gros pb sur lancement suite a des virus Résolu/Fermé

Question

Bonjour,

suite a des virus quand j allume mon ordi ces message s'affichent directement :

1/ LoadLibrary("C:\Documents and Settings\All Users\Application Data\jmjupelq.dll") a échoué - Le module spécifié est introuvable

2/ Windows ne trouve pas 'C:\WINDOWS\system32\drivers
tndis.exe'. Vérifiez que vous avez entré le nom correctement et essayez à nouveau. Pour rechercher un fichier, cliquez sur le bouton Démarrer, puis sur Rechercher

de plus je ne peux plus accéder à mon gestionnaire de taches il me dit que : Le gestionnaire des taches a été désactivé par votre administrateur.est ce du a des virus car je suis l'administrateur.

enfin mon ordi rame dur en ce moment est ce que ca peut etre du a ca.
Merci pour votre aide FCNALEX

g!rly · Answer

salut,

post un rapport hijack this stp

Télécharge HijackThis ici : 

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif 

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+

g!rly · Answer

re,

passe ceci dans un premier temps par ce qu´il y a du boulo !

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

Tuto :

https://www.malekal.com/supprimer-virus-desinfecter-pc/

puis

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

@+

fcnalex · Answer

le fichier report.txt et apres le log hijackthis
j attends de tes nouvelles
merci encore pour ton aide


[b]SDFix: Version 1.161 [/b]

Run by Compaq_Propri‚taire on 26/03/2008 at 20:24

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\COMPAQ~1\Bureau\SDFix

[b]Checking Services [/b]:

Name:
astq
FFI
ldrsvc
msupdate
riode32
symavc32

Path:
\??\C:\WINDOWS\system32\drivers\astq.tga 
C:\WINDOWS\system32\svchost.exe:exm.exe 
%SystemRoot%\System32\svchost.exe -k netsvcs
c:\windows\system32\mssrv32.exe 
\??\C:\WINDOWS\system32\drivers\riode32.sys 
\??\C:\WINDOWS\system32\drivers\symavc32.sys 

astq - Deleted
FFI - Deleted
ldrsvc - Deleted
msupdate - Deleted
riode32 - Deleted
symavc32 - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default Schedule Service Path

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\WINDOWS\SYSTEM32\ADDAX.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDBS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDDC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDDJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDEE.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDFU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDHN.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDIJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDIR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDIY.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDJJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDLY.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDMG.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDNR.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDNZ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDOA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDPD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDQF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDRA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDWE.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDWO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDYC.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDZH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDZQ.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIAZ.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIBC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIBW.EXE - Deleted
C:\WINDOWS\SYSTEM32\APICL.EXE - Deleted
C:\WINDOWS\SYSTEM32\APICX.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIDO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIDU.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIGT.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIHM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIIC.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIIQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIJS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIKG32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APILN.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIMK.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIMS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APINT.EXE - Deleted
C:\WINDOWS\SYSTEM32\APINV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIPD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIQG.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIQW.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIRA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APISY.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIVS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIWO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIXI.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIYU.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIZS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APIZY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPAF.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPAH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPBM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPBO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPDG.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPEB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPER32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPFE.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPGJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPIC.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPIV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPLU.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPQC.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPQQ.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPRN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPRV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPTO.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPTS.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPVE.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPVI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\APPXD.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLAO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLAV.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLEG.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLFS.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLGQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLHB.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLHQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLHW.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLJV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLLA.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLLJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLMF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLMR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLNM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLPK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLRB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLRG.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLRH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLRX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLSA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLTL32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLUL32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLVY.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLWO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLWW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLWX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ATLXI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRBN.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRDP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRDR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CREN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CREY.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRFQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRFR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRGU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRGV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRHE.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRHJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRHO.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRHX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRIA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRIF.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRKE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRKJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRKJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRKM.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRMU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRNF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRNL.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRNP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRNY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRPI.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRPU.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRPY.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRRV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRTB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRTG.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRUE.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRUS.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRUX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRVP.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRWD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRWE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRWJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRWR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRXN.EXE - Deleted
C:\WINDOWS\SYSTEM32\CRYT.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3AV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3DA.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3DY.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3EV.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3FD.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3GF.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3GJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3IP.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3KH.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3KU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3LH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3MC.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3MD.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3NK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3NW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3PP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3PX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3TV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3UK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3VJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3VU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3WG.EXE - Deleted
C:\WINDOWS\SYSTEM32\D3XE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEDC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEDM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEGX.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEHD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEHO.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEHX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEHY.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEIA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEIG.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEJX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEKP.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEKZ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IELC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEMC.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEMH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEMY.EXE - Deleted
C:\WINDOWS\SYSTEM32\IENF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEOU.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEPN.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEQW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEQZ.EXE - Deleted
C:\WINDOWS\SYSTEM32\IESJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IESU.EXE - Deleted
C:\WINDOWS\SYSTEM32\IESV.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEUU.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEVX.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEXB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEYZ.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPAO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPCO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPGX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPHA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPHF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPHJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPIM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPJW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPMH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPND.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPRH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPRP.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPTD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPTI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPVK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPVP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPVQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPWM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\IPZE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVABB.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVABH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVADB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVADL.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAGR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAGU.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAHD.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAHK.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAIN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAJH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAJV.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAKQ.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVALD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVALG.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAMO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVANI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVANW.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAPW.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVARH.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAUF.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAUY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\JAVAYM.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCAQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCAZ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCCG.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCDA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCDF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCEK.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCES.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCFE.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCFL32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCFQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCGU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCHM.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCHX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCIG.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCJK.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCLI.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCLN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCPI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCPR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCPX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCQM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCSH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCSV.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCTK.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCUT32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCWP.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCXC.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCYF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCYJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCZF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MFCZM.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSAB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSAD.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSAI.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSBW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSBY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSGW.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSHH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSHI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSHK.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSJN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSOD.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSOM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSPM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSRA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSRC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSRE.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSTS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSTW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSUS.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSVR.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSVX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSWE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSXU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSYP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\MSZB.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETAK.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETBI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETDV.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETFK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETFS.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETHG.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETHV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETIG.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETJR.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETMF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETNY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETOH32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETOT.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETOU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETPN.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETQV.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETRO.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETSX32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETTA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETTB.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETTM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETUV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETWU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETXF.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETXT.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETZB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NETZG.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTAN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTBI.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTDD.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTDY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTFK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTHJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTHT.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTIZ.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTJF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTJP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTJS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTKJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTKQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTLS32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTMA.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTMT.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTNW.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTOF32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTQG.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTQG32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTQU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTRL32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTRY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTSM.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTSP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTTI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTUA.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTUY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTVA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTVO.EXE - Deleted
C:\WINDOWS\SYSTEM32\NTYE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKAC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKAV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKCB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKDR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKEL.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKGT.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKHD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKHR32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKHU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKKN.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKLA.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKMC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKMW.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKNQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKPW32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKQC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKQO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKRC.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKRT.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKRX.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKUK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKUP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKYW.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKZC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SDKZV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSAL.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSAT32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSBC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSBF.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSCT.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSDI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSDL.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSEC32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSEG32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSFT.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSHI.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSIB32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSIV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSKI.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSKU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSLE.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSMJ.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSNL.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSNO.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSOO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSOT32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSOY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSPM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSTQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSTU32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSTW.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSVI.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSVI32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSVV32.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSXY.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSYD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINBC.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINBK.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINCK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINCO.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINDQ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINFY32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINGK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINHE.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINIO32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINLA32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINLI.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINMO.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINNJ32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINNN.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINOQ.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINOX.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINPE32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINPM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINQM.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINQN32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINWP32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINXK32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINXN.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINYD.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINZD32.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINZM32.EXE - Deleted
C:\WINDOWS\SYSTEM32\ADDAA.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDAD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDCE.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDCM.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDCO.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDCY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDED32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDFA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDFL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDGE.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDIG.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDIK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDIU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDJF.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDJN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDLD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDLG.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDNO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDOC.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDQP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDSO.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDVV.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDWE.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDWF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDXY.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDYW.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIAI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIAP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIAZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIBC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIBW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APICV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIDC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIDT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIDX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIET32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIFL.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIGI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIGZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIIX.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIJA.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIJZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIKE.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIKF.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIKL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APILV.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIMP.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIOC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIPN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIQW.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIRP.DLL - Deleted
C:\WINDOWS\SYSTEM32\APISR.DLL - Deleted
C:\WINDOWS\SYSTEM32\APISZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\APITK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APITT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIUB.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIVO.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIVR.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIWV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIXM.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIXP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIYE.DLL - Deleted
C:\WINDOWS\SYSTEM32\APIZZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPDP.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPDS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPEK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPEP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPFB.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPFI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPGX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPHE.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPHF.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPHG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPHZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPIG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPKI.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPKO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPLM.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPNC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPNG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPNI.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPNQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPRA.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPRI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPSK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPSX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPTH.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPTN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPTT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPUI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPVN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPWI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPXQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPYG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPYP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\APPZI.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLCL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLEG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLGC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLGT.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLHA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLHO.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLHQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLIA.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLIT.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLIX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLJF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLJJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLKE.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLKO.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLKY.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLLX.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLMZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLNU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLOX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLOZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLPW.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLQL.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLQU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLRD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLRL.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLRV.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLRY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLSA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLVN.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLWI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLWW.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLWX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLYN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLYV.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLYY.DLL - Deleted
C:\WINDOWS\SYSTEM32\ATLZF.DLL - Deleted
C:\WINDOWS\SYSTEM32\BCCRW.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRBD.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRBM.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRCB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CREN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRET32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRFB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRFP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRFQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRFR.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRFX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRHW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRIF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRIL.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRIZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRJT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRKE.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRKQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRKY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRMB.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRMF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRMG.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRNE.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRNG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CROJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\CROW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRPP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRPX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRUC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRUQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRVA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRVB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRVI.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRVL.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRXD.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRXJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRYJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRZS.DLL - Deleted
C:\WINDOWS\SYSTEM32\CRZX.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3AW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3AZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3CY.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3EF.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3EV.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3EW.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3FB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3GO.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3IG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3IY.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3JJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3JO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3KB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3LE.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3LN.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3MG.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3MN.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3MZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3NE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3NL.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3OM.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3PI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3PP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3PZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3RA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3SG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3VD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3VH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3VK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3VU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3WK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3WU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3XG.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3YA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3YD.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3YF.DLL - Deleted
C:\WINDOWS\SYSTEM32\D3ZU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IECR.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEDC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEDE.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEDL.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEEC.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEFO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEFR.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEHA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEHE.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEJM.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEKE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEKX.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEMH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IENR.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEOC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEOK.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEPP.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEPU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEQE.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEQX.DLL - Deleted
C:\WINDOWS\SYSTEM32\IERV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IESC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IESU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IESW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IETI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IETN.DLL - Deleted
C:\WINDOWS\SYSTEM32\IETO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEWB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEWH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEYK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEYN.DLL - Deleted
C:\WINDOWS\SYSTEM32\IEYW.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPAH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPAR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPBA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPBO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPBZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPCN.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPCS.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPFM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPHM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPHN.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPHT.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPIK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPIS.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPJR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPKE.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPKI.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPKU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPLK.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPLP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPLU.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPNC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPNZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPOS.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPOT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPOU.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPQA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPQD.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPRR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPRT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPUL.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPUR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPVD.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPWR.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPXK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPYE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\IPZN.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAAE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAAR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAAZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVABD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVABL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVABT.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVACJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVACS.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVADH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAEW.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAFX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAGB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAGD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAGM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAHG.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAHV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAIR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAIV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAJV.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVALD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVALR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAMZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVANC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVANL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVANW.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVANY.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAOJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAON32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAPB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAPN.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAQC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVARD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVATM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVATR.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVATZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAUD.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAUP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAUV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAVC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAVS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAXC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAXR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAXS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAXU.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAXW.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAYG.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAZH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAZO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAZX.DLL - Deleted
C:\WINDOWS\SYSTEM32\JAVAZY.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCAH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCAS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCBK.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCCF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCCW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCDF.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCDS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCDU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCEK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCEN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCFO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCGN.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCIA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCIQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCJA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCMJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCMK.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCMV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCMZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCNM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCNR.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCNR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCPH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCPO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCPR.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCQJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCRE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCRW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCSD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCSR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCTG.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCUJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCUR.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCVQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCWZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCYT.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCYU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MFCYX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSAI.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSAP.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSBS.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSCJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSEA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSEO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSER.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSEU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSFJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSGO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSGU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSHQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSHV.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSJN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSMC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSOY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSPB.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSPG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSPJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSPL.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSRN.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSSS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSSZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSTG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSUT.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSVH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSWF.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSWS.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSXG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSXY.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSYV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSZL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\MSZX.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETAK.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETAS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETBN.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETBO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETCN.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETEL.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETFD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETFE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETFI.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETFU.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETGL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETGT.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETIP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETJM.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETJX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETKC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETKM.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETLA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETLH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETLM.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETMA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETMF32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETMS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETNG.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETNY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETOR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETQE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETQH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETQX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETRB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETRS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETSO.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETTS.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETUE.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETVA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETWK32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETXN.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETXR32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETXS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETYA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETYC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NETZX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTBG.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTBV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTCT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTCU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTCV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTDV.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTDV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTEA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTEQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTFU.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTFV.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTGQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTHK.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTIO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTLW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTMG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTMM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTNE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTOE.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTOH.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTRG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTRO32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTRU.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTSB.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTSJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTSU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTTE.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTUS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTVC.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTWJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTWO.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTWP.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTYJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTYQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\NTZC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKBS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKCB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKCG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKCT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKCW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKDV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKEH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKFV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKFW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKGI.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKHN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKJB.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKJI.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKJQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKKN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKMC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKMS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKNB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKPJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKPU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKQX.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKQZ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKRP32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKRR.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKRW.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKTV.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKTX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKUH32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKUI.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKWQ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKWX.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKWY.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKYJ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKYY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SDKZX.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSAE.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSBO.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSDG.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSDL.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSEA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSEO.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSES.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSFM.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSGN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSGU.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSGW32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSHC32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSHK.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSHS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSIC.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSII.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSLS32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSMC.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSMV.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSNE.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSOI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSPX.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSPY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSQA.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSTQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSTY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSTZ32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSUU.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSVI32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSWM.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSWT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSXA.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSXD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSXN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSYA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSYG32.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSZN.DLL - Deleted
C:\WINDOWS\SYSTEM32\SYSZN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINAB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINAS.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINCD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINDV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINEY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINFY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINGV.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINHL32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINHY.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINIH.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINJF.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINKA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINKM32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINKN32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINLE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINLV.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINMH.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINMW.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINND32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINNJ.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINNQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINNU.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINNV.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINOD32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINOQ.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINOT32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINOX32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINQB32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINQT.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINRE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINRM.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINRW.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINSP.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINSR.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINSV32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINTD.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINUE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINVA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINWA32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINXU32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINYC.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINYY32.DLL - Deleted
C:\WINDOWS\SYSTEM32\WINZE32.DLL - Deleted
C:\WINDOWS\SYSTEM32\ADDIGN.EXE - Deleted
C:\Documents and Settings\Compaq_Propri‚taire\Local Settings\Application Data\cftmon.exe - Deleted
C:\Documents and Settings\LocalService\Local Settings\Application Data\cftmon.exe - Deleted
C:\WINDOWS\SYSTEM32\ADDIGN.EXE - Deleted
C:\DOCUME~1\COMPAQ~1\FTPDLL.DLL - Deleted
C:\Documents and Settings\Compaq_Propri‚taire\Local Settings\Temp\ubi15.tmp.exe - Deleted
C:\WINDOWS\system32\alt.exe.exe - Deleted
C:\WINDOWS\Temp\1156.tmp.lst - Deleted
C:\WINDOWS\Temp\1216.tmp.lst - Deleted
C:\WINDOWS\Temp\12B5.tmp.lst - Deleted
C:\WINDOWS\Temp\1343.tmp.lst - Deleted
C:\WINDOWS\Temp\13FE.tmp.lst - Deleted
C:\WINDOWS\Temp\14CA.tmp.lst - Deleted
C:\WINDOWS\Temp\1642.tmp.lst - Deleted
C:\WINDOWS\Temp\1827.tmp.lst - Deleted
C:\WINDOWS\Temp\1829.tmp.lst - Deleted
C:\WINDOWS\Temp\189D.tmp.lst - Deleted
C:\WINDOWS\Temp\18DD.tmp.lst - Deleted
C:\WINDOWS\Temp\1942.tmp.lst - Deleted
C:\WINDOWS\Temp\19C1.tmp.lst - Deleted
C:\WINDOWS\Temp\19C3.tmp.lst - Deleted
C:\WINDOWS\Temp\1A10.tmp.lst - Deleted
C:\WINDOWS\Temp\1B70.tmp.lst - Deleted
C:\WINDOWS\Temp\1D0B.tmp.lst - Deleted
C:\WINDOWS\Temp\1DA0.tmp.lst - Deleted
C:\WINDOWS\Temp\1DD.tmp.lst - Deleted
C:\WINDOWS\Temp\1F9F.tmp.lst - Deleted
C:\WINDOWS\Temp\1FF4.tmp.lst - Deleted
C:\WINDOWS\Temp\2221.tmp.lst - Deleted
C:\WINDOWS\Temp\22AD.tmp.lst - Deleted
C:\WINDOWS\Temp\23E7.tmp.lst - Deleted
C:\WINDOWS\Temp\25AA.tmp.lst - Deleted
C:\WINDOWS\Temp\26A0.tmp.lst - Deleted
C:\WINDOWS\Temp\2749.tmp.lst - Deleted
C:\WINDOWS\Temp\2776.tmp.lst - Deleted
C:\WINDOWS\Temp\28E8.tmp.lst - Deleted
C:\WINDOWS\Temp\2C3E.tmp.lst - Deleted
C:\WINDOWS\Temp\2CC3.tmp.lst - Deleted
C:\WINDOWS\Temp\2D1A.tmp.lst - Deleted
C:\WINDOWS\Temp\301A.tmp.lst - Deleted
C:\WINDOWS\Temp\3050.tmp.lst - Deleted
C:\WINDOWS\Temp\30D4.tmp.lst - Deleted
C:\WINDOWS\Temp\30D8.tmp.lst - Deleted
C:\WINDOWS\Temp\313D.tmp.lst - Deleted
C:\WINDOWS\Temp\3246.tmp.lst - Deleted
C:\WINDOWS\Temp\3313.tmp.lst - Deleted
C:\WINDOWS\Temp\3481.tmp.lst - Deleted
C:\WINDOWS\Temp\34AF.tmp.lst - Deleted
C:\WINDOWS\Temp\3511.tmp.lst - Deleted
C:\WINDOWS\Temp\3594.tmp.lst - Deleted
C:\WINDOWS\Temp\38BA.tmp.lst - Deleted
C:\WINDOWS\Temp\38FB.tmp.lst - Deleted
C:\WINDOWS\Temp\3920.tmp.lst - Deleted
C:\WINDOWS\Temp\3A17.tmp.lst - Deleted
C:\WINDOWS\Temp\3A56.tmp.lst - Deleted
C:\WINDOWS\Temp\3A69.tmp.lst - Deleted
C:\WINDOWS\Temp\3A6C.tmp.lst - Deleted
C:\WINDOWS\Temp\3C1C.tmp.lst - Deleted
C:\WINDOWS\Temp\3CD.tmp.lst - Deleted
C:\WINDOWS\Temp\3D16.tmp.lst - Deleted
C:\WINDOWS\Temp\3E84.tmp.lst - Deleted
C:\WINDOWS\Temp\3E94.tmp.lst - Deleted
C:\WINDOWS\Temp\3EC7.tmp.lst - Deleted
C:\WINDOWS\Temp\3F0.tmp.lst - Deleted
C:\WINDOWS\Temp\3FE7.tmp.lst - Deleted
C:\WINDOWS\Temp\408F.tmp.lst - Deleted
C:\WINDOWS\Temp\4402.tmp.lst - Deleted
C:\WINDOWS\Temp\4571.tmp.lst - Deleted
C:\WINDOWS\Temp\45D2.tmp.lst - Deleted
C:\WINDOWS\Temp\471D.tmp.lst - Deleted
C:\WINDOWS\Temp\4759.tmp.lst - Deleted
C:\WINDOWS\Temp\48D3.tmp.lst - Deleted
C:\WINDOWS\Temp\4A17.tmp.lst - Deleted
C:\WINDOWS\Temp\4A2F.tmp.lst - Deleted
C:\WINDOWS\Temp\4B1E.tmp.lst - Deleted
C:\WINDOWS\Temp\4BC9.tmp.lst - Deleted
C:\WINDOWS\Temp\4D92.tmp.lst - Deleted
C:\WINDOWS\Temp\4DEE.tmp.lst - Deleted
C:\WINDOWS\Temp\4F19.tmp.lst - Deleted
C:\WINDOWS\Temp\51A8.tmp.lst - Deleted
C:\WINDOWS\Temp\551F.tmp.lst - Deleted
C:\WINDOWS\Temp\572F.tmp.lst - Deleted
C:\WINDOWS\Temp\5756.tmp.lst - Deleted
C:\WINDOWS\Temp\5775.tmp.lst - Deleted
C:\WINDOWS\Temp\5822.tmp.lst - Deleted
C:\WINDOWS\Temp\5834.tmp.lst - Deleted
C:\WINDOWS\Temp\5890.tmp.lst - Deleted
C:\WINDOWS\Temp\5A09.tmp.lst - Deleted
C:\WINDOWS\Temp\5A30.tmp.lst - Deleted
C:\WINDOWS\Temp\5AEB.tmp.lst - Deleted
C:\WINDOWS\Temp\5B58.tmp.lst - Deleted
C:\WINDOWS\Temp\5BE8.tmp.lst - Deleted
C:\WINDOWS\Temp\5C71.tmp.lst - Deleted
C:\WINDOWS\Temp\5C85.tmp.lst - Deleted
C:\WINDOWS\Temp\5CCC.tmp.lst - Deleted
C:\WINDOWS\Temp\5E09.tmp.lst - Deleted
C:\WINDOWS\Temp\5E89.tmp.lst - Deleted
C:\WINDOWS\Temp\5F4.tmp.lst - Deleted
C:\WINDOWS\Temp\607A.tmp.lst - Deleted
C:\WINDOWS\Temp\609D.tmp.lst - Deleted
C:\WINDOWS\Temp\614.tmp.lst - Deleted
C:\WINDOWS\Temp\644B.tmp.lst - Deleted
C:\WINDOWS\Temp\64F0.tmp.lst - Deleted
C:\WINDOWS\Temp\6620.tmp.lst - Deleted
C:\WINDOWS\Temp\6725.tmp.lst - Deleted
C:\WINDOWS\Temp\67E7.tmp.lst - Deleted
C:\WINDOWS\Temp\688D.tmp.lst - Deleted
C:\WINDOWS\Temp\68E9.tmp.lst - Deleted
C:\WINDOWS\Temp\6983.tmp.lst - Deleted
C:\WINDOWS\Temp\6A8F.tmp.lst - Deleted
C:\WINDOWS\Temp\6C02.tmp.lst - Deleted
C:\WINDOWS\Temp\6CB1.tmp.lst - Deleted
C:\WINDOWS\Temp\6D75.tmp.lst - Deleted
C:\WINDOWS\Temp\6E93.tmp.lst - Deleted
C:\WINDOWS\Temp\6E94.tmp.lst - Deleted
C:\WINDOWS\Temp\6F77.tmp.lst - Deleted
C:\WINDOWS\Temp\7038.tmp.lst - Deleted
C:\WINDOWS\Temp\70AE.tmp.lst - Deleted
C:\WINDOWS\Temp\72EE.tmp.lst - Deleted
C:\WINDOWS\Temp\7389.tmp.lst - Deleted
C:\WINDOWS\Temp\73C1.tmp.lst - Deleted
C:\WINDOWS\Temp\7639.tmp.lst - Deleted
C:\WINDOWS\Temp\783A.tmp.lst - Deleted
C:\WINDOWS\Temp\79A0.tmp.lst - Deleted
C:\WINDOWS\Temp\7ADB.tmp.lst - Deleted
C:\WINDOWS\Temp\7D47.tmp.lst - Deleted
C:\WINDOWS\Temp\7DF5.tmp.lst - Deleted
C:\WINDOWS\Temp\7F39.tmp.lst - Deleted
C:\WINDOWS\Temp\919.tmp.lst - Deleted
C:\WINDOWS\Temp\A89.tmp.lst - Deleted
C:\WINDOWS\Temp\CB.tmp.lst - Deleted
C:\WINDOWS\Temp\DA3.tmp.lst - Deleted
C:\WINDOWS\Temp\E0C.tmp.lst - Deleted
C:\WINDOWS\Temp\E65.tmp.lst - Deleted
C:\WINDOWS\Temp\F3D.tmp.lst - Deleted
C:\WINDOWS\Temp\F64.tmp.lst - Deleted
C:\Program Files\Temporary\kernInst.MSNFix - Deleted
C:\WINDOWS\default.htm  - Deleted
C:\WINDOWS\msav.exe  - Deleted
C:\WINDOWS\msie.dll  - Deleted
C:\WINDOWS\system32\diperto.ini  - Deleted
C:\WINDOWS\system32\mssrv32.exe  - Deleted
C:\WINDOWS\system32\winfrun32.bin  - Deleted
C:\WINDOWS\Temp\winlogon.exe  - Deleted
C:\WINDOWS\system32\drivers\astq.tga  - Deleted
C:\WINDOWS\system32\drivers\spools.exe  - Deleted



Folder C:\Program Files\Helper - Removed
Folder C:\Program Files\Temporary - Removed


Removing Temp Files

[b]ADS Check [/b]:
 


hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:33, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [jmjupelq] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\jmjupelq.dll"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Firewall auto setup] C:\WINDOWS\TEMP\winlogon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Firewall auto setup] C:\WINDOWS\TEMP\winlogon.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/importer/MypixUploader.cab
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.wistiti.fr/AlbumsPerso/ActiveX/SAXFile.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://chezmaryetalex.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) -

g!rly · Answer

bonsoir fcnalex,

et bien ?! o_Ö

tu n´as pas posté :

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

Tuto :

https://www.malekal.com/supprimer-virus-desinfecter-pc/ 

@+

fcnalex · Answer

celui d hier en dessous puis celui d auj

MSNFix 1.690  
 
C:\Documents and Settings\Compaq_Propri‚taire\Bureau\MSNFix 
Fix exécuté le 25/03/2008 - 21:09:11,03 By Compaq_Propri‚taire 
mode normal    
    
************************ Recherche les fichiers présents      
    
... C:\Program Files\Temporary\kernInst.exe 
... C:\WINDOWS\system32\svcp.csv 
... C:\WINDOWS\system32\winsub.xml 
 
************************ Recherche les dossiers présents       
 
Aucun dossier trouvé 
 
 
 
 
************************ Suppression des fichiers       
    
.. OK ... C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\winlogon.exe 
.. OK ... C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\services.exe 
.. OK ... C:\WINDOWS\system32\mgmrwmrv.exe, 
.. OK ... C:\Program Files\Temporary\kernInst.exe  
.. OK ... C:\WINDOWS\system32\svcp.csv  
.. OK ... C:\WINDOWS\system32\winsub.xml  
 
 
 
************************ Nettoyage du registre 
 
 
 
Les fichiers encore présents seront supprimés au prochain redémarrage 
 
 
Aucun Fichier trouvé 
 
 
 
************************ Fichiers suspects 
 
Aucun Fichier trouvé 
 
  
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 25032008_21192785.zip
 
************************ HKLM\...\Winlogon\Userinit 
 
Userinit = C:\WINDOWS\system32\userinit.exe, 


------------------------------------------------------------------------  
Auteur : !aur3n7                     Contact: https://www.ionos.fr/     
------------------------------------------------------------------------   
 
---------------------------------------------   END   --------------------------------------------- 
 
AUJOURD HUI

MSNFix 1.690  
 
C:\Documents and Settings\Compaq_Propri‚taire\Bureau\MSNFix 
Fix exécuté le 26/03/2008 - 21:35:53,75 By Compaq_Propri‚taire 
mode normal    
    
************************ Recherche les fichiers présents      
    
Aucun Fichier trouvé 
 
************************ Recherche les dossiers présents       
 
Aucun dossier trouvé 
 
 
************************ Fichiers suspects 
 
Aucun Fichier trouvé 
 
  
************************ HKLM\...\Winlogon\Userinit 
 
Userinit = C:\WINDOWS\system32\userinit.exe, 


------------------------------------------------------------------------  
Auteur : !aur3n7                     Contact: https://www.ionos.fr/     
------------------------------------------------------------------------   
 
---------------------------------------------   END   --------------------------------------------- 
 
dit moi ce que je dois faire?
j ai encore
LoadLibrary("C:\Documents and Settings\All Users\Application Data\jmjupelq.dll") a échoué - Le module spécifié est introuvable

g!rly · Answer

re,

tu dois encore l´avoir c´est sur...

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe     

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message ainsi qu´un nouveau rapport hijack this en entier.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

@+

g!rly · Answer

fcnalex,

la suite :

Copie le texte ci-dessous :

File::
C:\WINDOWS\dvvid32.exe
C:\WINDOWS\igogo.exe
C:\WINDOWS\TEMP\winlogon.exe

Folder::
C:\Program Files\zango
C:\Program Files\180solutions
C:\Program Files\180searchassistant
C:\Program Files\180search assistant
C:\Documents and Settings\Administrateur\Application Data\Symantec

Registry::
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Firewall auto setup"=-

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix, 

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+

fcnalex · Answer

-ok
-
FCNALEX

g!rly · Answer

et?

Gros pb sur lancement suite a des virus

9 réponses

Discussions similaires