:12 <REP> d-------- C:\Program Files\Trend Micro
2008-03-15 02:37 . 2008-03-15 02:37 <REP> d-------- C:\Program Files\ProtectDisc Driver Installer
2008-03-14 23:38 . 2008-03-15 03:14 <REP> d-------- C:\Program Files\Everest Poker
2008-03-11 03:11 . 2008-03-11 03:11 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-03-11 00:26 . 2008-03-11 00:31 550 --a------ C:\WINDOWS\MusicStudio.INI
2008-03-10 23:47 . 2006-03-31 15:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
2008-03-10 23:47 . 2007-04-18 23:07 53,248 --a------ C:\WINDOWS\system32\mgxasio2.dll
2008-03-10 22:59 . 2008-03-15 03:33 <REP> d-------- C:\Program Files\MAGIX
2008-03-10 22:59 . 2008-03-15 03:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2008-03-10 22:59 . 2007-04-27 10:43 120,200 --a------ C:\WINDOWS\system32\DLLDEV32i.dll
2008-03-10 20:25 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-10 20:25 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-10 20:25 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-10 20:24 . 2008-03-10 20:24 <REP> d-------- C:\Program Files\Alwil Software
2008-03-10 20:24 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-10 20:24 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-10 20:24 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-10 20:24 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-10 20:24 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-10 19:58 . 2008-03-10 19:58 <REP> d-------- C:\Documents and Settings\math\Application Data\MSNInstaller
2008-03-10 19:39 . 2008-03-10 19:39 <REP> d-------- C:\Program Files\Viewpoint
2008-03-10 19:39 . 2008-03-10 19:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-08 22:15 . 2008-03-10 00:30 1,307,621 ---hs---- C:\WINDOWS\system32\xocmujyv.ini
2008-02-26 18:25 . 2008-02-26 22:50 <REP> d-------- C:\Program Files\Everest Casino
2008-02-20 17:17 . 2008-02-20 17:17 <REP> d-------- C:\Program Files\Inventel
2008-02-20 17:10 . 2008-02-20 17:10 2,034 ---hs---- C:\WINDOWS\system32\jkpxcrqw.ini
2008-02-19 03:40 . 2008-02-20 17:03 1,974 ---hs---- C:\WINDOWS\system32\nnkgnjqb.ini
2008-02-19 02:37 . 2008-02-19 02:37 1,854 ---hs---- C:\WINDOWS\system32\mviyayrf.ini
2008-02-19 01:34 . 2008-02-19 01:34 1,794 ---hs---- C:\WINDOWS\system32\xvsnakfn.ini
2008-02-19 00:34 . 2008-02-19 00:34 1,734 ---hs---- C:\WINDOWS\system32\iwlpshrf.ini
2008-02-18 23:31 . 2008-02-18 23:31 1,674 ---hs---- C:\WINDOWS\system32\wlnjuqmr.ini
2008-02-18 22:28 . 2008-02-18 22:28 1,614 ---hs---- C:\WINDOWS\system32\rijtarex.ini
2008-02-18 21:25 . 2008-02-18 21:25 1,554 ---hs---- C:\WINDOWS\system32\sitjkihb.ini
2008-02-18 06:25 . 2008-02-18 21:20 1,494 ---hs---- C:\WINDOWS\system32\qwxjlpui.ini
2008-02-18 05:19 . 2008-02-18 05:20 1,374 ---hs---- C:\WINDOWS\system32\dxtmjfnd.ini
2008-02-18 04:19 . 2008-02-18 04:19 1,314 ---hs---- C:\WINDOWS\system32\vfeuljxs.ini
2008-02-18 04:16 . 2008-02-18 04:16 1,254 ---hs---- C:\WINDOWS\system32\kjupywjb.ini
2008-02-18 03:16 . 2008-02-18 03:16 1,194 ---hs---- C:\WINDOWS\system32\pgjdmtpr.ini
2008-02-18 03:13 . 2008-02-18 03:13 1,134 ---hs---- C:\WINDOWS\system32\rbxmcbga.ini
2008-02-18 02:16 . 2008-02-18 02:16 1,074 ---hs---- C:\WINDOWS\system32\lvcttvou.ini
2008-02-18 01:31 . 2008-02-18 01:31 1,014 ---hs---- C:\WINDOWS\system32\kshchgwo.ini
2008-02-18 00:28 . 2008-02-18 00:28 954 ---hs---- C:\WINDOWS\system32\nkirvqfd.ini
2008-02-17 23:28 . 2008-02-17 23:28 894 ---hs---- C:\WINDOWS\system32\hylaqelb.ini
2008-02-17 22:25 . 2008-02-17 22:25 834 ---hs---- C:\WINDOWS\system32\klkhoeke.ini
2008-02-17 21:22 . 2008-02-17 21:22 774 ---hs---- C:\WINDOWS\system32\hklgiqej.ini
2008-02-17 20:19 . 2008-02-17 20:19 714 ---hs---- C:\WINDOWS\system32\kyvudiwu.ini
2008-02-17 19:19 . 2008-02-17 19:19 654 ---hs---- C:\WINDOWS\system32\iwybgubi.ini
2008-02-17 06:15 . 2008-02-17 19:11 594 ---hs---- C:\WINDOWS\system32\qrpeucye.ini
2008-02-17 05:15 . 2008-02-17 05:15 474 ---hs---- C:\WINDOWS\system32\saaxmmjc.ini
2008-02-17 05:12 . 2008-02-17 05:12 414 ---hs---- C:\WINDOWS\system32\xgcrjtxh.ini
2008-02-17 04:12 . 2008-02-17 04:12 354 ---hs---- C:\WINDOWS\system32\olmvygfq.ini
2008-02-17 04:09 . 2008-02-17 04:09 294 ---hs---- C:\WINDOWS\system32\oybynbfd.ini
2008-02-17 03:09 . 2008-02-17 04:09 1,254 ---hs---- C:\WINDOWS\system32\fqtfxygr.ini
2008-02-17 02:09 . 2008-02-17 02:09 1,194 ---hs---- C:\WINDOWS\system32\pwlxcltq.ini
2008-02-17 02:06 . 2008-02-17 02:06 1,134 ---hs---- C:\WINDOWS\system32\rnxichmm.ini
2008-02-17 01:04 . 2008-02-17 01:04 1,074 ---hs---- C:\WINDOWS\system32\vdldnkcl.ini
2008-02-17 00:04 . 2008-02-17 00:04 1,014 ---hs---- C:\WINDOWS\system32\pdnickcb.ini
2008-02-17 00:01 . 2008-02-17 00:04 954 ---hs---- C:\WINDOWS\system32\xswubawy.ini
2008-02-16 23:01 . 2008-02-17 00:01 894 ---hs---- C:\WINDOWS\system32\obhajrog.ini
2008-02-16 22:58 . 2008-02-16 22:58 834 ---hs---- C:\WINDOWS\system32\qbwbcwik.ini
2008-02-16 22:01 . 2008-02-16 22:01 774 ---hs---- C:\WINDOWS\system32\bomnjupb.ini
2008-02-16 20:58 . 2008-02-16 20:58 714 ---hs---- C:\WINDOWS\system32\gxrunabs.ini
2008-02-16 19:58 . 2008-02-16 19:58 654 ---hs---- C:\WINDOWS\system32\xlcoselm.ini
2008-02-15 02:19 . 2008-02-16 19:51 594 ---hs---- C:\WINDOWS\system32\gpetspmk.ini
2008-02-15 01:22 . 2008-02-15 01:22 474 ---hs---- C:\WINDOWS\system32\umdebgst.ini
2008-02-15 01:16 . 2008-02-15 01:16 414 ---hs---- C:\WINDOWS\system32\lkboftid.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 03:21 --------- d-----w C:\Program Files\eMule
2008-03-10 21:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-10 19:07 --------- d-----w C:\Program Files\Best_Security_Tips
2008-03-10 18:58 --------- d-----w C:\Program Files\DivX
2008-03-10 18:56 --------- d-----w C:\Program Files\FoneSync
2008-03-10 18:54 --------- d-----w C:\Program Files\epson
2008-03-10 18:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-10 18:19 --------- d-----w C:\Program Files\VideoLAN
2008-02-13 05:05 96,832 ----a-w C:\WINDOWS\system32\pumpkvjm.dll
2008-02-13 05:02 96,832 ----a-w C:\WINDOWS\system32\bqhlegxi.dll
2008-02-13 04:03 96,832 ----a-w C:\WINDOWS\system32\qoryuhbv.dll
2008-02-13 04:00 96,832 ----a-w C:\WINDOWS\system32\uvhdtxxf.dll
2008-02-13 03:01 96,832 ----a-w C:\WINDOWS\system32\frplteup.dll
2008-02-13 02:58 96,832 ----a-w C:\WINDOWS\system32\fivjffnv.dll
2008-02-13 01:58 96,832 ----a-w C:\WINDOWS\system32\vhqjekqb.dll
2008-02-13 00:58 96,832 ----a-w C:\WINDOWS\system32\djmwrhdc.dll
2008-02-13 00:55 96,832 ----a-w C:\WINDOWS\system32\ikajvjnj.dll
2008-02-12 23:55 96,832 ----a-w C:\WINDOWS\system32\lhadrcgi.dll
2008-02-12 23:52 96,832 ----a-w C:\WINDOWS\system32\ofahhyfk.dll
2008-02-12 22:52 96,832 ----a-w C:\WINDOWS\system32\xtcovrcf.dll
2008-02-12 22:49 96,832 ----a-w C:\WINDOWS\system32\tbwlulgu.dll
2008-02-12 21:49 96,832 ----a-w C:\WINDOWS\system32\swkhcmnj.dll
2008-02-12 04:01 96,832 ----a-w C:\WINDOWS\system32\lvunjsoh.dll
2008-02-12 02:58 96,832 ----a-w C:\WINDOWS\system32\yxlyhwme.dll
2008-02-12 02:56 96,832 ----a-w C:\WINDOWS\system32\mldefflf.dll
2008-02-12 01:56 96,832 ----a-w C:\WINDOWS\system32\wdpfkydu.dll
2008-02-12 00:56 96,832 ----a-w C:\WINDOWS\system32\dwjpbawo.dll
2008-02-12 00:53 96,832 ----a-w C:\WINDOWS\system32\oqdpjsfg.dll
2008-02-11 23:53 96,832 ----a-w C:\WINDOWS\system32\qyqddicl.dll
2008-02-11 23:50 96,832 ----a-w C:\WINDOWS\system32\ujulxskg.dll
2008-02-11 22:50 96,832 ----a-w C:\WINDOWS\system32\fsktfnfh.dll
2008-02-11 22:47 96,832 ----a-w C:\WINDOWS\system32\sspqaeqs.dll
2008-02-11 21:47 96,832 ----a-w C:\WINDOWS\system32\hydgqoke.dll
2008-02-11 20:47 96,832 ----a-w C:\WINDOWS\system32\oigxuojs.dll
2008-02-11 20:44 96,832 ----a-w C:\WINDOWS\system32\vucbeusa.dll
2008-02-11 20:44 96,832 ----a-w C:\WINDOWS\system32\kydilfug.dll
2008-02-07 21:56 96,832 ----a-w C:\WINDOWS\system32\ybytksly.dll
2008-02-06 20:01 96,832 ----a-w C:\WINDOWS\system32\dkmbxewg.dll
2008-02-03 19:22 96,832 ----a-w C:\WINDOWS\system32\blrvoxah.dll
2008-02-02 19:20 96,832 ----a-w C:\WINDOWS\system32\jtnxvvkg.dll
2008-01-21 05:43 --------- d-----w C:\Program Files\AOL 9.0a
2008-01-19 04:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-19 04:10 --------- d-----w C:\Program Files\Symantec
2008-01-19 00:22 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 23:00 --------- d-----w C:\Documents and Settings\math\Application Data\GetRightToGo
2008-01-18 21:16 --------- d-----w C:\Program Files\SymNetDrv
2006-10-26 19:16 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2002-07-26 15:02 153,088 -c--a-w C:\Program Files\UNWISE.EXE
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1DE966A5-5C74-4845-AFC4-C2027C847D18}]
C:\WINDOWS\system32\pmnlk.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"Ecran de veille"="C:\Program Files\Fichiers communs\AOL\Screensaver\ygpsstra.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"RMC"="C:\WINDOWS\system32\drivers\RMC.exe" [ ]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [ ]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [ ]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 22:21 14156800 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [ ]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [ ]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [ ]
"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [ ]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [ ]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [ ]
"AOLSAV"="C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" [ ]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [ ]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnlklm]
opnlklm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pbosroym]
pbosroym.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\AOL 9.0a\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 acedrv10;acedrv10;C:\WINDOWS\system32\drivers\acedrv10.sys [2007-07-27 09:13]
R2 acehlp10;acehlp10;C:\WINDOWS\system32\drivers\acehlp10.sys [2007-07-27 11:46]
R2 MTC0001_RMC;Remove Control Device;C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 14:24]
R3 Slazldrv;SmartLink AMR_PCI Driver;C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 01:48]
R3 ULI5261;ULi Based Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 14:24]
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2002-06-06 11:14]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-06-14 17:50]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-15 05:22:38
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-15 5:26:16 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-15 04:26:13
.
2008-03-10 21:49:45 --- E O F ---
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
15 mars 2008 à 20:05
salut tchotcho34,

la suite :

Copie le texte ci-dessous :

File::
C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\pumpkvjm.dll
C:\WINDOWS\system32\bqhlegxi.dll
C:\WINDOWS\system32\qoryuhbv.dll
C:\WINDOWS\system32\uvhdtxxf.dll
C:\WINDOWS\system32\frplteup.dll
C:\WINDOWS\system32\fivjffnv.dll
C:\WINDOWS\system32\vhqjekqb.dll
C:\WINDOWS\system32\djmwrhdc.dll
C:\WINDOWS\system32\ikajvjnj.dll
C:\WINDOWS\system32\lhadrcgi.dll
C:\WINDOWS\system32\ofahhyfk.dll
C:\WINDOWS\system32\xtcovrcf.dll
C:\WINDOWS\system32\tbwlulgu.dll
C:\WINDOWS\system32\swkhcmnj.dll
C:\WINDOWS\system32\lvunjsoh.dll
C:\WINDOWS\system32\yxlyhwme.dll
C:\WINDOWS\system32\mldefflf.dll
C:\WINDOWS\system32\wdpfkydu.dll
C:\WINDOWS\system32\dwjpbawo.dll
C:\WINDOWS\system32\oqdpjsfg.dll
C:\WINDOWS\system32\qyqddicl.dll
C:\WINDOWS\system32\ujulxskg.dll
C:\WINDOWS\system32\fsktfnfh.dll
C:\WINDOWS\system32\sspqaeqs.dll
C:\WINDOWS\system32\hydgqoke.dll
C:\WINDOWS\system32\oigxuojs.dll
C:\WINDOWS\system32\vucbeusa.dll
C:\WINDOWS\system32\kydilfug.dll
C:\WINDOWS\system32\ybytksly.dll
C:\WINDOWS\system32\dkmbxewg.dll
C:\WINDOWS\system32\blrvoxah.dll
C:\WINDOWS\system32\jtnxvvkg.dll
C:\WINDOWS\system32\jkpxcrqw.ini
C:\WINDOWS\system32\nnkgnjqb.ini
C:\WINDOWS\system32\mviyayrf.ini
C:\WINDOWS\system32\xvsnakfn.ini
C:\WINDOWS\system32\iwlpshrf.ini
C:\WINDOWS\system32\wlnjuqmr.ini
C:\WINDOWS\system32\rijtarex.ini
C:\WINDOWS\system32\sitjkihb.ini
C:\WINDOWS\system32\qwxjlpui.ini
C:\WINDOWS\system32\dxtmjfnd.ini
C:\WINDOWS\system32\vfeuljxs.ini
C:\WINDOWS\system32\kjupywjb.ini
C:\WINDOWS\system32\pgjdmtpr.ini
C:\WINDOWS\system32\rbxmcbga.ini
C:\WINDOWS\system32\lvcttvou.ini
C:\WINDOWS\system32\kshchgwo.ini
C:\WINDOWS\system32\nkirvqfd.ini
C:\WINDOWS\system32\hylaqelb.ini
C:\WINDOWS\system32\klkhoeke.ini
C:\WINDOWS\system32\hklgiqej.ini
C:\WINDOWS\system32\kyvudiwu.ini
C:\WINDOWS\system32\iwybgubi.ini
C:\WINDOWS\system32\qrpeucye.ini
C:\WINDOWS\system32\saaxmmjc.ini
C:\WINDOWS\system32\xgcrjtxh.ini
C:\WINDOWS\system32\olmvygfq.ini
C:\WINDOWS\system32\oybynbfd.ini
C:\WINDOWS\system32\fqtfxygr.ini
C:\WINDOWS\system32\pwlxcltq.ini
C:\WINDOWS\system32\rnxichmm.ini
C:\WINDOWS\system32\vdldnkcl.ini
C:\WINDOWS\system32\pdnickcb.ini
C:\WINDOWS\system32\xswubawy.ini
C:\WINDOWS\system32\obhajrog.ini
C:\WINDOWS\system32\qbwbcwik.ini
C:\WINDOWS\system32\bomnjupb.ini
C:\WINDOWS\system32\gxrunabs.ini
C:\WINDOWS\system32\xlcoselm.ini
C:\WINDOWS\system32\gpetspmk.ini
C:\WINDOWS\system32\umdebgst.ini
C:\WINDOWS\system32\lkboftid.ini

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1DE966A5-5C74-4845-AFC4-C2027C847D18}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnlklm]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pbosroym]

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
18 mars 2008 à 23:55
ComboFix 08-03-14.4 - math 2008-03-18 23:47:48.2 - NTFSx86
Endroit: C:\Documents and Settings\math\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\math\Mes documents\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
C:\WINDOWS\system32\blrvoxah.dll
C:\WINDOWS\system32\bomnjupb.ini
C:\WINDOWS\system32\bqhlegxi.dll
C:\WINDOWS\system32\djmwrhdc.dll
C:\WINDOWS\system32\dkmbxewg.dll
C:\WINDOWS\system32\dwjpbawo.dll
C:\WINDOWS\system32\dxtmjfnd.ini
C:\WINDOWS\system32\fivjffnv.dll
C:\WINDOWS\system32\fqtfxygr.ini
C:\WINDOWS\system32\frplteup.dll
C:\WINDOWS\system32\fsktfnfh.dll
C:\WINDOWS\system32\gpetspmk.ini
C:\WINDOWS\system32\gxrunabs.ini
C:\WINDOWS\system32\hklgiqej.ini
C:\WINDOWS\system32\hydgqoke.dll
C:\WINDOWS\system32\hylaqelb.ini
C:\WINDOWS\system32\ikajvjnj.dll
C:\WINDOWS\system32\iwlpshrf.ini
C:\WINDOWS\system32\iwybgubi.ini
C:\WINDOWS\system32\jkpxcrqw.ini
C:\WINDOWS\system32\jtnxvvkg.dll
C:\WINDOWS\system32\kjupywjb.ini
C:\WINDOWS\system32\klkhoeke.ini
C:\WINDOWS\system32\kshchgwo.ini
C:\WINDOWS\system32\kydilfug.dll
C:\WINDOWS\system32\kyvudiwu.ini
C:\WINDOWS\system32\lhadrcgi.dll
C:\WINDOWS\system32\lkboftid.ini
C:\WINDOWS\system32\lvcttvou.ini
C:\WINDOWS\system32\lvunjsoh.dll
C:\WINDOWS\system32\mldefflf.dll
C:\WINDOWS\system32\mviyayrf.ini
C:\WINDOWS\system32\nkirvqfd.ini
C:\WINDOWS\system32\nnkgnjqb.ini
C:\WINDOWS\system32\obhajrog.ini
C:\WINDOWS\system32\ofahhyfk.dll
C:\WINDOWS\system32\oigxuojs.dll
C:\WINDOWS\system32\olmvygfq.ini
C:\WINDOWS\system32\oqdpjsfg.dll
C:\WINDOWS\system32\oybynbfd.ini
C:\WINDOWS\system32\pdnickcb.ini
C:\WINDOWS\system32\pgjdmtpr.ini
C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\pumpkvjm.dll
C:\WINDOWS\system32\pwlxcltq.ini
C:\WINDOWS\system32\qbwbcwik.ini
C:\WINDOWS\system32\qoryuhbv.dll
C:\WINDOWS\system32\qrpeucye.ini
C:\WINDOWS\system32\qwxjlpui.ini
C:\WINDOWS\system32\qyqddicl.dll
C:\WINDOWS\system32\rbxmcbga.ini
C:\WINDOWS\system32\rijtarex.ini
C:\WINDOWS\system32\rnxichmm.ini
C:\WINDOWS\system32\saaxmmjc.ini
C:\WINDOWS\system32\sitjkihb.ini
C:\WINDOWS\system32\sspqaeqs.dll
C:\WINDOWS\system32\swkhcmnj.dll
C:\WINDOWS\system32\tbwlulgu.dll
C:\WINDOWS\system32\ujulxskg.dll
C:\WINDOWS\system32\umdebgst.ini
C:\WINDOWS\system32\uvhdtxxf.dll
C:\WINDOWS\system32\vdldnkcl.ini
C:\WINDOWS\system32\vfeuljxs.ini
C:\WINDOWS\system32\vhqjekqb.dll
C:\WINDOWS\system32\vucbeusa.dll
C:\WINDOWS\system32\wdpfkydu.dll
C:\WINDOWS\system32\wlnjuqmr.ini
C:\WINDOWS\system32\xgcrjtxh.ini
C:\WINDOWS\system32\xlcoselm.ini
C:\WINDOWS\system32\xswubawy.ini
C:\WINDOWS\system32\xtcovrcf.dll
C:\WINDOWS\system32\xvsnakfn.ini
C:\WINDOWS\system32\ybytksly.dll
C:\WINDOWS\system32\yxlyhwme.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\blrvoxah.dll
C:\WINDOWS\system32\bomnjupb.ini
C:\WINDOWS\system32\bqhlegxi.dll
C:\WINDOWS\system32\djmwrhdc.dll
C:\WINDOWS\system32\dkmbxewg.dll
C:\WINDOWS\system32\dwjpbawo.dll
C:\WINDOWS\system32\dxtmjfnd.ini
C:\WINDOWS\system32\fivjffnv.dll
C:\WINDOWS\system32\fqtfxygr.ini
C:\WINDOWS\system32\frplteup.dll
C:\WINDOWS\system32\fsktfnfh.dll
C:\WINDOWS\system32\gpetspmk.ini
C:\WINDOWS\system32\gxrunabs.ini
C:\WINDOWS\system32\hklgiqej.ini
C:\WINDOWS\system32\hydgqoke.dll
C:\WINDOWS\system32\hylaqelb.ini
C:\WINDOWS\system32\ikajvjnj.dll
C:\WINDOWS\system32\iwlpshrf.ini
C:\WINDOWS\system32\iwybgubi.ini
C:\WINDOWS\system32\jkpxcrqw.ini
C:\WINDOWS\system32\jtnxvvkg.dll
C:\WINDOWS\system32\kjupywjb.ini
C:\WINDOWS\system32\klkhoeke.ini
C:\WINDOWS\system32\kshchgwo.ini
C:\WINDOWS\system32\kydilfug.dll
C:\WINDOWS\system32\kyvudiwu.ini
C:\WINDOWS\system32\lhadrcgi.dll
C:\WINDOWS\system32\lkboftid.ini
C:\WINDOWS\system32\lvcttvou.ini
C:\WINDOWS\system32\lvunjsoh.dll
C:\WINDOWS\system32\mldefflf.dll
C:\WINDOWS\system32\mviyayrf.ini
C:\WINDOWS\system32\nkirvqfd.ini
C:\WINDOWS\system32\nnkgnjqb.ini
C:\WINDOWS\system32\obhajrog.ini
C:\WINDOWS\system32\ofahhyfk.dll
C:\WINDOWS\system32\oigxuojs.dll
C:\WINDOWS\system32\olmvygfq.ini
C:\WINDOWS\system32\oqdpjsfg.dll
C:\WINDOWS\system32\oybynbfd.ini
C:\WINDOWS\system32\pbosroym.dllbox
C:\WINDOWS\system32\pdnickcb.ini
C:\WINDOWS\system32\pgjdmtpr.ini
C:\WINDOWS\system32\pumpkvjm.dll
C:\WINDOWS\system32\pwlxcltq.ini
C:\WINDOWS\system32\qbwbcwik.ini
C:\WINDOWS\system32\qoryuhbv.dll
C:\WINDOWS\system32\qrpeucye.ini
C:\WINDOWS\system32\qwxjlpui.ini
C:\WINDOWS\system32\qyqddicl.dll
C:\WINDOWS\system32\rbxmcbga.ini
C:\WINDOWS\system32\rijtarex.ini
C:\WINDOWS\system32\rnxichmm.ini
C:\WINDOWS\system32\saaxmmjc.ini
C:\WINDOWS\system32\sitjkihb.ini
C:\WINDOWS\system32\sspqaeqs.dll
C:\WINDOWS\system32\swkhcmnj.dll
C:\WINDOWS\system32\tbwlulgu.dll
C:\WINDOWS\system32\ujulxskg.dll
C:\WINDOWS\system32\umdebgst.ini
C:\WINDOWS\system32\uvhdtxxf.dll
C:\WINDOWS\system32\vdldnkcl.ini
C:\WINDOWS\system32\vfeuljxs.ini
C:\WINDOWS\system32\vhqjekqb.dll
C:\WINDOWS\system32\vucbeusa.dll
C:\WINDOWS\system32\wdpfkydu.dll
C:\WINDOWS\system32\wlnjuqmr.ini
C:\WINDOWS\system32\xgcrjtxh.ini
C:\WINDOWS\system32\xlcoselm.ini
C:\WINDOWS\system32\xswubawy.ini
C:\WINDOWS\system32\xtcovrcf.dll
C:\WINDOWS\system32\xvsnakfn.ini
C:\WINDOWS\system32\ybytksly.dll
C:\WINDOWS\system32\yxlyhwme.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))))))
.

2008-03-15 19:50 . 2008-03-15 19:50 <REP> d-------- C:\WINDOWS\Mozilla
2008-03-15 19:48 . 2008-03-15 19:48 <REP> d-------- C:\Program Files\Windows Live
2008-03-15 04:12 . 2008-03-15 04:12 <REP> d-------- C:\Program Files\Trend Micro
2008-03-15 02:37 . 2008-03-15 02:37 <REP> d-------- C:\Program Files\ProtectDisc Driver Installer
2008-03-14 23:38 . 2008-03-15 19:03 <REP> d-------- C:\Program Files\Everest Poker
2008-03-11 03:11 . 2008-03-11 03:11 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-03-11 00:26 . 2008-03-11 00:31 550 --a------ C:\WINDOWS\MusicStudio.INI
2008-03-10 23:47 . 2006-03-31 15:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
2008-03-10 23:47 . 2007-04-18 23:07 53,248 --a------ C:\WINDOWS\system32\mgxasio2.dll
2008-03-10 22:59 . 2008-03-15 03:33 <REP> d-------- C:\Program Files\MAGIX
2008-03-10 22:59 . 2008-03-15 03:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2008-03-10 22:59 . 2007-04-27 10:43 120,200 --a------ C:\WINDOWS\system32\DLLDEV32i.dll
2008-03-10 20:25 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-10 20:25 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-10 20:25 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-10 20:24 . 2008-03-10 20:24 <REP> d-------- C:\Program Files\Alwil Software
2008-03-10 20:24 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-10 20:24 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-10 20:24 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-10 20:24 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-10 20:24 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-10 19:58 . 2008-03-10 19:58 <REP> d-------- C:\Documents and Settings\math\Application Data\MSNInstaller
2008-03-10 19:39 . 2008-03-10 19:39 <REP> d-------- C:\Program Files\Viewpoint
2008-03-10 19:39 . 2008-03-10 19:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-08 22:15 . 2008-03-10 00:30 1,307,621 ---hs---- C:\WINDOWS\system32\xocmujyv.ini
2008-02-26 18:25 . 2008-02-26 22:50 <REP> d-------- C:\Program Files\Everest Casino
2008-02-20 17:17 . 2008-02-20 17:17 <REP> d-------- C:\Program Files\Inventel

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 18:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-15 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-15 18:19 --------- d-----w C:\Program Files\Dynamic Toolbar
2008-03-15 18:15 --------- d-----w C:\Program Files\Microsoft Works
2008-03-15 18:14 --------- d-----w C:\Program Files\Ahead
2008-03-15 18:03 --------- d-----w C:\Program Files\eMule
2008-03-10 19:07 --------- d-----w C:\Program Files\Best_Security_Tips
2008-03-10 18:58 --------- d-----w C:\Program Files\DivX
2008-03-10 18:56 --------- d-----w C:\Program Files\FoneSync
2008-03-10 18:54 --------- d-----w C:\Program Files\epson
2008-03-10 18:19 --------- d-----w C:\Program Files\VideoLAN
2008-01-21 05:43 --------- d-----w C:\Program Files\AOL 9.0a
2008-01-19 04:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-19 04:10 --------- d-----w C:\Program Files\Symantec
2008-01-19 00:22 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 23:00 --------- d-----w C:\Documents and Settings\math\Application Data\GetRightToGo
2008-01-18 21:16 --------- d-----w C:\Program Files\SymNetDrv
2006-10-26 19:16 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2002-07-26 15:02 153,088 -c--a-w C:\Program Files\UNWISE.EXE
.

((((((((((((((((((((((((((((( snapshot@2008-03-15_ 5.25.56.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-18 22:11:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_290.dat
+ 2008-03-18 22:11:11 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_634.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"Ecran de veille"="C:\Program Files\Fichiers communs\AOL\Screensaver\ygpsstra.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"RMC"="C:\WINDOWS\system32\drivers\RMC.exe" [ ]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [ ]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [ ]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 22:21 14156800 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [ ]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [ ]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [ ]
"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [ ]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [ ]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [ ]
"AOLSAV"="C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" [ ]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [ ]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AOL 9.0 Ic“ne AOL.lnk - C:\Program Files\AOL 9.0a\aoltray.exe [2006-01-28 12:15:39 156784]
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe [2000-07-12 18:22:38 24633]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=

R2 acedrv10;acedrv10;C:\WINDOWS\system32\drivers\acedrv10.sys [2007-07-27 09:13]
R2 acehlp10;acehlp10;C:\WINDOWS\system32\drivers\acehlp10.sys [2007-07-27 11:46]
R2 MTC0001_RMC;Remove Control Device;C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 14:24]
R3 Slazldrv;SmartLink AMR_PCI Driver;C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 01:48]
R3 ULI5261;ULi Based Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 14:24]
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2002-06-06 11:14]
S3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-06-14 17:50]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{037ee844-f505-11dc-afa6-00038a000015}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 23:51:00
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
Temps d'accomplissement: 2008-03-18 23:51:47
ComboFix-quarantined-files.txt 2008-03-18 22:51:38
ComboFix2.txt 2008-03-15 04:26:17
.
2008-03-10 21:49:45 --- E O F ---
0
Réponse 6 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 mars 2008 à 00:16
salut tchotcho,

j´ai vu ton mp, ce n´est pas vraiment bon signe...

peux tu poster un nouveau hijack this stp

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
19 mars 2008 à 00:24
DSL MAIS JE NI CONNAIT RIEN ?C EST QUOI UN hijack this
0
Réponse 7 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 mars 2008 à 00:48
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
19 mars 2008 à 01:46
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:45:21, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\fr.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ecran de veille] C:\Program Files\Fichiers communs\AOL\Screensaver\ygpsstra.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B051B9A-43B9-45F4-9643-289C875D915C}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
0
Réponse 8 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 mars 2008 à 19:14
salut tchotcho,

on est sur ce topik pas besoin de m´envoyer des tonnes de mp ;-)

on va y arriver ;-)

fais ceci :

meme si tu as firefox :

internet explorer 6.0 = failles de securitées importantes

alors fais les mises a jour windows : tu veux la version 7.0

https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70

puis

supprime avast tu as deja norton ! sinon ca crée des conflits !

et passe ce scan en ligne et post son rapport ici stp :

Scan en ligne bitdefender :

https://www.bitdefender.com/toolbox/

Clicker sur " I agree " et suivre les indications

A faire imperativement sous internet explorer, en acceptant l´activ x

tutoriel en image en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
20 mars 2008 à 01:07
BitDefender Online Scanner







Scan report generated at: Thu, Mar 20, 2008 - 01:02:13









Scan path: C:\;D:\;















Statistics

Time


00:43:59

Files


101101

Folders


4647

Boot Sectors


3

Archives


6403

Packed Files


178







Results

Identified Viruses


2

Infected Files


187

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


187







Engines Info

Virus Definitions


34257

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


3

Archive plugins


10

Unpack plugins


3

E-mail plugins


1

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\QooBox\Quarantine\C\WINDOWS\system32\avtxhwwf.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\avtxhwwf.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\avtxhwwf.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\awtuust.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\awtuust.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\awtuust.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\bckdufvq.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\bckdufvq.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\bckdufvq.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\blrvoxah.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\blrvoxah.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\blrvoxah.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\bqhlegxi.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\bqhlegxi.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\bqhlegxi.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\bsrdejeh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\bsrdejeh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\bsrdejeh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ckmccrty.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ckmccrty.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ckmccrty.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\cosvxjaj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\cosvxjaj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\cosvxjaj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\cuvdxwvj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\cuvdxwvj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\cuvdxwvj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\cvhkmlsn.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\cvhkmlsn.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\cvhkmlsn.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ddelxwtx.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ddelxwtx.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ddelxwtx.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\djmwrhdc.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\djmwrhdc.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\djmwrhdc.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\dkmbxewg.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\dkmbxewg.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\dkmbxewg.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\dwjpbawo.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\dwjpbawo.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\dwjpbawo.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ejcmhwga.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ejcmhwga.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ejcmhwga.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\elqvehdp.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\elqvehdp.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\elqvehdp.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\fbsdulil.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\fbsdulil.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\fbsdulil.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\fivjffnv.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\fivjffnv.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\fivjffnv.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\fklsamdk.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\fklsamdk.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\fklsamdk.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\frplteup.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\frplteup.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\frplteup.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\fsktfnfh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\fsktfnfh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\fsktfnfh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\futvfvmb.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\futvfvmb.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\futvfvmb.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\gifymmla.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\gifymmla.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\gifymmla.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\hlbuohis.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\hlbuohis.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\hlbuohis.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\hydgqoke.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\hydgqoke.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\hydgqoke.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\idqvudoh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\idqvudoh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\idqvudoh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ikajvjnj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ikajvjnj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ikajvjnj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ismpttbr.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ismpttbr.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ismpttbr.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ivkobttj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ivkobttj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ivkobttj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ixutmkwb.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ixutmkwb.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ixutmkwb.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\jevgbjwh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\jevgbjwh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\jevgbjwh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\jhbwtpsl.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\jhbwtpsl.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\jhbwtpsl.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\jtnxvvkg.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\jtnxvvkg.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\jtnxvvkg.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\kydilfug.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\kydilfug.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\kydilfug.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\laggmudt.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\laggmudt.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\laggmudt.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\lhadrcgi.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\lhadrcgi.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\lhadrcgi.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\lhrdegrx.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\lhrdegrx.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\lhrdegrx.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ljjjkig.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ljjjkig.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ljjjkig.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\lvunjsoh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\lvunjsoh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\lvunjsoh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\mldefflf.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\mldefflf.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\mldefflf.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\nmdeudqw.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\nmdeudqw.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\nmdeudqw.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\nnranmgo.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\nnranmgo.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\nnranmgo.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ofahhyfk.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ofahhyfk.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ofahhyfk.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\oigxuojs.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\oigxuojs.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\oigxuojs.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ojflyess.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ojflyess.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ojflyess.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\okkjnvnv.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\okkjnvnv.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\okkjnvnv.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\oqdpjsfg.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\oqdpjsfg.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\oqdpjsfg.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ougimydj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ougimydj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ougimydj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pavribsj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pavribsj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pavribsj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pcubwwbc.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pcubwwbc.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pcubwwbc.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\piuwgxkm.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\piuwgxkm.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\piuwgxkm.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pnghakay.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pnghakay.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pnghakay.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pnpfdycc.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pnpfdycc.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pnpfdycc.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pouqxluh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pouqxluh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pouqxluh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ppjokhvs.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ppjokhvs.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ppjokhvs.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\pumpkvjm.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\pumpkvjm.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\pumpkvjm.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qaifjflu.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qaifjflu.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qaifjflu.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qhdgrsvm.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qhdgrsvm.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qhdgrsvm.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qkbioskq.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qkbioskq.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qkbioskq.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qoryuhbv.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qoryuhbv.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qoryuhbv.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qxfagqct.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qxfagqct.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qxfagqct.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\qyqddicl.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\qyqddicl.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\qyqddicl.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\rgsvhene.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\rgsvhene.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\rgsvhene.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\rphlgrsx.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\rphlgrsx.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\rphlgrsx.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ruhrhklv.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ruhrhklv.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ruhrhklv.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ryocfidn.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ryocfidn.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ryocfidn.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\sspqaeqs.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\sspqaeqs.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\sspqaeqs.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ssyjooxf.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ssyjooxf.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ssyjooxf.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\swkhcmnj.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\swkhcmnj.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\swkhcmnj.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\tbwlulgu.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\tbwlulgu.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\tbwlulgu.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\tipbbxpc.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\tipbbxpc.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\tipbbxpc.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\tiusouqy.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\tiusouqy.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\tiusouqy.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\tvntebmy.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\tvntebmy.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\tvntebmy.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\twconyfc.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\twconyfc.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\twconyfc.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\twpvalhr.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\twpvalhr.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\twpvalhr.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\uaaoqjth.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\uaaoqjth.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\uaaoqjth.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ujulxskg.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ujulxskg.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ujulxskg.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\umqnpeay.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\umqnpeay.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\umqnpeay.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\uvhdtxxf.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\uvhdtxxf.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\uvhdtxxf.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\uyoofcbi.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\uyoofcbi.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\uyoofcbi.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\vhqjekqb.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\vhqjekqb.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\vhqjekqb.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\vucbeusa.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\vucbeusa.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\vucbeusa.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\wacinxqs.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\wacinxqs.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\wacinxqs.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\wdpfkydu.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\wdpfkydu.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\wdpfkydu.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\wlckdbld.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\wlckdbld.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\wlckdbld.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\wpxubsru.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\wpxubsru.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\wpxubsru.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\wsvaupva.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\wsvaupva.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\wsvaupva.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\xpwniqek.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\xpwniqek.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\xpwniqek.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\xsxqpxeq.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\xsxqpxeq.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\xsxqpxeq.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\xtcovrcf.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\xtcovrcf.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\xtcovrcf.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ybytksly.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\ybytksly.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ybytksly.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\yqaucxwh.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\yqaucxwh.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\yqaucxwh.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\yxlyhwme.dll.vir


Infected with: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\yxlyhwme.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\yxlyhwme.dll.vir


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP203\A0054339.exe


Infected with: Trojan.Renos.NBJ

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP203\A0054339.exe


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP203\A0054339.exe


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060095.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060095.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060095.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060096.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060096.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060096.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060097.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060097.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060097.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060098.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060098.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060098.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060099.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060099.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060099.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060100.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060100.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060100.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060102.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060102.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060102.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060103.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060103.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060103.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060105.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060105.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060105.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060107.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060107.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060107.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060108.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060108.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060108.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060110.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060110.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060110.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060111.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060111.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060111.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060112.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060112.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060112.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060114.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060114.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060114.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060117.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060117.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060117.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060120.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060120.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060120.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060125.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060125.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060125.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060126.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060126.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060126.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060128.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060128.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060128.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060129.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060129.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060129.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060130.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060130.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060130.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060134.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060134.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060134.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060136.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060136.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060136.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060137.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060137.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060137.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060142.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060142.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060142.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060143.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060143.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060143.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060145.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060145.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060145.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060146.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060146.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060146.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060147.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060147.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060147.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060148.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060148.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060148.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060149.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060149.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060149.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060150.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060150.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060150.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060151.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060151.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060151.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060152.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060152.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060152.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060153.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060153.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060153.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060154.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060154.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060154.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060155.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060155.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060155.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060156.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060156.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060156.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060157.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060157.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060157.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060159.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060159.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060159.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060160.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060160.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060160.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060161.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060161.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060161.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060162.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060162.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060162.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060163.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060163.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060163.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060165.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060165.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060165.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060167.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060167.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060167.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060168.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060168.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060168.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060170.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060170.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060170.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060171.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060171.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060171.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060172.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060172.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060172.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060173.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060173.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060173.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060175.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060175.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060175.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060177.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060177.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060177.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060180.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060180.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060180.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060181.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060181.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060181.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060182.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060182.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060182.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060183.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060183.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060183.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060185.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060185.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060185.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060186.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060186.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060186.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060187.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060187.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP235\A0060187.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062398.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062398.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062398.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062400.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062400.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062400.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062401.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062401.dll


Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062401.dll


Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062402.dll


Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP242\A0062402.dll


Disinfection failed

C:\Sys
0
Réponse 9 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
20 mars 2008 à 14:02
Tcotchotcho34,

ok meme si le rapport n´est pas entier...

passe

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

et

cet anti spyware :

telecharge malwarebytes

-> http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/anti-malware-sujet_197382_1.htm

tu l´instales, le programme va se mettre a jour automatiquement.

une fois a jour le programme va se lancer, clcik sur l´onglet parametre, tu coche la case : Arreter internet explorer pendant la suppression.

click sur l´onglet recherche maintenant et coche la case : executer un examun complet.

puis click sur rechercher.

laisses le scanner le pc, a la fin un rapport va s´ouvrir copie et colle le ici stp

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
4 avril 2008 à 22:11
salut g!rly je suis vraiment dsl pour tous ce temps mais j'etais tres occuper ces dernier temps !
je suis un peu perdu dans tes recommandation car kan je redemar l ordi en tappoten sur f8 ilne me propose pas le monde sans echec mais: Hard disc , F... ex
je dois sans doute mal mi prendre mais je ni connais vraiment rien en ordi !!! dsl
a plus
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
10 mai 2008 à 17:54
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 722

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 84028
Temps écoulé: 30 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 21

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ErrorLog.txt (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> No action taken.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> No action taken.
0
Réponse 10 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
5 avril 2008 à 10:39
ok tcho

pour demarrer en mode sans echec :

-> Tuto : http://forum.telecharger.01net.com/forum/high-tech/SECURITE/Securite/redemarrer-mode-echec-sujet_1526_1.htm

@+
0
TCHOTCHO34 Messages postés 32 Date d'inscription vendredi 14 mars 2008 Statut Membre Dernière intervention 4 avril 2010
10 mai 2008 à 17:12
[b]SDFix: Version 1.166 [/b]

Run by math on 10/05/2008 at 16:52

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\math\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 17:06:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:b05f1272
"s1"=dword:a4610009
"s2"=dword:952d3eb8
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:c4,34,07,f3,93,78,fa,bd,38,49,46,be,a8,f4,2e,f3,83,88,94,78,4e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:c4,34,07,f3,93,78,fa,bd,38,49,46,be,a8,f4,2e,f3,83,88,94,78,4e,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\APPS\\Inventime\\my.exe"="C:\\APPS\\Inventime\\my.exe:*:Enabled:INVENTIME"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\math\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Wed 14 Sep 2005 215 A.SHR --- "C:\BOOT.BAK"
Thu 2 Nov 2006 201 ..SHR --- "C:\WINNER.027\CCONTROL.SYS"
Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Mon 10 May 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0a\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0a\aoltray.exe"
Mon 10 May 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0a\RBM.exe"
Thu 2 Nov 2006 201 ..SHR --- "C:\winner\WINNER.027\CCONTROL.SYS"
Sat 7 Jan 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 7 Jan 2006 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv10.bak"
Fri 11 Jan 2008 8,704,040 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3b4730c0c75c5542a7858c19534825f8\BIT2DD.tmp"
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5d8093d524ba38b2f4036bb4d3aa25e4\BIT4.tmp"
Sat 15 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8f3e004a562e1247e8b254b9e4fee21c\BIT1.tmp"
Sun 25 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0ec11185f55e56bbf8143a0782f17c59\download\BIT72.tmp"

[b]Finished![/b]
0
Réponse 11 / 11
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
13 mai 2008 à 23:40
salut,

tu en es ou ?
0