Sujet Précédent Sujet Suivant

AIDE PC INFECTER DE SPYWARE ,TROJAN DIALER

jerm93110 -  
 Jerm93110 -
Bonjour,

Mon Pc est enormement infecté , j'ai avast , spybot , aVg spyware , hijackthis , enfin Bref , je ne sais pas comment m'y prendre pour desinfecter mon oRdinateur ...

Voici quelque infection : TRojan vitumonde , apllication trackincookie , adwar advertising

voila aidé moi SVP , merci d'avance
A voir également:

56 réponses

Précédent
Réponse 21 / 56
jerm93110
 
LA ligne a fixer n'etait plus presente sur hijackthis , Mais j'ai remarquer une autre Ligne , qui comporté un spyware

O4 - HKLM\..\RunOnce: [*aliceadsl] C:\WINDOWS\system32\aliceadsl.exe

ce spyware a été de nombreuse foit detecter par avast , mai aussi Avg , donc j'ai fixer la les lignes , Puis j'ais effectué l'autre etape Avec movedit

en copiant cette adresse
C:\WINDOWS\system32\aliceadsl.exe

Voici le rapport
C:\WINDOWS\system32\aliceadsl.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04082008_003107
0
Réponse 22 / 56
jerm93110
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:37, on 2008-04-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\TuneUp Utilities 2006\StartUpManager.exe
C:\Documents and Settings\Jerm\Bureau\OTMoveIt2.exe
C:\Documents and Settings\Jerm\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: (no name) - {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [*aliceadsl] C:\WINDOWS\system32\aliceadsl.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AntiBoss] "C:\Program Files\MinoProd\AntiBoss 2006\AntiBoss.exe" /iconify
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [aliceadsl] C:\WINDOWS\system32\aliceadsl.exe
O4 - HKCU\..\Policies\Explorer\Run: [NT Security Service] NTSecurity.exe
O4 - HKCU\..\Policies\Explorer\Run: [Printing Utilities] spolsv.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Check] MicroSecure.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?850d8a932a934e0c9cd979b1d0474a68
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?850d8a932a934e0c9cd979b1d0474a68
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard (avg anti-spyware guard) - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 23 / 56
jerm93110
 
DAns ce rapport , Je vois ke aliceadsl est REvenus XD , dure a effacé ..
0
Réponse 24 / 56
Utilisateur anonyme
 
=========== OAD ( outil d'aide au diagnostic ) ============

Télécharger OAD < http://sosvirus.changelog.fr/OAD.exe >
• L'enregistrer sur le bureau

• Sous VISTA Clique droit sur le fichier OAD.exe et sur Propriétés, dans l'onglet Compatibilité
Cadre Niveau de privilège cocher Exécuter ce programme en tant qu'administrateur.

• Lancer OAD.exe en faisant un double-click sur le fichier
• Saisir -> aliceadsl.exe ( faire un copier/coller )
• Type de recherche : sélectionner l'option 6 puis valide entrée
• OAD va maintenant rechercher le fichier.
• Le laisser travailler jusqu'à ce qu'il en ait terminé.
• Suivant la taille des disques durs, cette recherche peut prendre plusieurs minutes.

------------- Patienter. --------------

• Le rapport de recherche s'affichera automatiquement dès qu'il en aura terminé.
• Faire un copier/coller de ce rapport dans le prochain message.

Note: Certains Antivirus peuvent émettre une alerte lors du téléchargement / utilisation > ignore
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 56
jerm93110
 
§§§§§§ [aliceadsl.exe] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete

********************
[Registre]
********************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A1C627C1-87DE-1B72-72D6-D182B3CD8AA2}]
"StubPath"="C:\\WINDOWS\\system32\\aliceadsl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*aliceadsl"="C:\\WINDOWS\\system32\\aliceadsl.exe"

[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\CurrentVersion]
"bnhide"="3800|aliceadsl.exe|aliceadsl|4000|x|"

[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"aliceadsl"="C:\\WINDOWS\\system32\\aliceadsl.exe"

[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\WINDOWS\\system32\\aliceadsl.exe"="aliceadsl"

*******************
[Fichier]
*******************

c:\_OTMoveIt\MovedFiles\04082008_003107\WINDOWS\system32\aliceadsl.exe
c:\WINDOWS\system32\aliceadsl.exe

*********************
[Même date]
*********************

[2008-04-04 ] ---> C:\-1002049324
[2008-04-04 ] ---> C:\p2hhr.bat
[2008-04-04 ] ---> C:\WINDOWS\system32\aliceadsl.exe

Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0
Réponse 26 / 56
Utilisateur anonyme
 
Est ce que tu sais te servir de regedit pour la base de registre ?
0
Réponse 27 / 56
jerm93110
 
PAS du tout ... :s
0
Réponse 28 / 56
Utilisateur anonyme
 
On va voir si ComboFix accepte ça

---------------- CORRECTION COMBOFIX ------------------

fais ceci :

• Copier le texte ci-dessous :


File::
c:\WINDOWS\system32\aliceadsl.exe
C:\-1002049324
C:\p2hhr.bat

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A1C627C1-87DE-1B72-72D6-D182B3CD8AA2}]
"StubPath"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*aliceadsl"=-
[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\Curre­ntVersion]
"bnhide"=-
[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\Curre­ntVersion\Run]
"aliceadsl"=-
[HKEY_USERS\S-1-5-21-1004336348-2139871995-839522115-1003\Software\Microsoft\Windows\Shell­NoRoam\MUICache]
"C:\\WINDOWS\\system32\\aliceadsl.exe"=-


• Ouvrir le Bloc-Notes puis coller le texte copié. (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
• Sauvegarder ce fichier sous le nom de CFScript.txt.
• Glisser maintenant le fichier CFScript.txt dans Combofix.exe comme montré ici
• Cela va relancer Combofix,
• Une fenêtre bleue va apparaître: un message qui apparait ( Type 1 to continue, or 2 to abort)
• taper 1 puis valider.

• Patienter le temps du scan. Le bureau va disparaitre à plusieurs reprises: c'est normal!
• Ne toucher à rien tant que le scan n'est pas terminé.

• Après redémarrage, copier/coller le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de redémarrage, redémarrer et poster les rapports.
0
Réponse 29 / 56
jerm93110
 
JE le fais en mode sans echec? ui normal la toute suite?
0
Réponse 30 / 56
Utilisateur anonyme
 
Normal
0
Réponse 31 / 56
jerm93110
 
COmbofix ne se lance pas , L'ecran bleu est aparu puis a disparu , sa me rend fou la ... lol
0
Réponse 32 / 56
Utilisateur anonyme
 
On va tout de suite savoir si c'est viral ou pas

==================== VIRUS TOTAL ======================

Aller sur le site VIRUS TOTAL

• COPIER/COLLER dans le champ de saisie ce qui est en gras

c:\WINDOWS\system32\aliceadsl.exe

• Appuyer sur le bouton Envoyer le fichier

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

• Copier/Coller le rapport dans le prochain message.
0
Réponse 33 / 56
jerm93110
 
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.8.0 2008.04.07 -
AntiVir 7.6.0.81 2008.04.07 TR/Dldr.Obfuscated.IO
Authentium 4.93.8 2008.04.08 -
Avast 4.8.1169.0 2008.04.07 -
AVG 7.5.0.516 2008.04.07 Agent.SXQ
BitDefender 7.2 2008.04.08 Packer.Malware.Crypter.C
CAT-QuickHeal 9.50 2008.04.05 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.04.08 -
DrWeb 4.44.0.09170 2008.04.08 -
eSafe 7.0.15.0 2008.04.01 Suspicious File
eTrust-Vet 31.3.5680 2008.04.08 -
Ewido 4.0 2008.04.07 Downloader.Obfuscated.io
F-Prot 4.4.2.54 2008.04.07 -
F-Secure 6.70.13260.0 2008.04.08 Trojan-Downloader.Win32.Obfuscated.io
FileAdvisor 1 2008.04.08 -
Fortinet 3.14.0.0 2008.04.07 -
Ikarus T3.1.1.26 2008.04.07 Packer.Malware.Crypter.C
Kaspersky 7.0.0.125 2008.04.08 Trojan-Downloader.Win32.Obfuscated.io
McAfee 5268 2008.04.07 -
Microsoft 1.3408 2008.04.06 -
NOD32v2 3007 2008.04.07 Win32/TrojanDropper.Delf.NFH
Norman 5.80.02 2008.04.07 -
Panda 9.0.0.4 2008.04.07 Suspicious file
Prevx1 V2 2008.04.08 Generic.Malware
Rising 20.38.60.00 2008.04.03 -
Sophos 4.28.0 2008.04.08 Mal/EncPk-CO
Sunbelt 3.0.1032.0 2008.04.07 VIPRE.Suspicious
Symantec 10 2008.04.08 -
TheHacker 6.2.92.267 2008.04.07 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.07 -
Webwasher-Gateway 6.6.2 2008.04.07 Trojan.Dldr.Obfuscated.IO
Information additionnelle
File size: 54784 bytes
MD5...: 3cae4686f59a6a77588698c6eb06747e
SHA1..: 0887d5aeb8598f57c8cdaf91aa9db076c2c7729d
SHA256: c5aea703b2c54db035ecbdfb3085604889c2c66470dd33441761da3aae04d6e1
SHA512: 865758c783862caed7ad0d51c7ca5f88628bc53adde601edc08182a8dabcdce1
b2215fa090d9e06800affa0249e1aaa6e1a3c86685fb2f0900a7df0da88c929a
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401000
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
_s_1_ 0x1000 0x11000 0x9c00 7.99 21c2c3cdf98ab40d836ff9e9062b9b36
_p 0x12000 0x4000 0x3400 6.97 31f797eae1a099c6f53bd4c5138c8f03

( 0 imports )

( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=19B45D19000986F3D6470071080C7B00B0BFFBD3
0
Réponse 34 / 56
Utilisateur anonyme
 
Effectivement.

Je vais préparer un fix pour cette bête.

On fini demain si tu veux. Je ne serai là qu'en soirée.
0
Réponse 35 / 56
jerm93110
 
Oki , Pas de probleme , A demin =) , et merci d'avance
0
Réponse 36 / 56
Utilisateur anonyme
 
=============== DESINSTALLER AVAST ==================

desintaller avast qui est une vrai passoire via le lien ci dessous

desintal Avast

===================== ANTIVIR ========================
Qui remplacera avantageusement AVAST

Télécharger ANTIVIR qui est un antivirus gratuit

Suivre la procédure jusqu'au bout. En cas de doute demander

Procédure d'installation

Pour les réglages

------
• Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
• Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes.

• Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
• Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
• Faire une analyse complète de la machine

En fin de scan ( qui est assez long)
• Clic Sauvegarder REPORT puis Enregistrer sous et choisir bureau
-------
• Relancer la machine en mode normal
• Copier/coller le rapport ici

================ AVG ANTI-SPYWARE ===================
Gratuit
Merci à ep44 pour ce mode explicatif
Télécharger:
AVG-AntiSpyware
• Installer
• Le lancer
• Click : Mise à jour
------
• Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
• Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes.

• Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
• Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
• Dans ANALYSE ( en forme de loupe ) <<===== I M P O R T A N T
• Paramètres ==> sous COMMENT REAGIR==>click sur Actions recommandées ==>Quarantaine
• Click : Analyse complète du système

En fin de scan ( qui est assez long)
• Clic Appliquer toutes les actions <== ceci Très important
• Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
• Relancer la machine en mode normal
• Copier/coller le rapport ici + rapport HiJackThis

(Ne surveillera plus le PC en arrière-plan dans 30 jours mais pourra servir à faire des scans et supprimer les infections)
---------------------------------------
A ce soir
0
Réponse 37 / 56
jerm93110
 
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 21:08:11
ANTIVIR2.VDF : 7.0.3.127 649216 Bytes 2008-04-07 21:08:11
ANTIVIR3.VDF : 7.0.3.135 57344 Bytes 2008-04-08 21:08:11
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 2008-04-08 21:08:11
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-04-08 21:08:11
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-04-09 00:11

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '26' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Jerm\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.29112
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ball'n 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ball-Bar 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BallClicks 1.0.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballet .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballet Browser 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballistic 1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballistics 1.0.1 patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballistics 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballistics demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballistik 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballmaster 2 1.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Blast 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Dart 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Express 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Headed Boy 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Kaboom & Balloon Kaboom Challenge 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon OCX 2.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Shot 1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Tooltips .NET 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloon Wolffy 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Ballooneys Lite Screensaver 2.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BalloonRain 1.0d.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloons Animated Jigsaw Puzzle 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balloons Galore Screensaver 4.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balls 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balls Millennium 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balls of Steel Patch 1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balls Up Episode 1 1.11a.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BallSwapper 1.05.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Balltris 1.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bamboozle 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bambusa (Classic) 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bambusa 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banana Run 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BananaPC 4.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bananas In Space 1.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Band Minus One 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Band Name Generator 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Band Promotion Tracker 0.01.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Band-in-a-Box 9.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BanderSnatch 1.0.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandit's Big Adventure 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandits Phoenix Rising 1.1 patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandits Phoenix Rising 1.1.1 patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandits Phoenix Rising demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandits Phoenix Rising, All Territories, 1.1 patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Controller 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Meter 5.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Monitor for IIS 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Monitor Lite Edition 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Monitor Pro 1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Tester 0.5.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bandwidth Vista 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BandX 1.50.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bang Gunship Elite demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BangaBangarasoft Family 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bangarsoft SlideShow 4.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bangla Translation of Quran 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bank Account Tracking 5.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bank Easy 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bank Statement 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bankarama 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BankBook 4.3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bankspinner 2.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BankTree Personal 1.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banner Factory 5.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banner Fighter 3.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banner Maker Pro 6.0.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banner Maker Pro for Flash 1.02.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banner Show 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bannershop GIF Animator 5.0.8.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BannerZapper 4.02.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Banzai Bug demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code 128 Utility 3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code 25 Interleaved Utility 3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code 39 Utility 3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code 93 Utility 3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code ActiveX from TAL 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Code DLLs from TAL 3.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bar Codes Plus 2,7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barbie Dress Up Game 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barbu 1.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarbusLab MobiDB 2.0.3 build 107.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barca 2.1 build 3650.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarChartApplet 2.0.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode .Net 3.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode ActiveX Control & DLL 4.8.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Controls 3.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Creator 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode DLL for Pocket PC 5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Generator 2.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Label Generator 1.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Label Maker 4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Label Maker Deluxe 5.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCode Label Printer 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Label Workshop Enterprise 6.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Macros for OpenOffice and StarOffice 2006.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCode Maker 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Maker 5.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Plugin For FileMaker 2.01.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Pro 2.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Producer 2.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode Wizard 4.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode X (Classic) 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode X 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode XL 1.52.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCode-ActiveX 3.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode-Writer.NET 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcode.dll 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarcodeNet 6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcoder128 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCodeWiz Barcode ActiveX Control 2.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCodeWiz Code 128 Barcode Fonts 1.17.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCodeWiz Code 39 Barcode Fonts 1.19.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCodeWiz Interleaved 2 of 5 Barcode Fonts 1.13.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarCodeWiz UPC EAN Barcode Fonts 1.18.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarcodeX 5.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcodit 3.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barcodlabgen 1.28.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarelyFitz JavaScript Slideshow 1.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BargainChecker Toolbar 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarGenie 9.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarLaunch 8.10.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barman's life 2.01.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barnarda Clock Screensaver 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barnyard Invasion 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barr AFP Viewer 4.2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarracudaDrive 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barrel Breaker .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Barry's Sleep Timer 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BarSim 1.5.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bartender 1.31.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bartender's Companion 2004.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basal Metabolic Rate Calculator 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bascom-AVR 2.16l.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bascom51 BASIC Compiler for the 8051 2.16l.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Base64 De-Encoder 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Base64 EncoderDecoder 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Addict 1.0.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Assistant 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Calculator 2.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Edition 2000 demo b.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Legends Screensaver .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Memories 3.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2002 patch 4.42.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2003 5.4.1 patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2003 demo 5.3.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2003 Play-by-Play Art patch .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2004 demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2005 7.06.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2005 7.07.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2006 demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Mogul 2007 9.1.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Scoreboard 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball Statistics 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseball StatWiz 6.053.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BaseBallX 1.4.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BaseBallX 1.4.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Baseballz Screensaver 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BaseNow 1.1.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Algebra Shape-Up Set 1 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Crystal Package - Icon Collections 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Date Picker 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Electrical Troubleshooting 2.50.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Facts Bingo 1.0.41.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Facts Worksheet Factory 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic HTML Editor 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Icon Set 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Inventory Control 5.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Invoicing 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Pack Icon Collection 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Standart Package - Tetra Stock Icons 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic Test 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic4ppc 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basic4ppc Desktop 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BasicAuth BBEdit Plug-In 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BasicCalculator 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BasicFacts Maker II 3.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basicfunder Premier - Fundraising & Donor Edition 2.45.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BasiCommunication 3.0.46.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basics Payroll 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BasinFlow May 2005.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basis 5.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basketball 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basketball Assistant 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basketball Scoreboard Deluxe 1.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basketball Scoreboard Standard 1.1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Basketball StatWiz 4.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Club Organizer 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Fishing Scenes 2.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Fretboard Addict 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Guitar Workshop 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Masters Classic Tournament Edition .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Tournament Log 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bass Tuner 5.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bassets Depreciation Calculator 1.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bassets Fixed Asset System 4.41.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bassline WinPopUp 5.27g.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bassment 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BassTime 2003.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bastet Win 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Bat Bat Ball 3.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\BAT-Spooler Standard Edition 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Barcode Maker 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Copy 1.2.15.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Fax to PDF 2.2 build 060919.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Fax2JPEG 2 build 060725.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Fax2Tif 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch File Compiler Professional Edition 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch File Creation Utility 1.1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch File Rename 1.23.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch File Utility 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Folder Creator (Personal Edition) 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Image Commander 1.37.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Image Resizer 1.0.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Image Resizer 2.81.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch It 4.64.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch It Pro 3.74.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch It Ultra 3.96.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch JPEG Rotator 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Master 06-9.1Global.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Photo WaterMark 1.01 build 20051128.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Plot Drawings 1.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Print Pro 2.04.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Rename .EXE 1.0.53.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Replace Online 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Replacer 3.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Replacer for MS Excel 1.8.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Replacer for MS Word 2.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Sizer 1.01.15.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch SWF URL Updater 1.02.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Text Replacer 2.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch TIFF Resizer 1.48.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch To Exe Converter 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Video Converter 2.9.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was deleted!
C:\Documents and Settings\Jerm\Complete\Batch Video Joiner 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
0
Réponse 38 / 56
jerm93110
 
probleme non resolu , help SVP
0
Réponse 39 / 56
jerm93110
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08, on 2008-04-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: (no name) - {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AntiBoss] "C:\Program Files\MinoProd\AntiBoss 2006\AntiBoss.exe" /iconify
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [aliceadsl] C:\WINDOWS\system32\aliceadsl.exe
O4 - HKCU\..\Policies\Explorer\Run: [NT Security Service] NTSecurity.exe
O4 - HKCU\..\Policies\Explorer\Run: [Printing Utilities] spolsv.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Check] MicroSecure.exe
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?850d8a932a934e0c9cd979b1d0474a68
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?850d8a932a934e0c9cd979b1d0474a68
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard (avg anti-spyware guard) - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 40 / 56
Utilisateur anonyme
 
Salut

Grrrr

===================== COMBOFIX =======================
</gras>
• Installer ComboFix sur le bureau

---------------- CORRECTION COMBOFIX ------------------

fais ceci :

• Copier le texte ci-dessous :


File::
c:\windows\system32\aliceadsl.exe

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"aliceadsl"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"NT Security Service"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Printing Utilities"=-


• Ouvrir le Bloc-Notes puis coller le texte copié. (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
• Sauvegarder ce fichier sous le nom de CFScript.txt.
• Glisser maintenant le fichier CFScript.txt dans Combofix.exe comme montré ici
• Cela va relancer Combofix,
• Une fenêtre bleue va apparaître: un message qui apparait ( Type 1 to continue, or 2 to abort)
• taper 1 puis valider.

• Patienter le temps du scan. Le bureau va disparaitre à plusieurs reprises: c'est normal!
• Ne toucher à rien tant que le scan n'est pas terminé.

• Après redémarrage, copier/coller le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de redémarrage, redémarrer et poster les rapports.
0