RUNDLL
Twister
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Lors de l'ouverture de ma session sur Windows XP familial, les 3 messages suivants me sont apparu:
Erreur de chargement C:\WINDOWS\system32\NvCpl.dll
Une routine d'initialisation d'une librairie dynamique (DLL) a échoué
Erreur de chargement C:\WINDOWS\system32\jhvfrjni.dll
Accès refusé.
Erreur de chargement C:\WINDOWS\system32\toimsbet.dll
Accès refusé.
Que dois-je faire? Merci d'avance.
Lors de l'ouverture de ma session sur Windows XP familial, les 3 messages suivants me sont apparu:
Erreur de chargement C:\WINDOWS\system32\NvCpl.dll
Une routine d'initialisation d'une librairie dynamique (DLL) a échoué
Erreur de chargement C:\WINDOWS\system32\jhvfrjni.dll
Accès refusé.
Erreur de chargement C:\WINDOWS\system32\toimsbet.dll
Accès refusé.
Que dois-je faire? Merci d'avance.
11 réponses
salut
montre voire un rapport hijack this stp
Télécharge HijackThis ici :
-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)
-> http://pageperso.aol.fr/balltrap34/Hijenr.gif
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Post le rapport généré ici stp...
@+
montre voire un rapport hijack this stp
Télécharge HijackThis ici :
-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)
-> http://pageperso.aol.fr/balltrap34/Hijenr.gif
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Post le rapport généré ici stp...
@+
aie
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://sd-1.archive-host.com/membres/up/1366464061/ComboFix2.rar
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
+
un nouveau rapport hijack this
@+
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://sd-1.archive-host.com/membres/up/1366464061/ComboFix2.rar
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
+
un nouveau rapport hijack this
@+
ComboFix 08-04-07.5 - Compaq_Propriétaire 2008-04-08 16:08:30.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.501 [GMT 2:00]
Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\DriveCleaner Free
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\Compaq_Propriétaire\Application Data\DriveCleaner Free
C:\Documents and Settings\Compaq_Propriétaire\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\HbTools
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\HbTools\HbTools.log
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\defaultPack.cab
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\languages.xml
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\languages_v2.xml
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner\Website.lnk
C:\Program Files\Fichiers communs\drivecleaner free
C:\Program Files\Fichiers communs\drivecleaner free\udcsdr.exe
C:\Program Files\VideoAccessCodec
C:\Program Files\VideoAccessCodec\install.ico
C:\Program Files\VideoAccessCodec\Uninstall.0xe
C:\Program Files\VideoAccessCodec\VideoAccessCodec.0cx
C:\WINDOWS\BM6b3eadef.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\main_uninstaller.exe
C:\WINDOWS\pack.epk
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aabqfhxs.ini
C:\WINDOWS\system32\abftenof.dll
C:\WINDOWS\system32\aclxpcoi.dll
C:\WINDOWS\system32\adtdstmy.ini
C:\WINDOWS\system32\aeksrrhd.ini
C:\WINDOWS\system32\afdnvepy.dll
C:\WINDOWS\system32\ampvtaopip.dat
C:\WINDOWS\system32\ampvtaopip.exe
C:\WINDOWS\system32\ampvtaopip_nav.dat
C:\WINDOWS\system32\ampvtaopip_navps.dat
C:\WINDOWS\system32\arcqucipcl.dat
C:\WINDOWS\system32\arcqucipcl.exe
C:\WINDOWS\system32\arcqucipcl_nav.dat
C:\WINDOWS\system32\arcqucipcl_navps.dat
C:\WINDOWS\system32\arspxxyl.dll
C:\WINDOWS\system32\avinbiyw.dll
C:\WINDOWS\system32\avwgrrnk.dll
C:\WINDOWS\system32\awvvu.dll
C:\WINDOWS\system32\barlhmgs.ini
C:\WINDOWS\system32\bfmymusc.ini
C:\WINDOWS\system32\bgpxmahm.ini
C:\WINDOWS\system32\bgwrivtq.dll
C:\WINDOWS\system32\bhmectnf.dll
C:\WINDOWS\system32\binsdvi.dat
C:\WINDOWS\system32\binsdvi.exe
C:\WINDOWS\system32\binsdvi_nav.dat
C:\WINDOWS\system32\binsdvi_navps.dat
C:\WINDOWS\system32\bjvhilcy.dll
C:\WINDOWS\system32\blaftley.ini
C:\WINDOWS\system32\bmkuiaop.dll
C:\WINDOWS\system32\boihcyek.ini
C:\WINDOWS\system32\boxfegdj.dll
C:\WINDOWS\system32\brcflqva.dll
C:\WINDOWS\system32\brogqudx.dll
C:\WINDOWS\system32\brpatovk.ini
C:\WINDOWS\system32\bstnfxyt.dll
C:\WINDOWS\system32\bybwfgim.dll
C:\WINDOWS\system32\cciswxpr.dll
C:\WINDOWS\system32\cfhkj.bak1
C:\WINDOWS\system32\cfhkj.bak2
C:\WINDOWS\system32\cfhkj.ini
C:\WINDOWS\system32\cfhkj.ini2
C:\WINDOWS\system32\cfhkj.tmp
C:\WINDOWS\system32\cfoxdmkg.dll
C:\WINDOWS\system32\cgpvvcau.dll
C:\WINDOWS\system32\cippunyp.dll
C:\WINDOWS\system32\cjjlhnar.ini
C:\WINDOWS\system32\cobkibtr.ini
C:\WINDOWS\system32\cqvfemdj.dll
C:\WINDOWS\system32\csumymfb.dll
C:\WINDOWS\system32\cxoknfql.ini
C:\WINDOWS\system32\cyuvarcn.ini
C:\WINDOWS\system32\ddkxjsrm.ini
C:\WINDOWS\system32\deifmyrp.dll
C:\WINDOWS\system32\dfwuappg.dll
C:\WINDOWS\system32\diwwocsh.dll
C:\WINDOWS\system32\djibiuip.dll
C:\WINDOWS\system32\dlgqumsa.dll
C:\WINDOWS\system32\dotwpinv.dll
C:\WINDOWS\system32\dqgpatox.ini
C:\WINDOWS\system32\dvwijnbu.ini
C:\WINDOWS\system32\dxiihpjt.ini
C:\WINDOWS\system32\dxkggcts.dll
C:\WINDOWS\system32\egpffkqu.ini
C:\WINDOWS\system32\ehxaiitw.dll
C:\WINDOWS\system32\ejvcbfij.dll
C:\WINDOWS\system32\eljpntvr.dll
C:\WINDOWS\system32\emqqjpat.dll
C:\WINDOWS\system32\erwhgbux.ini
C:\WINDOWS\system32\esmhfigo.dat
C:\WINDOWS\system32\esmhfigo.exe
C:\WINDOWS\system32\esmhfigo_nav.dat
C:\WINDOWS\system32\esmhfigo_navps.dat
C:\WINDOWS\system32\esnewsfq.ini
C:\WINDOWS\system32\etkqbptg.dll
C:\WINDOWS\system32\evqlqhlk.ini
C:\WINDOWS\system32\evrhbhax.ini
C:\WINDOWS\system32\eyerpxrk.ini
C:\WINDOWS\system32\fdnarxry.ini
C:\WINDOWS\system32\ffbqrvwu.ini
C:\WINDOWS\system32\fgumvfvl.dll
C:\WINDOWS\system32\fkfjlt.dat
C:\WINDOWS\system32\fkfjlt.exe
C:\WINDOWS\system32\fkfjlt_nav.dat
C:\WINDOWS\system32\fkfjlt_navps.dat
C:\WINDOWS\system32\foccandt.ini
C:\WINDOWS\system32\fpvcbbsa.dll
C:\WINDOWS\system32\ftmioomu.dll
C:\WINDOWS\system32\fuemhobg.dll
C:\WINDOWS\system32\fuovmjbe.ini
C:\WINDOWS\system32\fyrkarmv.ini
C:\WINDOWS\system32\gapjncjq.dll
C:\WINDOWS\system32\gbarxmib.dll
C:\WINDOWS\system32\gcnflido.dll
C:\WINDOWS\system32\gdsuperk.dll
C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\geeribbl.ini
C:\WINDOWS\system32\geexogsj.dll
C:\WINDOWS\system32\ggthtsds.dll
C:\WINDOWS\system32\ghckjcgq.dll
C:\WINDOWS\system32\ghfyrgsi.dll
C:\WINDOWS\system32\gkmdxofc.ini
C:\WINDOWS\system32\gmvhdynl.ini
C:\WINDOWS\system32\gorfuhm.dat
C:\WINDOWS\system32\gorfuhm.exe
C:\WINDOWS\system32\gorfuhm_nav.dat
C:\WINDOWS\system32\gorfuhm_navps.dat
C:\WINDOWS\system32\gpdwoyqj.dll
C:\WINDOWS\system32\gppauwfd.ini
C:\WINDOWS\system32\gsrfaiuv.dll
C:\WINDOWS\system32\gthmbbwj.dll
C:\WINDOWS\system32\gtpbqkte.ini
C:\WINDOWS\system32\gwcrnihk.dll
C:\WINDOWS\system32\gwywhlsk.ini
C:\WINDOWS\system32\haabhmtb.dll
C:\WINDOWS\system32\hdbkwgod.dll
C:\WINDOWS\system32\hdvwvvfu.dll
C:\WINDOWS\system32\hdyejgwi.dll
C:\WINDOWS\system32\hgydlitu.ini
C:\WINDOWS\system32\hlniywds.dll
C:\WINDOWS\system32\hnntrdin.dll
C:\WINDOWS\system32\hocaxapk.dll
C:\WINDOWS\system32\hotxqdqap.dat
C:\WINDOWS\system32\hotxqdqap.exe
C:\WINDOWS\system32\hotxqdqap_nav.dat
C:\WINDOWS\system32\hotxqdqap_navps.dat
C:\WINDOWS\system32\hphkwtjx.ini
C:\WINDOWS\system32\hpjjgycq.ini
C:\WINDOWS\system32\hsbwucby.dll
C:\WINDOWS\system32\hseotxvh.ini
C:\WINDOWS\system32\htcwkwpa.dll
C:\WINDOWS\system32\hvpberff.ini
C:\WINDOWS\system32\hxbwrwhv.dll
C:\WINDOWS\system32\hyqnoykq.ini
C:\WINDOWS\system32\ihbtxxgj.dll
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ilqjvlcn.dll
C:\WINDOWS\system32\incexsph.dll
C:\WINDOWS\system32\invcogfw.ini
C:\WINDOWS\system32\iocpxlca.ini
C:\WINDOWS\system32\iqqrttyn.dll
C:\WINDOWS\system32\iqxwcjrg.ini
C:\WINDOWS\system32\irqlmoqw.ini
C:\WINDOWS\system32\isdrmhlf.dll
C:\WINDOWS\system32\isgryfhg.ini
C:\WINDOWS\system32\iuvbqvp.dat
C:\WINDOWS\system32\iuvbqvp.exe
C:\WINDOWS\system32\iuvbqvp_nav.dat
C:\WINDOWS\system32\iuvbqvp_navps.dat
C:\WINDOWS\system32\ivdonaty.dll
C:\WINDOWS\system32\ivjmulcv.ini
C:\WINDOWS\system32\ixpikihd.ini
C:\WINDOWS\system32\jatmvouo.ini
C:\WINDOWS\system32\jbxkhxfj.ini
C:\WINDOWS\system32\jfxhkxbj.dll
C:\WINDOWS\system32\jgcfmgcg.dll
C:\WINDOWS\system32\jgxxtbhi.ini
C:\WINDOWS\system32\jhfntlba.dll
C:\WINDOWS\system32\jhvfrjni.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkklj.dll
C:\WINDOWS\system32\jkrctosy.dll
C:\WINDOWS\system32\jlkkj.bak1
C:\WINDOWS\system32\jlkkj.bak2
C:\WINDOWS\system32\jlkkj.ini
C:\WINDOWS\system32\jnfldjtx.dll
C:\WINDOWS\system32\joocoggh.ini
C:\WINDOWS\system32\jpbovoxp.dll
C:\WINDOWS\system32\jqkgkdrp.dll
C:\WINDOWS\system32\jtycdyad.dll
C:\WINDOWS\system32\jynjvsbb.dll
C:\WINDOWS\system32\jypvdwqh.dll
C:\WINDOWS\system32\kgplkuvu.ini
C:\WINDOWS\system32\khywedoq.ini
C:\WINDOWS\system32\kibmhf.dat
c:\windows\system32\kibmhf.exe
c:\WINDOWS\system32\kibmhf_nav.dat
C:\WINDOWS\system32\kibmhf_navps.dat
C:\WINDOWS\system32\kjfvevto.ini
C:\WINDOWS\system32\klhqlqve.dll
C:\WINDOWS\system32\knqovrad.dll
C:\WINDOWS\system32\knrrgwva.ini
C:\WINDOWS\system32\knymejqw.dll
C:\WINDOWS\system32\koxogxnn.dll
C:\WINDOWS\system32\kpaxacoh.ini
C:\WINDOWS\system32\kqdelqyr.ini
C:\WINDOWS\system32\kqsvlurt.ini
C:\WINDOWS\system32\krepusdg.ini
C:\WINDOWS\system32\krpoxxrg.dll
C:\WINDOWS\system32\kuuwwmru.ini
C:\WINDOWS\system32\kvotaprb.dll
C:\WINDOWS\system32\kwbdbmfx.dll
C:\WINDOWS\system32\kwidnebw.ini
C:\WINDOWS\system32\kytrcgro.dll
C:\WINDOWS\system32\lbbireeg.dll
C:\WINDOWS\system32\lbcgpnx.dat
C:\WINDOWS\system32\lbcgpnx.exe
C:\WINDOWS\system32\lbcgpnx_nav.dat
C:\WINDOWS\system32\lbcgpnx_navps.dat
C:\WINDOWS\system32\lfnbmqfw.dll
C:\WINDOWS\system32\lklkqxxxmn.dat
C:\WINDOWS\system32\lklkqxxxmn.exe
C:\WINDOWS\system32\lklkqxxxmn_nav.dat
C:\WINDOWS\system32\lklkqxxxmn_navps.dat
C:\WINDOWS\system32\lkwduljy.dll
C:\WINDOWS\system32\lnabdpqb.ini
C:\WINDOWS\system32\lsfpgjtp.ini
C:\WINDOWS\system32\lslgvomb.ini
C:\WINDOWS\system32\lsudqujb.dll
C:\WINDOWS\system32\lvgnfxwe.dll
C:\WINDOWS\system32\lvjjhmws.dll
C:\WINDOWS\system32\mbrbfwcx.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdsjtkxfhp.dat
C:\WINDOWS\system32\mdsjtkxfhp.exe
C:\WINDOWS\system32\mdsjtkxfhp_nav.dat
C:\WINDOWS\system32\mdsjtkxfhp_navps.dat
C:\WINDOWS\system32\mhyutanp.dll
C:\WINDOWS\system32\mmabsdic.dll
C:\WINDOWS\system32\mqleupwq.dll
C:\WINDOWS\system32\mqvihsfm.ini
C:\WINDOWS\system32\msiixcee.ini
C:\WINDOWS\system32\mwkqlufx.ini
C:\WINDOWS\system32\mwqaoewv.ini
C:\WINDOWS\system32\nbwinbct.dll
C:\WINDOWS\system32\ncdkfjvr.dll
C:\WINDOWS\system32\nclvjqli.ini
C:\WINDOWS\system32\ncravuyc.dll
C:\WINDOWS\system32\nidrtnnh.ini
C:\WINDOWS\system32\nidrtnnh.tmp
C:\WINDOWS\system32\nmqaeusx.ini
C:\WINDOWS\system32\nnjtgxrq.ini
C:\WINDOWS\system32\nnxgoxok.ini
C:\WINDOWS\system32\nogognut.dll
C:\WINDOWS\system32\npgdcayx.ini
C:\WINDOWS\system32\npnjsvgc.ini
C:\WINDOWS\system32\nqcgcftu.dll
C:\WINDOWS\system32\nrfdxwxu.dll
C:\WINDOWS\system32\nrjsmbj.dat
C:\WINDOWS\system32\nrjsmbj.exe
C:\WINDOWS\system32\nrjsmbj_nav.dat
C:\WINDOWS\system32\nrjsmbj_navps.dat
C:\WINDOWS\system32\ntwvmaeh.dll
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\nwftxmeu.ini
C:\WINDOWS\system32\oaieqiby.ini
C:\WINDOWS\system32\oavbalmde.dat
C:\WINDOWS\system32\oavbalmde.exe
C:\WINDOWS\system32\oavbalmde_nav.dat
C:\WINDOWS\system32\oavbalmde_navps.dat
C:\WINDOWS\system32\obfmojs.dat
C:\WINDOWS\system32\obfmojs.exe
C:\WINDOWS\system32\obfmojs_nav.dat
C:\WINDOWS\system32\obfmojs_navps.dat
C:\WINDOWS\system32\oeumchax.dll
C:\WINDOWS\system32\okalqniq.dll
C:\WINDOWS\system32\okmrtiuk.dll
C:\WINDOWS\system32\okqihdcu.ini
C:\WINDOWS\system32\omxhfcfw.ini
C:\WINDOWS\system32\orgcrtyk.ini
C:\WINDOWS\system32\otvevfjk.dll
C:\WINDOWS\system32\oyrumfau.ini
C:\WINDOWS\system32\pcnfrumt.ini
C:\WINDOWS\system32\pedkuyrg.dll
C:\WINDOWS\system32\pefabopw.dll
C:\WINDOWS\system32\pflyakgr.ini
C:\WINDOWS\system32\pfrykecln.dat
C:\WINDOWS\system32\pfrykecln.exe
C:\WINDOWS\system32\pfrykecln_nav.dat
C:\WINDOWS\system32\pfrykecln_navps.dat
C:\WINDOWS\system32\pguxepln.dll
C:\WINDOWS\system32\phlheipf.dll
C:\WINDOWS\system32\pkffyngi.dll
C:\WINDOWS\system32\plxurvny.dll
C:\WINDOWS\system32\pntgmllq.dll
C:\WINDOWS\system32\prymfied.ini
C:\WINDOWS\system32\psegmuis.dll
C:\WINDOWS\system32\ptcmabnv.ini
C:\WINDOWS\system32\ptjgpfsl.dll
C:\WINDOWS\system32\pubkgatw.ini
C:\WINDOWS\system32\pwigjqcd.dll
C:\WINDOWS\system32\qjcaypxh.dat
C:\WINDOWS\system32\qjcaypxh.exe
C:\WINDOWS\system32\qjcaypxh_nav.dat
C:\WINDOWS\system32\qjcaypxh_navps.dat
C:\WINDOWS\system32\qlebwqdr.dll
C:\WINDOWS\system32\qodewyhk.dll
C:\WINDOWS\system32\qrujlqmx.dll
C:\WINDOWS\system32\qrxgtjnn.dll
C:\WINDOWS\system32\qwpuelqm.ini
C:\WINDOWS\system32\qwxuwwwc.dll
C:\WINDOWS\system32\rcvibvtr.dll
C:\WINDOWS\system32\rdygplul.ini
C:\WINDOWS\system32\rgkaylfp.dll
C:\WINDOWS\system32\rlwbwpxf.dll
C:\WINDOWS\system32\rmemthvo.dll
C:\WINDOWS\system32\rmyuueeikv.dat
C:\WINDOWS\system32\rmyuueeikv.exe
C:\WINDOWS\system32\rmyuueeikv_nav.dat
C:\WINDOWS\system32\rmyuueeikv_navps.dat
C:\WINDOWS\system32\rpmowiof.dll
C:\WINDOWS\system32\rpxwsicc.ini
C:\WINDOWS\system32\rrettnoy.dll
C:\WINDOWS\system32\rtraxsye.ini
C:\WINDOWS\system32\rvtnpjle.ini
C:\WINDOWS\system32\ryqledqk.dll
C:\WINDOWS\system32\rzfxpo.dat
C:\WINDOWS\system32\rzfxpo.exe
C:\WINDOWS\system32\rzfxpo_nav.dat
C:\WINDOWS\system32\rzfxpo_navps.dat
C:\WINDOWS\system32\scvpoo.dat
C:\WINDOWS\system32\scvpoo.exe
C:\WINDOWS\system32\scvpoo_nav.dat
C:\WINDOWS\system32\scvpoo_navps.dat
C:\WINDOWS\system32\sdmidxqt.dll
C:\WINDOWS\system32\sgetajnk.dll
C:\WINDOWS\system32\sgmhlrab.dll
C:\WINDOWS\system32\skidcmet.dll
C:\WINDOWS\system32\srtcmfnx.dll
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\ststv.bak2
C:\WINDOWS\system32\ststv.ini
C:\WINDOWS\system32\ststv.ini2
C:\WINDOWS\system32\ststv.tmp
C:\WINDOWS\system32\sxvmhbti.dll
C:\WINDOWS\system32\syijkwko.dll
C:\WINDOWS\system32\talbtpyu.dll
C:\WINDOWS\system32\tapjqqme.ini
C:\WINDOWS\system32\tcbniwbn.ini
C:\WINDOWS\system32\tdnaccof.dll
C:\WINDOWS\system32\tebsmiot.ini
C:\WINDOWS\system32\tebsmiot.tmp
C:\WINDOWS\system32\tjphiixd.dll
C:\WINDOWS\system32\tkqfwgfr.ini
C:\WINDOWS\system32\tlxsjrrw.ini
C:\WINDOWS\system32\toimsbet.dll
C:\WINDOWS\system32\towoeyuc.dll
C:\WINDOWS\system32\tungogon.ini
C:\WINDOWS\system32\tvthvmdj.dll
C:\WINDOWS\system32\txhbigp.dat
C:\WINDOWS\system32\txhbigp.exe
C:\WINDOWS\system32\txhbigp_nav.dat
C:\WINDOWS\system32\txhbigp_navps.dat
C:\WINDOWS\system32\uehqkyvm.ini
C:\WINDOWS\system32\uemxtfwn.dll
C:\WINDOWS\system32\ujisgdwc.dll
C:\WINDOWS\system32\ujnrolmg.dll
C:\WINDOWS\system32\uqkffpge.dll
C:\WINDOWS\system32\utfcgcqn.ini
C:\WINDOWS\system32\utfcgcqn.tmp
C:\WINDOWS\system32\utxomabv.dll
C:\WINDOWS\system32\uvvwa.bak1
C:\WINDOWS\system32\uvvwa.ini
C:\WINDOWS\system32\uwapgnmy.ini
C:\WINDOWS\system32\uwrlffjd.ini
C:\WINDOWS\system32\uwvrqbff.dll
C:\WINDOWS\system32\vbeiqlle.ini
C:\WINDOWS\system32\vdxxkckp.dll
C:\WINDOWS\system32\vfduqeei.dll
C:\WINDOWS\system32\vgauwtgx.dll
C:\WINDOWS\system32\vgtcgjje.ini
C:\WINDOWS\system32\vhfdyxry.dll
C:\WINDOWS\system32\vhwrwbxh.ini
C:\WINDOWS\system32\vjuhhldp.dll
C:\WINDOWS\system32\vknnqqng.ini
C:\WINDOWS\system32\vkutwypp.ini
C:\WINDOWS\system32\vpayeelq.dll
C:\WINDOWS\system32\vplssdgx.dll
C:\WINDOWS\system32\vrawfprh.dll
C:\WINDOWS\system32\vsvmfiwk.dll
C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\vuqjkbmn.ini
C:\WINDOWS\system32\vweoaqwm.dll
C:\WINDOWS\system32\wakvgxwj.ini
C:\WINDOWS\system32\wbendiwk.dll
C:\WINDOWS\system32\wfgocvni.dll
C:\WINDOWS\system32\whubyjtd.ini
C:\WINDOWS\system32\wlbhtlbv.dll
C:\WINDOWS\system32\woxbobbd.dll
C:\WINDOWS\system32\wqomlqri.dll
C:\WINDOWS\system32\wrkcxhdg.dll
C:\WINDOWS\system32\wrrjsxlt.dll
C:\WINDOWS\system32\wsrwfloy.dll
C:\WINDOWS\system32\wytuyhrw.dll
C:\WINDOWS\system32\xahbhrve.dll
C:\WINDOWS\system32\xfytahcv.dll
C:\WINDOWS\system32\xgdsslpv.ini
C:\WINDOWS\system32\xgtwuagv.ini
C:\WINDOWS\system32\xirdvgql.ini
C:\WINDOWS\system32\xkgkxieo.ini
C:\WINDOWS\system32\xubghwre.dll
C:\WINDOWS\system32\xumrerou.dll
C:\WINDOWS\system32\xyacdgpn.dll
C:\WINDOWS\system32\xybeg.bak1
C:\WINDOWS\system32\xybeg.bak2
C:\WINDOWS\system32\xybeg.ini
C:\WINDOWS\system32\xybeg.ini2
C:\WINDOWS\system32\xybeg.tmp
C:\WINDOWS\system32\ybcuwbsh.ini
C:\WINDOWS\system32\yeltfalb.dll
C:\WINDOWS\system32\yeycntil.ini
C:\WINDOWS\system32\yfqbxiug.ini
C:\WINDOWS\system32\yghrrojfb.dat
C:\WINDOWS\system32\yghrrojfb.exe
C:\WINDOWS\system32\yghrrojfb_nav.dat
C:\WINDOWS\system32\yghrrojfb_navps.dat
C:\WINDOWS\system32\yhgvnpyh.dll
C:\WINDOWS\system32\yholsnmw.ini
C:\WINDOWS\system32\ykwxnfso.dll
C:\WINDOWS\system32\ymgfofpa.dll
C:\WINDOWS\system32\ymngpawu.dll
C:\WINDOWS\system32\ynfxmqld.dll
C:\WINDOWS\system32\yontterr.ini
C:\WINDOWS\system32\yqkgucxm.dll
C:\WINDOWS\system32\ysotcrkj.ini
C:\WINDOWS\system32\ysxqgk.dat
C:\WINDOWS\system32\ysxqgk.exe
C:\WINDOWS\system32\ysxqgk_nav.dat
C:\WINDOWS\system32\ysxqgk_navps.dat
C:\WINDOWS\system32\ytpsymxg.ini
C:\WINDOWS\system32\yutjhfqn.dll
C:\WINDOWS\system32\yysdjhqh.dll
C:\WINDOWS\system32\zdilgh.dat
C:\WINDOWS\system32\zdilgh.exe
C:\WINDOWS\system32\zdilgh_nav.dat
C:\WINDOWS\system32\zdilgh_navps.dat
c:\WINDOWS\system32\zpkawf.dat
c:\windows\system32\zpkawf.exe
C:\WINDOWS\system32\zpkawf_nav.dat
C:\WINDOWS\system32\zpkawf_navps.dat
C:\WINDOWS\wmpenv.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NwSapAgent
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-08 to 2008-04-08 ))))))))))))))))))))))))))))))))))))
.
2008-04-08 15:43 . 2008-04-08 15:43 3,648 --a------ C:\WINDOWS\system32\synyfato.dll
2008-04-08 15:21 . 2008-04-08 15:21 3,648 --a------ C:\WINDOWS\system32\nkvuuunl.dll
2008-04-08 14:51 . 2008-04-08 14:51 <REP> d-------- C:\Program Files\Trend Micro
2008-04-07 19:09 . 2008-04-07 19:09 90,176 --a------ C:\WINDOWS\system32\iyncelyq.dll
2008-04-07 19:09 . 2008-04-07 19:09 85,056 --------- C:\WINDOWS\system32\bmovglsl.dll
2008-04-07 19:08 . 2008-04-07 19:08 88,128 --a------ C:\WINDOWS\system32\eydjftjx.dll
2008-04-07 18:42 . 2008-04-07 18:42 90,176 --a------ C:\WINDOWS\system32\sylatxim.dll
2008-04-07 18:42 . 2008-04-07 18:42 85,056 --a------ C:\WINDOWS\system32\krxpreye.dll
2008-04-07 18:41 . 2008-04-07 18:41 88,128 --a------ C:\WINDOWS\system32\nqyxcfms.dll
2008-04-07 18:33 . 2008-04-07 18:33 90,176 --a------ C:\WINDOWS\system32\apdmrsfb.dll
2008-04-07 18:33 . 2008-04-07 18:33 85,056 --------- C:\WINDOWS\system32\xsueaqmn.dll
2008-04-07 18:32 . 2008-04-07 18:33 88,128 --a------ C:\WINDOWS\system32\eymdgxav.dll
2008-04-07 18:27 . 2008-04-07 18:27 90,176 --a------ C:\WINDOWS\system32\axtnfqqs.dll
2008-04-07 18:27 . 2008-04-07 18:27 88,128 --a------ C:\WINDOWS\system32\vmoahemt.dll
2008-04-07 18:27 . 2008-04-07 18:27 85,056 --------- C:\WINDOWS\system32\eysxartr.dll
2008-04-07 17:53 . 2008-04-08 10:21 2,249,587 ---hs---- C:\WINDOWS\system32\amjhdhea.ini
2008-04-07 14:31 . 2008-04-07 14:31 90,176 --a------ C:\WINDOWS\system32\uowdqbyk.dll
2008-04-07 14:31 . 2008-04-07 14:31 88,128 --a------ C:\WINDOWS\system32\fjphtiha.dll
2008-04-07 14:31 . 2008-04-07 14:31 85,056 --------- C:\WINDOWS\system32\ppywtukv.dll
2008-04-07 13:26 . 2008-04-07 13:26 90,176 --a------ C:\WINDOWS\system32\ebaitcrw.dll
2008-04-07 13:25 . 2008-04-07 13:25 88,128 --a------ C:\WINDOWS\system32\kptnbmtc.dll
2008-04-07 13:25 . 2008-04-07 13:26 85,056 --------- C:\WINDOWS\system32\qkyonqyh.dll
2008-04-07 12:56 . 2008-04-07 12:56 90,176 --a------ C:\WINDOWS\system32\xvmtwxlo.dll
2008-04-07 12:56 . 2008-04-07 12:56 88,128 --a------ C:\WINDOWS\system32\jjchmfko.dll
2008-04-07 12:56 . 2008-04-07 12:56 85,056 --------- C:\WINDOWS\system32\ffrebpvh.dll
2008-04-07 11:49 . 2008-04-07 11:49 90,176 --a------ C:\WINDOWS\system32\sinlwaaj.dll
2008-04-07 11:49 . 2008-04-07 11:49 88,128 --a------ C:\WINDOWS\system32\odknjdsv.dll
2008-04-07 11:49 . 2008-04-07 11:49 85,056 --a------ C:\WINDOWS\system32\vnbamctp.dll
2008-04-07 11:31 . 2008-04-07 11:31 90,176 --a------ C:\WINDOWS\system32\dpytppmp.dll
2008-04-07 11:31 . 2008-04-07 11:31 88,128 --a------ C:\WINDOWS\system32\bwyevekv.dll
2008-04-07 11:31 . 2008-04-07 11:31 85,056 --------- C:\WINDOWS\system32\ouovmtaj.dll
2008-04-07 10:57 . 2008-04-07 10:57 90,176 --a------ C:\WINDOWS\system32\usujngor.dll
2008-04-07 10:57 . 2008-04-07 10:57 85,056 --------- C:\WINDOWS\system32\wfcfhxmo.dll
2008-04-07 10:56 . 2008-04-07 10:56 88,128 --a------ C:\WINDOWS\system32\frwvghew.dll
2008-04-07 10:42 . 2008-04-07 10:42 90,176 --a------ C:\WINDOWS\system32\xbbyjcic.dll
2008-04-07 10:42 . 2008-04-07 10:42 85,056 --a------ C:\WINDOWS\system32\pnnaabmh.dll
2008-04-07 10:42 . 2008-04-07 10:42 294 ---hs---- C:\WINDOWS\system32\hmbaannp.ini
2008-04-07 10:41 . 2008-04-07 10:41 88,128 --a------ C:\WINDOWS\system32\tctokugd.dll
2008-04-06 15:59 . 2008-04-06 15:59 89,664 --a------ C:\WINDOWS\system32\nogtffuu.dll
2008-04-06 15:59 . 2008-04-06 15:59 87,104 --a------ C:\WINDOWS\system32\gmsrdjsf.dll
2008-04-06 15:59 . 2008-04-06 15:59 85,056 --------- C:\WINDOWS\system32\jwxgvkaw.dll
2008-04-06 14:48 . 2008-04-06 14:57 230,424 --a------ C:\WINDOWS\[u]0/u0000000.STI
2008-04-06 11:37 . 2008-04-06 11:37 89,664 --a------ C:\WINDOWS\system32\otfgcknk.dll
2008-04-06 11:37 . 2008-04-06 11:37 85,056 --------- C:\WINDOWS\system32\hggocooj.dll
2008-04-06 11:36 . 2008-04-06 11:36 87,104 --a------ C:\WINDOWS\system32\tyvmpwrk.dll
2008-04-05 19:45 . 2008-04-05 19:45 89,664 --a------ C:\WINDOWS\system32\lvnfkhex.dll
2008-04-05 19:45 . 2008-04-05 19:45 87,104 --a------ C:\WINDOWS\system32\ddiehceq.dll
2008-04-05 19:45 . 2008-04-05 19:45 85,056 --------- C:\WINDOWS\system32\dhikipxi.dll
2008-04-05 19:36 . 2008-04-05 19:36 89,664 --a------ C:\WINDOWS\system32\oipjaqsw.dll
2008-04-05 19:36 . 2008-04-05 19:36 87,104 --a------ C:\WINDOWS\system32\nhocehgb.dll
2008-04-05 19:36 . 2008-04-05 19:36 85,056 --------- C:\WINDOWS\system32\bqpdbanl.dll
2008-04-05 19:21 . 2008-04-05 19:21 89,664 --a------ C:\WINDOWS\system32\keyecwcc.dll
2008-04-05 19:21 . 2008-04-05 19:21 87,104 --a------ C:\WINDOWS\system32\njsjvttp.dll
2008-04-05 19:21 . 2008-04-05 19:21 85,056 --a------ C:\WINDOWS\system32\ranhljjc.dll
2008-04-05 13:09 . 2008-04-07 17:53 2,255,697 ---hs---- C:\WINDOWS\system32\svfijrxi.ini
2008-04-04 20:25 . 2008-04-05 13:08 2,275,181 ---hs---- C:\WINDOWS\system32\pedxflhg.ini
2008-04-04 19:41 . 2008-04-04 20:23 1,966,990 ---hs---- C:\WINDOWS\system32\jdjujsbf.ini
2008-04-04 17:53 . 2008-04-04 17:53 90,688 --a------ C:\WINDOWS\system32\tqbnrfgv.dll
2008-04-04 17:53 . 2008-04-04 17:53 88,640 --a------ C:\WINDOWS\system32\warcayei.dll
2008-04-04 17:53 . 2008-04-04 17:53 85,056 --------- C:\WINDOWS\system32\xjtwkhph.dll
2008-04-03 16:52 . 2008-04-03 16:52 89,152 --a------ C:\WINDOWS\system32\anqqyfkr.dll
2008-04-03 16:52 . 2008-04-03 16:52 86,592 --------- C:\WINDOWS\system32\cgvsjnpn.dll
2008-04-03 16:51 . 2008-04-03 16:51 88,640 --a------ C:\WINDOWS\system32\goxlecqa.dll
2008-04-03 16:45 . 2008-04-03 16:45 88,640 --a------ C:\WINDOWS\system32\edrnnrlo.dll
2008-04-02 20:16 . 2008-04-04 19:40 1,969,443 ---hs---- C:\WINDOWS\system32\mlqtluqn.ini
2008-04-02 20:00 . 2008-04-02 20:00 91,712 --a------ C:\WINDOWS\system32\kdcejrgf.dll
2008-04-02 20:00 . 2008-04-02 20:00 88,128 --a------ C:\WINDOWS\system32\mlrwkhap.dll
2008-04-02 20:00 . 2008-04-02 20:00 83,520 --a------ C:\WINDOWS\system32\gnqqnnkv.dll
2008-04-02 11:40 . 2008-04-02 11:40 91,712 --a------ C:\WINDOWS\system32\wvylwlhl.dll
2008-04-02 11:40 . 2008-04-02 11:40 88,128 --a------ C:\WINDOWS\system32\qpggldnm.dll
2008-04-02 11:40 . 2008-04-02 11:40 83,520 --a------ C:\WINDOWS\system32\drdqkota.dll
2008-04-02 11:40 . 2008-04-02 11:40 294 ---hs---- C:\WINDOWS\system32\atokqdrd.ini
2008-04-01 20:24 . 2008-04-02 20:14 1,449,123 ---hs---- C:\WINDOWS\system32\ponrqjln.ini
2008-03-31 19:05 . 2008-03-31 19:05 91,712 --a------ C:\WINDOWS\system32\ehycwpqd.dll
2008-03-31 19:05 . 2008-03-31 19:05 85,568 --a------ C:\WINDOWS\system32\gjwljcrm.dll
2008-03-31 19:05 . 2008-04-02 11:42 354 ---hs---- C:\WINDOWS\system32\mrcjlwjg.ini
2008-03-31 17:54 . 2008-03-31 17:54 1,597,174 ---hs---- C:\WINDOWS\system32\csfxcaiu.ini
2008-03-31 17:54 . 2008-03-31 17:54 90,688 --a------ C:\WINDOWS\system32\hkoyogvd.dll
2008-03-31 17:54 . 2008-03-31 17:54 82,496 --a------ C:\WINDOWS\system32\uiacxfsc.dll
2008-03-31 17:09 . 2008-03-31 17:09 90,688 --a------ C:\WINDOWS\system32\camosqke.dll
2008-03-31 17:09 . 2008-03-31 17:09 82,496 --a------ C:\WINDOWS\system32\vvgkudrx.dll
2008-03-31 17:09 . 2008-03-31 17:09 294 ---hs---- C:\WINDOWS\system32\xrdukgvv.ini
2008-03-30 11:55 . 2008-03-30 11:55 1,583,637 ---hs---- C:\WINDOWS\system32\nkweclrd.ini
2008-03-30 11:55 . 2008-03-30 11:55 90,176 --a------ C:\WINDOWS\system32\ivvftdra.dll
2008-03-30 11:55 . 2008-03-30 11:55 88,128 --a------ C:\WINDOWS\system32\msmkyfgb.dll
2008-03-30 11:55 . 2008-03-30 11:55 87,104 --a------ C:\WINDOWS\system32\drlcewkn.dll
2008-03-29 19:56 . 2008-04-01 19:48 1,318,641 ---hs---- C:\WINDOWS\system32\otbognel.ini
2008-03-29 13:38 . 2008-03-29 14:17 1,512,886 ---hs---- C:\WINDOWS\system32\ousxgrbs.ini
2008-03-28 20:46 . 2008-03-28 20:46 1,583,637 ---hs---- C:\WINDOWS\system32\jptqgtqw.ini
2008-03-28 20:46 . 2008-03-28 20:46 90,688 --a------ C:\WINDOWS\system32\wohnnabp.dll
2008-03-28 20:46 . 2008-03-28 20:46 86,080 --------- C:\WINDOWS\system32\wqtgqtpj.dll
2008-03-28 20:45 . 2008-03-28 20:45 87,616 --a------ C:\WINDOWS\system32\wkioajnh.dll
2008-03-28 19:06 . 2008-03-29 16:28 1,583,757 ---hs---- C:\WINDOWS\system32\jkelsylj.ini
2008-03-28 19:06 . 2008-03-28 19:06 90,688 --a------ C:\WINDOWS\system32\qtrebrkb.dll
2008-03-28 19:06 . 2008-03-28 19:06 86,080 --a------ C:\WINDOWS\system32\jlyslekj.dll
2008-03-28 19:05 . 2008-03-28 19:05 87,616 --a------ C:\WINDOWS\system32\askhygpj.dll
2008-03-27 18:26 . 2008-03-27 18:26 1,583,267 ---hs---- C:\WINDOWS\system32\lnowfbgu.ini
2008-03-27 18:26 . 2008-03-27 18:26 92,224 --a------ C:\WINDOWS\system32\wuwfurof.dll
2008-03-27 18:26 . 2008-03-27 18:26 89,152 --------- C:\WINDOWS\system32\ugbfwonl.dll
2008-03-27 18:25 . 2008-03-27 18:25 93,248 --a------ C:\WINDOWS\system32\yndmnseu.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 14:38 --------- d-----w C:\Program Files\Wanadoo
2008-04-08 08:23 --------- d-----w C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\OpenOffice.org2
2008-03-15 12:21 --------- d-----w C:\Program Files\LimeWire
2008-02-29 16:33 --------- d-----w C:\Program Files\Windows Live
2008-02-24 12:42 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-23 16:35 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-23 16:25 --------- d-----w C:\Program Files\VCW VicMan's Photo Editor
2008-02-21 14:23 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-02-20 10:47 1,213 ----a-w C:\WINDOWS\Fonts\PIS-license.rtf
2008-02-19 19:07 --------- d-----w C:\Program Files\Easy Internet signup
2008-02-19 13:23 --------- d-----w C:\Program Files\edouard
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-26 19:40 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-24 13:39 8,055,060 ----a-w C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\aptmp.exe
2007-06-16 10:48 5,714 ----a-w C:\Program Files\ServerList.bin
2006-07-27 12:35 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-09-29 14:20 6,440 --sh--w C:\WINDOWS\system32\ghkmp.bak1
2007-09-24 15:55 6,440 --sh--w C:\WINDOWS\system32\hjjlm.bak1
2007-09-26 10:13 6,480 --sh--w C:\WINDOWS\system32\hjjlm.bak2
2007-09-22 15:48 6,440 --sh--w C:\WINDOWS\system32\yccdd.bak1
2007-09-22 16:33 6,480 --sh--w C:\WINDOWS\system32\yccdd.bak2
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50 122880]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-02-10 22:57 1404928]
"nwiz"="nwiz.exe" [2004-07-02 00:12 843776 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe" []
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 03:21 50176 C:\WINDOWS\ALCXMNTR.EXE]
"Lexmark X5100 Series"="C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [2002-12-03 19:30 86101]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"FSASWREG"="C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe" [2004-11-04 12:03 16451]
"F-Secure TNB"="C:\Program Files\Securitoo\TNB\TNBUtil.exe" [2005-01-25 17:13 684032]
"F-Secure Manager"="C:\Program Files\Securitoo\Av_Fw\Common\FSM32.exe" [2004-12-22 10:28 118832]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.exe" [2005-03-16 15:45 208896]
"News Service"="C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 14:21 372736]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccy]
C:\WINDOWS\system32\ddccy.dll 2007-09-22 17:48 282720 C:\WINDOWS\system32\ddccy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkhhf]
C:\WINDOWS\system32\jkhhf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjh]
C:\WINDOWS\system32\mljjh.dll 2007-09-24 17:54 283744 C:\WINDOWS\system32\mljjh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
C:\WINDOWS\system32\pmkhg.dll 2007-09-29 16:20 283232 C:\WINDOWS\system32\pmkhg.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-10-24 14:01]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 00:00]
R2 BackWeb Plug-in - 8520111;Securitoo Antivirus Firewall;C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE [2006-09-24 16:41]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2003-11-14 18:52]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSgk.sys [2008-03-26 20:51]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2003-02-06 14:32]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
S3 pfsvgae;pfsvgae;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\pfsvgae.sys []
S3 rcrusoe;rcrusoe;C:\DOCUME~1\ERIC~1.COM\LOCALS~1\Temp\rcrusoe.sys []
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys [2007-03-14 16:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0e29044-b3a7-11dc-aade-000b6b9a52a9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-02 17:50:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-08 08:18:11 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1.SYSTEM'Tƒche ajout‚e par F-Secure Anti-Virus.
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 16:37:24
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\SearchFilterHost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-08 16:44:39 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-08 14:44:32
Pre-Run: 91,052,482,560 octets libres
Post-Run: 91,919,032,320 octets libres
.
2008-03-16 08:52:16 --- E O F ---
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.501 [GMT 2:00]
Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\DriveCleaner Free
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\Compaq_Propriétaire\Application Data\DriveCleaner Free
C:\Documents and Settings\Compaq_Propriétaire\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\HbTools
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\HbTools\HbTools.log
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\defaultPack.cab
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\languages.xml
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Application Data\MessengerSkinner\Userdata\languages_v2.xml
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Menu Démarrer\Programmes\MessengerSkinner\Website.lnk
C:\Program Files\Fichiers communs\drivecleaner free
C:\Program Files\Fichiers communs\drivecleaner free\udcsdr.exe
C:\Program Files\VideoAccessCodec
C:\Program Files\VideoAccessCodec\install.ico
C:\Program Files\VideoAccessCodec\Uninstall.0xe
C:\Program Files\VideoAccessCodec\VideoAccessCodec.0cx
C:\WINDOWS\BM6b3eadef.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\main_uninstaller.exe
C:\WINDOWS\pack.epk
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aabqfhxs.ini
C:\WINDOWS\system32\abftenof.dll
C:\WINDOWS\system32\aclxpcoi.dll
C:\WINDOWS\system32\adtdstmy.ini
C:\WINDOWS\system32\aeksrrhd.ini
C:\WINDOWS\system32\afdnvepy.dll
C:\WINDOWS\system32\ampvtaopip.dat
C:\WINDOWS\system32\ampvtaopip.exe
C:\WINDOWS\system32\ampvtaopip_nav.dat
C:\WINDOWS\system32\ampvtaopip_navps.dat
C:\WINDOWS\system32\arcqucipcl.dat
C:\WINDOWS\system32\arcqucipcl.exe
C:\WINDOWS\system32\arcqucipcl_nav.dat
C:\WINDOWS\system32\arcqucipcl_navps.dat
C:\WINDOWS\system32\arspxxyl.dll
C:\WINDOWS\system32\avinbiyw.dll
C:\WINDOWS\system32\avwgrrnk.dll
C:\WINDOWS\system32\awvvu.dll
C:\WINDOWS\system32\barlhmgs.ini
C:\WINDOWS\system32\bfmymusc.ini
C:\WINDOWS\system32\bgpxmahm.ini
C:\WINDOWS\system32\bgwrivtq.dll
C:\WINDOWS\system32\bhmectnf.dll
C:\WINDOWS\system32\binsdvi.dat
C:\WINDOWS\system32\binsdvi.exe
C:\WINDOWS\system32\binsdvi_nav.dat
C:\WINDOWS\system32\binsdvi_navps.dat
C:\WINDOWS\system32\bjvhilcy.dll
C:\WINDOWS\system32\blaftley.ini
C:\WINDOWS\system32\bmkuiaop.dll
C:\WINDOWS\system32\boihcyek.ini
C:\WINDOWS\system32\boxfegdj.dll
C:\WINDOWS\system32\brcflqva.dll
C:\WINDOWS\system32\brogqudx.dll
C:\WINDOWS\system32\brpatovk.ini
C:\WINDOWS\system32\bstnfxyt.dll
C:\WINDOWS\system32\bybwfgim.dll
C:\WINDOWS\system32\cciswxpr.dll
C:\WINDOWS\system32\cfhkj.bak1
C:\WINDOWS\system32\cfhkj.bak2
C:\WINDOWS\system32\cfhkj.ini
C:\WINDOWS\system32\cfhkj.ini2
C:\WINDOWS\system32\cfhkj.tmp
C:\WINDOWS\system32\cfoxdmkg.dll
C:\WINDOWS\system32\cgpvvcau.dll
C:\WINDOWS\system32\cippunyp.dll
C:\WINDOWS\system32\cjjlhnar.ini
C:\WINDOWS\system32\cobkibtr.ini
C:\WINDOWS\system32\cqvfemdj.dll
C:\WINDOWS\system32\csumymfb.dll
C:\WINDOWS\system32\cxoknfql.ini
C:\WINDOWS\system32\cyuvarcn.ini
C:\WINDOWS\system32\ddkxjsrm.ini
C:\WINDOWS\system32\deifmyrp.dll
C:\WINDOWS\system32\dfwuappg.dll
C:\WINDOWS\system32\diwwocsh.dll
C:\WINDOWS\system32\djibiuip.dll
C:\WINDOWS\system32\dlgqumsa.dll
C:\WINDOWS\system32\dotwpinv.dll
C:\WINDOWS\system32\dqgpatox.ini
C:\WINDOWS\system32\dvwijnbu.ini
C:\WINDOWS\system32\dxiihpjt.ini
C:\WINDOWS\system32\dxkggcts.dll
C:\WINDOWS\system32\egpffkqu.ini
C:\WINDOWS\system32\ehxaiitw.dll
C:\WINDOWS\system32\ejvcbfij.dll
C:\WINDOWS\system32\eljpntvr.dll
C:\WINDOWS\system32\emqqjpat.dll
C:\WINDOWS\system32\erwhgbux.ini
C:\WINDOWS\system32\esmhfigo.dat
C:\WINDOWS\system32\esmhfigo.exe
C:\WINDOWS\system32\esmhfigo_nav.dat
C:\WINDOWS\system32\esmhfigo_navps.dat
C:\WINDOWS\system32\esnewsfq.ini
C:\WINDOWS\system32\etkqbptg.dll
C:\WINDOWS\system32\evqlqhlk.ini
C:\WINDOWS\system32\evrhbhax.ini
C:\WINDOWS\system32\eyerpxrk.ini
C:\WINDOWS\system32\fdnarxry.ini
C:\WINDOWS\system32\ffbqrvwu.ini
C:\WINDOWS\system32\fgumvfvl.dll
C:\WINDOWS\system32\fkfjlt.dat
C:\WINDOWS\system32\fkfjlt.exe
C:\WINDOWS\system32\fkfjlt_nav.dat
C:\WINDOWS\system32\fkfjlt_navps.dat
C:\WINDOWS\system32\foccandt.ini
C:\WINDOWS\system32\fpvcbbsa.dll
C:\WINDOWS\system32\ftmioomu.dll
C:\WINDOWS\system32\fuemhobg.dll
C:\WINDOWS\system32\fuovmjbe.ini
C:\WINDOWS\system32\fyrkarmv.ini
C:\WINDOWS\system32\gapjncjq.dll
C:\WINDOWS\system32\gbarxmib.dll
C:\WINDOWS\system32\gcnflido.dll
C:\WINDOWS\system32\gdsuperk.dll
C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\geeribbl.ini
C:\WINDOWS\system32\geexogsj.dll
C:\WINDOWS\system32\ggthtsds.dll
C:\WINDOWS\system32\ghckjcgq.dll
C:\WINDOWS\system32\ghfyrgsi.dll
C:\WINDOWS\system32\gkmdxofc.ini
C:\WINDOWS\system32\gmvhdynl.ini
C:\WINDOWS\system32\gorfuhm.dat
C:\WINDOWS\system32\gorfuhm.exe
C:\WINDOWS\system32\gorfuhm_nav.dat
C:\WINDOWS\system32\gorfuhm_navps.dat
C:\WINDOWS\system32\gpdwoyqj.dll
C:\WINDOWS\system32\gppauwfd.ini
C:\WINDOWS\system32\gsrfaiuv.dll
C:\WINDOWS\system32\gthmbbwj.dll
C:\WINDOWS\system32\gtpbqkte.ini
C:\WINDOWS\system32\gwcrnihk.dll
C:\WINDOWS\system32\gwywhlsk.ini
C:\WINDOWS\system32\haabhmtb.dll
C:\WINDOWS\system32\hdbkwgod.dll
C:\WINDOWS\system32\hdvwvvfu.dll
C:\WINDOWS\system32\hdyejgwi.dll
C:\WINDOWS\system32\hgydlitu.ini
C:\WINDOWS\system32\hlniywds.dll
C:\WINDOWS\system32\hnntrdin.dll
C:\WINDOWS\system32\hocaxapk.dll
C:\WINDOWS\system32\hotxqdqap.dat
C:\WINDOWS\system32\hotxqdqap.exe
C:\WINDOWS\system32\hotxqdqap_nav.dat
C:\WINDOWS\system32\hotxqdqap_navps.dat
C:\WINDOWS\system32\hphkwtjx.ini
C:\WINDOWS\system32\hpjjgycq.ini
C:\WINDOWS\system32\hsbwucby.dll
C:\WINDOWS\system32\hseotxvh.ini
C:\WINDOWS\system32\htcwkwpa.dll
C:\WINDOWS\system32\hvpberff.ini
C:\WINDOWS\system32\hxbwrwhv.dll
C:\WINDOWS\system32\hyqnoykq.ini
C:\WINDOWS\system32\ihbtxxgj.dll
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ilqjvlcn.dll
C:\WINDOWS\system32\incexsph.dll
C:\WINDOWS\system32\invcogfw.ini
C:\WINDOWS\system32\iocpxlca.ini
C:\WINDOWS\system32\iqqrttyn.dll
C:\WINDOWS\system32\iqxwcjrg.ini
C:\WINDOWS\system32\irqlmoqw.ini
C:\WINDOWS\system32\isdrmhlf.dll
C:\WINDOWS\system32\isgryfhg.ini
C:\WINDOWS\system32\iuvbqvp.dat
C:\WINDOWS\system32\iuvbqvp.exe
C:\WINDOWS\system32\iuvbqvp_nav.dat
C:\WINDOWS\system32\iuvbqvp_navps.dat
C:\WINDOWS\system32\ivdonaty.dll
C:\WINDOWS\system32\ivjmulcv.ini
C:\WINDOWS\system32\ixpikihd.ini
C:\WINDOWS\system32\jatmvouo.ini
C:\WINDOWS\system32\jbxkhxfj.ini
C:\WINDOWS\system32\jfxhkxbj.dll
C:\WINDOWS\system32\jgcfmgcg.dll
C:\WINDOWS\system32\jgxxtbhi.ini
C:\WINDOWS\system32\jhfntlba.dll
C:\WINDOWS\system32\jhvfrjni.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkklj.dll
C:\WINDOWS\system32\jkrctosy.dll
C:\WINDOWS\system32\jlkkj.bak1
C:\WINDOWS\system32\jlkkj.bak2
C:\WINDOWS\system32\jlkkj.ini
C:\WINDOWS\system32\jnfldjtx.dll
C:\WINDOWS\system32\joocoggh.ini
C:\WINDOWS\system32\jpbovoxp.dll
C:\WINDOWS\system32\jqkgkdrp.dll
C:\WINDOWS\system32\jtycdyad.dll
C:\WINDOWS\system32\jynjvsbb.dll
C:\WINDOWS\system32\jypvdwqh.dll
C:\WINDOWS\system32\kgplkuvu.ini
C:\WINDOWS\system32\khywedoq.ini
C:\WINDOWS\system32\kibmhf.dat
c:\windows\system32\kibmhf.exe
c:\WINDOWS\system32\kibmhf_nav.dat
C:\WINDOWS\system32\kibmhf_navps.dat
C:\WINDOWS\system32\kjfvevto.ini
C:\WINDOWS\system32\klhqlqve.dll
C:\WINDOWS\system32\knqovrad.dll
C:\WINDOWS\system32\knrrgwva.ini
C:\WINDOWS\system32\knymejqw.dll
C:\WINDOWS\system32\koxogxnn.dll
C:\WINDOWS\system32\kpaxacoh.ini
C:\WINDOWS\system32\kqdelqyr.ini
C:\WINDOWS\system32\kqsvlurt.ini
C:\WINDOWS\system32\krepusdg.ini
C:\WINDOWS\system32\krpoxxrg.dll
C:\WINDOWS\system32\kuuwwmru.ini
C:\WINDOWS\system32\kvotaprb.dll
C:\WINDOWS\system32\kwbdbmfx.dll
C:\WINDOWS\system32\kwidnebw.ini
C:\WINDOWS\system32\kytrcgro.dll
C:\WINDOWS\system32\lbbireeg.dll
C:\WINDOWS\system32\lbcgpnx.dat
C:\WINDOWS\system32\lbcgpnx.exe
C:\WINDOWS\system32\lbcgpnx_nav.dat
C:\WINDOWS\system32\lbcgpnx_navps.dat
C:\WINDOWS\system32\lfnbmqfw.dll
C:\WINDOWS\system32\lklkqxxxmn.dat
C:\WINDOWS\system32\lklkqxxxmn.exe
C:\WINDOWS\system32\lklkqxxxmn_nav.dat
C:\WINDOWS\system32\lklkqxxxmn_navps.dat
C:\WINDOWS\system32\lkwduljy.dll
C:\WINDOWS\system32\lnabdpqb.ini
C:\WINDOWS\system32\lsfpgjtp.ini
C:\WINDOWS\system32\lslgvomb.ini
C:\WINDOWS\system32\lsudqujb.dll
C:\WINDOWS\system32\lvgnfxwe.dll
C:\WINDOWS\system32\lvjjhmws.dll
C:\WINDOWS\system32\mbrbfwcx.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdsjtkxfhp.dat
C:\WINDOWS\system32\mdsjtkxfhp.exe
C:\WINDOWS\system32\mdsjtkxfhp_nav.dat
C:\WINDOWS\system32\mdsjtkxfhp_navps.dat
C:\WINDOWS\system32\mhyutanp.dll
C:\WINDOWS\system32\mmabsdic.dll
C:\WINDOWS\system32\mqleupwq.dll
C:\WINDOWS\system32\mqvihsfm.ini
C:\WINDOWS\system32\msiixcee.ini
C:\WINDOWS\system32\mwkqlufx.ini
C:\WINDOWS\system32\mwqaoewv.ini
C:\WINDOWS\system32\nbwinbct.dll
C:\WINDOWS\system32\ncdkfjvr.dll
C:\WINDOWS\system32\nclvjqli.ini
C:\WINDOWS\system32\ncravuyc.dll
C:\WINDOWS\system32\nidrtnnh.ini
C:\WINDOWS\system32\nidrtnnh.tmp
C:\WINDOWS\system32\nmqaeusx.ini
C:\WINDOWS\system32\nnjtgxrq.ini
C:\WINDOWS\system32\nnxgoxok.ini
C:\WINDOWS\system32\nogognut.dll
C:\WINDOWS\system32\npgdcayx.ini
C:\WINDOWS\system32\npnjsvgc.ini
C:\WINDOWS\system32\nqcgcftu.dll
C:\WINDOWS\system32\nrfdxwxu.dll
C:\WINDOWS\system32\nrjsmbj.dat
C:\WINDOWS\system32\nrjsmbj.exe
C:\WINDOWS\system32\nrjsmbj_nav.dat
C:\WINDOWS\system32\nrjsmbj_navps.dat
C:\WINDOWS\system32\ntwvmaeh.dll
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\nwftxmeu.ini
C:\WINDOWS\system32\oaieqiby.ini
C:\WINDOWS\system32\oavbalmde.dat
C:\WINDOWS\system32\oavbalmde.exe
C:\WINDOWS\system32\oavbalmde_nav.dat
C:\WINDOWS\system32\oavbalmde_navps.dat
C:\WINDOWS\system32\obfmojs.dat
C:\WINDOWS\system32\obfmojs.exe
C:\WINDOWS\system32\obfmojs_nav.dat
C:\WINDOWS\system32\obfmojs_navps.dat
C:\WINDOWS\system32\oeumchax.dll
C:\WINDOWS\system32\okalqniq.dll
C:\WINDOWS\system32\okmrtiuk.dll
C:\WINDOWS\system32\okqihdcu.ini
C:\WINDOWS\system32\omxhfcfw.ini
C:\WINDOWS\system32\orgcrtyk.ini
C:\WINDOWS\system32\otvevfjk.dll
C:\WINDOWS\system32\oyrumfau.ini
C:\WINDOWS\system32\pcnfrumt.ini
C:\WINDOWS\system32\pedkuyrg.dll
C:\WINDOWS\system32\pefabopw.dll
C:\WINDOWS\system32\pflyakgr.ini
C:\WINDOWS\system32\pfrykecln.dat
C:\WINDOWS\system32\pfrykecln.exe
C:\WINDOWS\system32\pfrykecln_nav.dat
C:\WINDOWS\system32\pfrykecln_navps.dat
C:\WINDOWS\system32\pguxepln.dll
C:\WINDOWS\system32\phlheipf.dll
C:\WINDOWS\system32\pkffyngi.dll
C:\WINDOWS\system32\plxurvny.dll
C:\WINDOWS\system32\pntgmllq.dll
C:\WINDOWS\system32\prymfied.ini
C:\WINDOWS\system32\psegmuis.dll
C:\WINDOWS\system32\ptcmabnv.ini
C:\WINDOWS\system32\ptjgpfsl.dll
C:\WINDOWS\system32\pubkgatw.ini
C:\WINDOWS\system32\pwigjqcd.dll
C:\WINDOWS\system32\qjcaypxh.dat
C:\WINDOWS\system32\qjcaypxh.exe
C:\WINDOWS\system32\qjcaypxh_nav.dat
C:\WINDOWS\system32\qjcaypxh_navps.dat
C:\WINDOWS\system32\qlebwqdr.dll
C:\WINDOWS\system32\qodewyhk.dll
C:\WINDOWS\system32\qrujlqmx.dll
C:\WINDOWS\system32\qrxgtjnn.dll
C:\WINDOWS\system32\qwpuelqm.ini
C:\WINDOWS\system32\qwxuwwwc.dll
C:\WINDOWS\system32\rcvibvtr.dll
C:\WINDOWS\system32\rdygplul.ini
C:\WINDOWS\system32\rgkaylfp.dll
C:\WINDOWS\system32\rlwbwpxf.dll
C:\WINDOWS\system32\rmemthvo.dll
C:\WINDOWS\system32\rmyuueeikv.dat
C:\WINDOWS\system32\rmyuueeikv.exe
C:\WINDOWS\system32\rmyuueeikv_nav.dat
C:\WINDOWS\system32\rmyuueeikv_navps.dat
C:\WINDOWS\system32\rpmowiof.dll
C:\WINDOWS\system32\rpxwsicc.ini
C:\WINDOWS\system32\rrettnoy.dll
C:\WINDOWS\system32\rtraxsye.ini
C:\WINDOWS\system32\rvtnpjle.ini
C:\WINDOWS\system32\ryqledqk.dll
C:\WINDOWS\system32\rzfxpo.dat
C:\WINDOWS\system32\rzfxpo.exe
C:\WINDOWS\system32\rzfxpo_nav.dat
C:\WINDOWS\system32\rzfxpo_navps.dat
C:\WINDOWS\system32\scvpoo.dat
C:\WINDOWS\system32\scvpoo.exe
C:\WINDOWS\system32\scvpoo_nav.dat
C:\WINDOWS\system32\scvpoo_navps.dat
C:\WINDOWS\system32\sdmidxqt.dll
C:\WINDOWS\system32\sgetajnk.dll
C:\WINDOWS\system32\sgmhlrab.dll
C:\WINDOWS\system32\skidcmet.dll
C:\WINDOWS\system32\srtcmfnx.dll
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\ststv.bak2
C:\WINDOWS\system32\ststv.ini
C:\WINDOWS\system32\ststv.ini2
C:\WINDOWS\system32\ststv.tmp
C:\WINDOWS\system32\sxvmhbti.dll
C:\WINDOWS\system32\syijkwko.dll
C:\WINDOWS\system32\talbtpyu.dll
C:\WINDOWS\system32\tapjqqme.ini
C:\WINDOWS\system32\tcbniwbn.ini
C:\WINDOWS\system32\tdnaccof.dll
C:\WINDOWS\system32\tebsmiot.ini
C:\WINDOWS\system32\tebsmiot.tmp
C:\WINDOWS\system32\tjphiixd.dll
C:\WINDOWS\system32\tkqfwgfr.ini
C:\WINDOWS\system32\tlxsjrrw.ini
C:\WINDOWS\system32\toimsbet.dll
C:\WINDOWS\system32\towoeyuc.dll
C:\WINDOWS\system32\tungogon.ini
C:\WINDOWS\system32\tvthvmdj.dll
C:\WINDOWS\system32\txhbigp.dat
C:\WINDOWS\system32\txhbigp.exe
C:\WINDOWS\system32\txhbigp_nav.dat
C:\WINDOWS\system32\txhbigp_navps.dat
C:\WINDOWS\system32\uehqkyvm.ini
C:\WINDOWS\system32\uemxtfwn.dll
C:\WINDOWS\system32\ujisgdwc.dll
C:\WINDOWS\system32\ujnrolmg.dll
C:\WINDOWS\system32\uqkffpge.dll
C:\WINDOWS\system32\utfcgcqn.ini
C:\WINDOWS\system32\utfcgcqn.tmp
C:\WINDOWS\system32\utxomabv.dll
C:\WINDOWS\system32\uvvwa.bak1
C:\WINDOWS\system32\uvvwa.ini
C:\WINDOWS\system32\uwapgnmy.ini
C:\WINDOWS\system32\uwrlffjd.ini
C:\WINDOWS\system32\uwvrqbff.dll
C:\WINDOWS\system32\vbeiqlle.ini
C:\WINDOWS\system32\vdxxkckp.dll
C:\WINDOWS\system32\vfduqeei.dll
C:\WINDOWS\system32\vgauwtgx.dll
C:\WINDOWS\system32\vgtcgjje.ini
C:\WINDOWS\system32\vhfdyxry.dll
C:\WINDOWS\system32\vhwrwbxh.ini
C:\WINDOWS\system32\vjuhhldp.dll
C:\WINDOWS\system32\vknnqqng.ini
C:\WINDOWS\system32\vkutwypp.ini
C:\WINDOWS\system32\vpayeelq.dll
C:\WINDOWS\system32\vplssdgx.dll
C:\WINDOWS\system32\vrawfprh.dll
C:\WINDOWS\system32\vsvmfiwk.dll
C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\vuqjkbmn.ini
C:\WINDOWS\system32\vweoaqwm.dll
C:\WINDOWS\system32\wakvgxwj.ini
C:\WINDOWS\system32\wbendiwk.dll
C:\WINDOWS\system32\wfgocvni.dll
C:\WINDOWS\system32\whubyjtd.ini
C:\WINDOWS\system32\wlbhtlbv.dll
C:\WINDOWS\system32\woxbobbd.dll
C:\WINDOWS\system32\wqomlqri.dll
C:\WINDOWS\system32\wrkcxhdg.dll
C:\WINDOWS\system32\wrrjsxlt.dll
C:\WINDOWS\system32\wsrwfloy.dll
C:\WINDOWS\system32\wytuyhrw.dll
C:\WINDOWS\system32\xahbhrve.dll
C:\WINDOWS\system32\xfytahcv.dll
C:\WINDOWS\system32\xgdsslpv.ini
C:\WINDOWS\system32\xgtwuagv.ini
C:\WINDOWS\system32\xirdvgql.ini
C:\WINDOWS\system32\xkgkxieo.ini
C:\WINDOWS\system32\xubghwre.dll
C:\WINDOWS\system32\xumrerou.dll
C:\WINDOWS\system32\xyacdgpn.dll
C:\WINDOWS\system32\xybeg.bak1
C:\WINDOWS\system32\xybeg.bak2
C:\WINDOWS\system32\xybeg.ini
C:\WINDOWS\system32\xybeg.ini2
C:\WINDOWS\system32\xybeg.tmp
C:\WINDOWS\system32\ybcuwbsh.ini
C:\WINDOWS\system32\yeltfalb.dll
C:\WINDOWS\system32\yeycntil.ini
C:\WINDOWS\system32\yfqbxiug.ini
C:\WINDOWS\system32\yghrrojfb.dat
C:\WINDOWS\system32\yghrrojfb.exe
C:\WINDOWS\system32\yghrrojfb_nav.dat
C:\WINDOWS\system32\yghrrojfb_navps.dat
C:\WINDOWS\system32\yhgvnpyh.dll
C:\WINDOWS\system32\yholsnmw.ini
C:\WINDOWS\system32\ykwxnfso.dll
C:\WINDOWS\system32\ymgfofpa.dll
C:\WINDOWS\system32\ymngpawu.dll
C:\WINDOWS\system32\ynfxmqld.dll
C:\WINDOWS\system32\yontterr.ini
C:\WINDOWS\system32\yqkgucxm.dll
C:\WINDOWS\system32\ysotcrkj.ini
C:\WINDOWS\system32\ysxqgk.dat
C:\WINDOWS\system32\ysxqgk.exe
C:\WINDOWS\system32\ysxqgk_nav.dat
C:\WINDOWS\system32\ysxqgk_navps.dat
C:\WINDOWS\system32\ytpsymxg.ini
C:\WINDOWS\system32\yutjhfqn.dll
C:\WINDOWS\system32\yysdjhqh.dll
C:\WINDOWS\system32\zdilgh.dat
C:\WINDOWS\system32\zdilgh.exe
C:\WINDOWS\system32\zdilgh_nav.dat
C:\WINDOWS\system32\zdilgh_navps.dat
c:\WINDOWS\system32\zpkawf.dat
c:\windows\system32\zpkawf.exe
C:\WINDOWS\system32\zpkawf_nav.dat
C:\WINDOWS\system32\zpkawf_navps.dat
C:\WINDOWS\wmpenv.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NwSapAgent
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-08 to 2008-04-08 ))))))))))))))))))))))))))))))))))))
.
2008-04-08 15:43 . 2008-04-08 15:43 3,648 --a------ C:\WINDOWS\system32\synyfato.dll
2008-04-08 15:21 . 2008-04-08 15:21 3,648 --a------ C:\WINDOWS\system32\nkvuuunl.dll
2008-04-08 14:51 . 2008-04-08 14:51 <REP> d-------- C:\Program Files\Trend Micro
2008-04-07 19:09 . 2008-04-07 19:09 90,176 --a------ C:\WINDOWS\system32\iyncelyq.dll
2008-04-07 19:09 . 2008-04-07 19:09 85,056 --------- C:\WINDOWS\system32\bmovglsl.dll
2008-04-07 19:08 . 2008-04-07 19:08 88,128 --a------ C:\WINDOWS\system32\eydjftjx.dll
2008-04-07 18:42 . 2008-04-07 18:42 90,176 --a------ C:\WINDOWS\system32\sylatxim.dll
2008-04-07 18:42 . 2008-04-07 18:42 85,056 --a------ C:\WINDOWS\system32\krxpreye.dll
2008-04-07 18:41 . 2008-04-07 18:41 88,128 --a------ C:\WINDOWS\system32\nqyxcfms.dll
2008-04-07 18:33 . 2008-04-07 18:33 90,176 --a------ C:\WINDOWS\system32\apdmrsfb.dll
2008-04-07 18:33 . 2008-04-07 18:33 85,056 --------- C:\WINDOWS\system32\xsueaqmn.dll
2008-04-07 18:32 . 2008-04-07 18:33 88,128 --a------ C:\WINDOWS\system32\eymdgxav.dll
2008-04-07 18:27 . 2008-04-07 18:27 90,176 --a------ C:\WINDOWS\system32\axtnfqqs.dll
2008-04-07 18:27 . 2008-04-07 18:27 88,128 --a------ C:\WINDOWS\system32\vmoahemt.dll
2008-04-07 18:27 . 2008-04-07 18:27 85,056 --------- C:\WINDOWS\system32\eysxartr.dll
2008-04-07 17:53 . 2008-04-08 10:21 2,249,587 ---hs---- C:\WINDOWS\system32\amjhdhea.ini
2008-04-07 14:31 . 2008-04-07 14:31 90,176 --a------ C:\WINDOWS\system32\uowdqbyk.dll
2008-04-07 14:31 . 2008-04-07 14:31 88,128 --a------ C:\WINDOWS\system32\fjphtiha.dll
2008-04-07 14:31 . 2008-04-07 14:31 85,056 --------- C:\WINDOWS\system32\ppywtukv.dll
2008-04-07 13:26 . 2008-04-07 13:26 90,176 --a------ C:\WINDOWS\system32\ebaitcrw.dll
2008-04-07 13:25 . 2008-04-07 13:25 88,128 --a------ C:\WINDOWS\system32\kptnbmtc.dll
2008-04-07 13:25 . 2008-04-07 13:26 85,056 --------- C:\WINDOWS\system32\qkyonqyh.dll
2008-04-07 12:56 . 2008-04-07 12:56 90,176 --a------ C:\WINDOWS\system32\xvmtwxlo.dll
2008-04-07 12:56 . 2008-04-07 12:56 88,128 --a------ C:\WINDOWS\system32\jjchmfko.dll
2008-04-07 12:56 . 2008-04-07 12:56 85,056 --------- C:\WINDOWS\system32\ffrebpvh.dll
2008-04-07 11:49 . 2008-04-07 11:49 90,176 --a------ C:\WINDOWS\system32\sinlwaaj.dll
2008-04-07 11:49 . 2008-04-07 11:49 88,128 --a------ C:\WINDOWS\system32\odknjdsv.dll
2008-04-07 11:49 . 2008-04-07 11:49 85,056 --a------ C:\WINDOWS\system32\vnbamctp.dll
2008-04-07 11:31 . 2008-04-07 11:31 90,176 --a------ C:\WINDOWS\system32\dpytppmp.dll
2008-04-07 11:31 . 2008-04-07 11:31 88,128 --a------ C:\WINDOWS\system32\bwyevekv.dll
2008-04-07 11:31 . 2008-04-07 11:31 85,056 --------- C:\WINDOWS\system32\ouovmtaj.dll
2008-04-07 10:57 . 2008-04-07 10:57 90,176 --a------ C:\WINDOWS\system32\usujngor.dll
2008-04-07 10:57 . 2008-04-07 10:57 85,056 --------- C:\WINDOWS\system32\wfcfhxmo.dll
2008-04-07 10:56 . 2008-04-07 10:56 88,128 --a------ C:\WINDOWS\system32\frwvghew.dll
2008-04-07 10:42 . 2008-04-07 10:42 90,176 --a------ C:\WINDOWS\system32\xbbyjcic.dll
2008-04-07 10:42 . 2008-04-07 10:42 85,056 --a------ C:\WINDOWS\system32\pnnaabmh.dll
2008-04-07 10:42 . 2008-04-07 10:42 294 ---hs---- C:\WINDOWS\system32\hmbaannp.ini
2008-04-07 10:41 . 2008-04-07 10:41 88,128 --a------ C:\WINDOWS\system32\tctokugd.dll
2008-04-06 15:59 . 2008-04-06 15:59 89,664 --a------ C:\WINDOWS\system32\nogtffuu.dll
2008-04-06 15:59 . 2008-04-06 15:59 87,104 --a------ C:\WINDOWS\system32\gmsrdjsf.dll
2008-04-06 15:59 . 2008-04-06 15:59 85,056 --------- C:\WINDOWS\system32\jwxgvkaw.dll
2008-04-06 14:48 . 2008-04-06 14:57 230,424 --a------ C:\WINDOWS\[u]0/u0000000.STI
2008-04-06 11:37 . 2008-04-06 11:37 89,664 --a------ C:\WINDOWS\system32\otfgcknk.dll
2008-04-06 11:37 . 2008-04-06 11:37 85,056 --------- C:\WINDOWS\system32\hggocooj.dll
2008-04-06 11:36 . 2008-04-06 11:36 87,104 --a------ C:\WINDOWS\system32\tyvmpwrk.dll
2008-04-05 19:45 . 2008-04-05 19:45 89,664 --a------ C:\WINDOWS\system32\lvnfkhex.dll
2008-04-05 19:45 . 2008-04-05 19:45 87,104 --a------ C:\WINDOWS\system32\ddiehceq.dll
2008-04-05 19:45 . 2008-04-05 19:45 85,056 --------- C:\WINDOWS\system32\dhikipxi.dll
2008-04-05 19:36 . 2008-04-05 19:36 89,664 --a------ C:\WINDOWS\system32\oipjaqsw.dll
2008-04-05 19:36 . 2008-04-05 19:36 87,104 --a------ C:\WINDOWS\system32\nhocehgb.dll
2008-04-05 19:36 . 2008-04-05 19:36 85,056 --------- C:\WINDOWS\system32\bqpdbanl.dll
2008-04-05 19:21 . 2008-04-05 19:21 89,664 --a------ C:\WINDOWS\system32\keyecwcc.dll
2008-04-05 19:21 . 2008-04-05 19:21 87,104 --a------ C:\WINDOWS\system32\njsjvttp.dll
2008-04-05 19:21 . 2008-04-05 19:21 85,056 --a------ C:\WINDOWS\system32\ranhljjc.dll
2008-04-05 13:09 . 2008-04-07 17:53 2,255,697 ---hs---- C:\WINDOWS\system32\svfijrxi.ini
2008-04-04 20:25 . 2008-04-05 13:08 2,275,181 ---hs---- C:\WINDOWS\system32\pedxflhg.ini
2008-04-04 19:41 . 2008-04-04 20:23 1,966,990 ---hs---- C:\WINDOWS\system32\jdjujsbf.ini
2008-04-04 17:53 . 2008-04-04 17:53 90,688 --a------ C:\WINDOWS\system32\tqbnrfgv.dll
2008-04-04 17:53 . 2008-04-04 17:53 88,640 --a------ C:\WINDOWS\system32\warcayei.dll
2008-04-04 17:53 . 2008-04-04 17:53 85,056 --------- C:\WINDOWS\system32\xjtwkhph.dll
2008-04-03 16:52 . 2008-04-03 16:52 89,152 --a------ C:\WINDOWS\system32\anqqyfkr.dll
2008-04-03 16:52 . 2008-04-03 16:52 86,592 --------- C:\WINDOWS\system32\cgvsjnpn.dll
2008-04-03 16:51 . 2008-04-03 16:51 88,640 --a------ C:\WINDOWS\system32\goxlecqa.dll
2008-04-03 16:45 . 2008-04-03 16:45 88,640 --a------ C:\WINDOWS\system32\edrnnrlo.dll
2008-04-02 20:16 . 2008-04-04 19:40 1,969,443 ---hs---- C:\WINDOWS\system32\mlqtluqn.ini
2008-04-02 20:00 . 2008-04-02 20:00 91,712 --a------ C:\WINDOWS\system32\kdcejrgf.dll
2008-04-02 20:00 . 2008-04-02 20:00 88,128 --a------ C:\WINDOWS\system32\mlrwkhap.dll
2008-04-02 20:00 . 2008-04-02 20:00 83,520 --a------ C:\WINDOWS\system32\gnqqnnkv.dll
2008-04-02 11:40 . 2008-04-02 11:40 91,712 --a------ C:\WINDOWS\system32\wvylwlhl.dll
2008-04-02 11:40 . 2008-04-02 11:40 88,128 --a------ C:\WINDOWS\system32\qpggldnm.dll
2008-04-02 11:40 . 2008-04-02 11:40 83,520 --a------ C:\WINDOWS\system32\drdqkota.dll
2008-04-02 11:40 . 2008-04-02 11:40 294 ---hs---- C:\WINDOWS\system32\atokqdrd.ini
2008-04-01 20:24 . 2008-04-02 20:14 1,449,123 ---hs---- C:\WINDOWS\system32\ponrqjln.ini
2008-03-31 19:05 . 2008-03-31 19:05 91,712 --a------ C:\WINDOWS\system32\ehycwpqd.dll
2008-03-31 19:05 . 2008-03-31 19:05 85,568 --a------ C:\WINDOWS\system32\gjwljcrm.dll
2008-03-31 19:05 . 2008-04-02 11:42 354 ---hs---- C:\WINDOWS\system32\mrcjlwjg.ini
2008-03-31 17:54 . 2008-03-31 17:54 1,597,174 ---hs---- C:\WINDOWS\system32\csfxcaiu.ini
2008-03-31 17:54 . 2008-03-31 17:54 90,688 --a------ C:\WINDOWS\system32\hkoyogvd.dll
2008-03-31 17:54 . 2008-03-31 17:54 82,496 --a------ C:\WINDOWS\system32\uiacxfsc.dll
2008-03-31 17:09 . 2008-03-31 17:09 90,688 --a------ C:\WINDOWS\system32\camosqke.dll
2008-03-31 17:09 . 2008-03-31 17:09 82,496 --a------ C:\WINDOWS\system32\vvgkudrx.dll
2008-03-31 17:09 . 2008-03-31 17:09 294 ---hs---- C:\WINDOWS\system32\xrdukgvv.ini
2008-03-30 11:55 . 2008-03-30 11:55 1,583,637 ---hs---- C:\WINDOWS\system32\nkweclrd.ini
2008-03-30 11:55 . 2008-03-30 11:55 90,176 --a------ C:\WINDOWS\system32\ivvftdra.dll
2008-03-30 11:55 . 2008-03-30 11:55 88,128 --a------ C:\WINDOWS\system32\msmkyfgb.dll
2008-03-30 11:55 . 2008-03-30 11:55 87,104 --a------ C:\WINDOWS\system32\drlcewkn.dll
2008-03-29 19:56 . 2008-04-01 19:48 1,318,641 ---hs---- C:\WINDOWS\system32\otbognel.ini
2008-03-29 13:38 . 2008-03-29 14:17 1,512,886 ---hs---- C:\WINDOWS\system32\ousxgrbs.ini
2008-03-28 20:46 . 2008-03-28 20:46 1,583,637 ---hs---- C:\WINDOWS\system32\jptqgtqw.ini
2008-03-28 20:46 . 2008-03-28 20:46 90,688 --a------ C:\WINDOWS\system32\wohnnabp.dll
2008-03-28 20:46 . 2008-03-28 20:46 86,080 --------- C:\WINDOWS\system32\wqtgqtpj.dll
2008-03-28 20:45 . 2008-03-28 20:45 87,616 --a------ C:\WINDOWS\system32\wkioajnh.dll
2008-03-28 19:06 . 2008-03-29 16:28 1,583,757 ---hs---- C:\WINDOWS\system32\jkelsylj.ini
2008-03-28 19:06 . 2008-03-28 19:06 90,688 --a------ C:\WINDOWS\system32\qtrebrkb.dll
2008-03-28 19:06 . 2008-03-28 19:06 86,080 --a------ C:\WINDOWS\system32\jlyslekj.dll
2008-03-28 19:05 . 2008-03-28 19:05 87,616 --a------ C:\WINDOWS\system32\askhygpj.dll
2008-03-27 18:26 . 2008-03-27 18:26 1,583,267 ---hs---- C:\WINDOWS\system32\lnowfbgu.ini
2008-03-27 18:26 . 2008-03-27 18:26 92,224 --a------ C:\WINDOWS\system32\wuwfurof.dll
2008-03-27 18:26 . 2008-03-27 18:26 89,152 --------- C:\WINDOWS\system32\ugbfwonl.dll
2008-03-27 18:25 . 2008-03-27 18:25 93,248 --a------ C:\WINDOWS\system32\yndmnseu.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 14:38 --------- d-----w C:\Program Files\Wanadoo
2008-04-08 08:23 --------- d-----w C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\OpenOffice.org2
2008-03-15 12:21 --------- d-----w C:\Program Files\LimeWire
2008-02-29 16:33 --------- d-----w C:\Program Files\Windows Live
2008-02-24 12:42 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-23 16:35 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-23 16:25 --------- d-----w C:\Program Files\VCW VicMan's Photo Editor
2008-02-21 14:23 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-02-20 10:47 1,213 ----a-w C:\WINDOWS\Fonts\PIS-license.rtf
2008-02-19 19:07 --------- d-----w C:\Program Files\Easy Internet signup
2008-02-19 13:23 --------- d-----w C:\Program Files\edouard
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-26 19:40 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-24 13:39 8,055,060 ----a-w C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\aptmp.exe
2007-06-16 10:48 5,714 ----a-w C:\Program Files\ServerList.bin
2006-07-27 12:35 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-09-29 14:20 6,440 --sh--w C:\WINDOWS\system32\ghkmp.bak1
2007-09-24 15:55 6,440 --sh--w C:\WINDOWS\system32\hjjlm.bak1
2007-09-26 10:13 6,480 --sh--w C:\WINDOWS\system32\hjjlm.bak2
2007-09-22 15:48 6,440 --sh--w C:\WINDOWS\system32\yccdd.bak1
2007-09-22 16:33 6,480 --sh--w C:\WINDOWS\system32\yccdd.bak2
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50 122880]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-02-10 22:57 1404928]
"nwiz"="nwiz.exe" [2004-07-02 00:12 843776 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe" []
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 03:21 50176 C:\WINDOWS\ALCXMNTR.EXE]
"Lexmark X5100 Series"="C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [2002-12-03 19:30 86101]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"FSASWREG"="C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe" [2004-11-04 12:03 16451]
"F-Secure TNB"="C:\Program Files\Securitoo\TNB\TNBUtil.exe" [2005-01-25 17:13 684032]
"F-Secure Manager"="C:\Program Files\Securitoo\Av_Fw\Common\FSM32.exe" [2004-12-22 10:28 118832]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.exe" [2005-03-16 15:45 208896]
"News Service"="C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 14:21 372736]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccy]
C:\WINDOWS\system32\ddccy.dll 2007-09-22 17:48 282720 C:\WINDOWS\system32\ddccy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkhhf]
C:\WINDOWS\system32\jkhhf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjh]
C:\WINDOWS\system32\mljjh.dll 2007-09-24 17:54 283744 C:\WINDOWS\system32\mljjh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
C:\WINDOWS\system32\pmkhg.dll 2007-09-29 16:20 283232 C:\WINDOWS\system32\pmkhg.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-10-24 14:01]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 00:00]
R2 BackWeb Plug-in - 8520111;Securitoo Antivirus Firewall;C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE [2006-09-24 16:41]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2003-11-14 18:52]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSgk.sys [2008-03-26 20:51]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2003-02-06 14:32]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
S3 pfsvgae;pfsvgae;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\pfsvgae.sys []
S3 rcrusoe;rcrusoe;C:\DOCUME~1\ERIC~1.COM\LOCALS~1\Temp\rcrusoe.sys []
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys [2007-03-14 16:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0e29044-b3a7-11dc-aade-000b6b9a52a9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-02 17:50:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-08 08:18:11 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1.SYSTEM'Tƒche ajout‚e par F-Secure Anti-Virus.
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 16:37:24
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\SearchFilterHost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-08 16:44:39 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-08 14:44:32
Pre-Run: 91,052,482,560 octets libres
Post-Run: 91,919,032,320 octets libres
.
2008-03-16 08:52:16 --- E O F ---
ok
passe ceci stp :
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis
@+
passe ceci stp :
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis
@+
[b]SDFix: Version 1.167 [/b]
Run by Compaq_Propri‚taire on 08/04/2008 at 18:13
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 18:20:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000073
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"="C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe:*:Enabled:Securitoo Antivirus Firewall"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\system32\\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd:*:Enabled:Age of Empires II Expansion"
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"="C:\\Sierra\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"="C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Disabled:pes6.exe"
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"="C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"="C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe:*:Enabled:hd2"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"="C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe:*:Enabled:W40k"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Disabled:Assistant Transfert de fichiers et de paramŠtres"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Disabled:Azureus"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Thu 27 Jul 2006 196 A.SHR --- "C:\BOOT.BAK"
Thu 5 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Fri 2 Nov 2007 6,219,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Tue 1 Mar 2005 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Sat 6 Oct 2007 6,760 ..SH. --- "C:\WINDOWS\system32\accdd.tmp"
Fri 9 Nov 2007 161,042 ..SH. --- "C:\WINDOWS\system32\ffhkj.tmp"
Sat 13 Oct 2007 158,743 ..SH. --- "C:\WINDOWS\system32\gfhkj.tmp"
Sat 29 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\ghkmp.bak1"
Mon 24 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\hjjlm.bak1"
Wed 26 Sep 2007 6,480 ..SH. --- "C:\WINDOWS\system32\hjjlm.bak2"
Sat 29 Sep 2007 6,692 ..SH. --- "C:\WINDOWS\system32\ijkmp.tmp"
Mon 15 Oct 2007 168,531 ..SH. --- "C:\WINDOWS\system32\jmllm.tmp"
Tue 15 Jan 2008 1,061,376 ..SH. --- "C:\WINDOWS\system32\kysptkwi.tmp"
Sat 20 Oct 2007 7,028 ..SH. --- "C:\WINDOWS\system32\ststv.tmp2"
Sat 24 Nov 2007 195,386 ..SH. --- "C:\WINDOWS\system32\ttstv.tmp"
Sat 22 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\yccdd.bak1"
Sat 22 Sep 2007 6,480 ..SH. --- "C:\WINDOWS\system32\yccdd.bak2"
Sat 19 Aug 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 29 Mar 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.key.bak"
Mon 29 Aug 2005 121,240 A..HR --- "C:\Program Files\THQ\Dawn Of War\Disk1CheckW40k.EXE"
Mon 3 Sep 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 30 Jan 2002 22,016 A..H. --- "C:\Program Files\KONAMI\Pro Evolution Soccer 6\dat\borlndmm.dll"
Wed 30 Jan 2002 620,544 A..H. --- "C:\Program Files\KONAMI\Pro Evolution Soccer 6\dat\stlpmt45.dll"
Sat 19 Aug 2006 4,348 ...H. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 20 Aug 2006 20 A..H. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sat 19 Aug 2006 488 A.SH. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Thu 28 Jun 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\download\BIT130.tmp"
[b]Finished![/b]
Run by Compaq_Propri‚taire on 08/04/2008 at 18:13
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 18:20:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000073
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"="C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe:*:Enabled:Securitoo Antivirus Firewall"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\system32\\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd:*:Enabled:Age of Empires II Expansion"
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"="C:\\Sierra\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"="C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Disabled:pes6.exe"
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"="C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"="C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe:*:Enabled:hd2"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"="C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe:*:Enabled:W40k"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Disabled:Assistant Transfert de fichiers et de paramŠtres"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Disabled:Azureus"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Thu 27 Jul 2006 196 A.SHR --- "C:\BOOT.BAK"
Thu 5 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Fri 2 Nov 2007 6,219,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Tue 1 Mar 2005 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Sat 6 Oct 2007 6,760 ..SH. --- "C:\WINDOWS\system32\accdd.tmp"
Fri 9 Nov 2007 161,042 ..SH. --- "C:\WINDOWS\system32\ffhkj.tmp"
Sat 13 Oct 2007 158,743 ..SH. --- "C:\WINDOWS\system32\gfhkj.tmp"
Sat 29 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\ghkmp.bak1"
Mon 24 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\hjjlm.bak1"
Wed 26 Sep 2007 6,480 ..SH. --- "C:\WINDOWS\system32\hjjlm.bak2"
Sat 29 Sep 2007 6,692 ..SH. --- "C:\WINDOWS\system32\ijkmp.tmp"
Mon 15 Oct 2007 168,531 ..SH. --- "C:\WINDOWS\system32\jmllm.tmp"
Tue 15 Jan 2008 1,061,376 ..SH. --- "C:\WINDOWS\system32\kysptkwi.tmp"
Sat 20 Oct 2007 7,028 ..SH. --- "C:\WINDOWS\system32\ststv.tmp2"
Sat 24 Nov 2007 195,386 ..SH. --- "C:\WINDOWS\system32\ttstv.tmp"
Sat 22 Sep 2007 6,440 ..SH. --- "C:\WINDOWS\system32\yccdd.bak1"
Sat 22 Sep 2007 6,480 ..SH. --- "C:\WINDOWS\system32\yccdd.bak2"
Sat 19 Aug 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 29 Mar 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.key.bak"
Mon 29 Aug 2005 121,240 A..HR --- "C:\Program Files\THQ\Dawn Of War\Disk1CheckW40k.EXE"
Mon 3 Sep 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 30 Jan 2002 22,016 A..H. --- "C:\Program Files\KONAMI\Pro Evolution Soccer 6\dat\borlndmm.dll"
Wed 30 Jan 2002 620,544 A..H. --- "C:\Program Files\KONAMI\Pro Evolution Soccer 6\dat\stlpmt45.dll"
Sat 19 Aug 2006 4,348 ...H. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 20 Aug 2006 20 A..H. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sat 19 Aug 2006 488 A.SH. --- "C:\Documents and Settings\ERIC.COMPAQ-FAMILLE\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Thu 28 Jun 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\download\BIT130.tmp"
[b]Finished![/b]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re,
ok
passe cet antispyware :
Fais un scan avec cet antispyware :
Telecharge malwarebytes + tutoriel :
-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
@+
ok
passe cet antispyware :
Fais un scan avec cet antispyware :
Telecharge malwarebytes + tutoriel :
-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
@+
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 600
Type de recherche: Examen complet (C:\|)
Eléments examinés: 23983
Temps écoulé: 8 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\aiojvsag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gasvjoia.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amskxumc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmuxksma.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aoonodox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xodonooa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aumtvwjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mjwvtmua.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgresafg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfasergb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhdpdset.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tesdpdhb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjnxphcf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fchpxnjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjskqvqm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqvqksjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccflqdvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svdqlfcc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chnjblra.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arlbjnhc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxkrqpie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eipqrkxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddccy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dividiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ayidivid.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drdqkota.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atokqdrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drlcewkn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nkweclrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxdbthwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vwhtbdxd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxiygqjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjqgyixd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edtyiicl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lciiytde.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enhxsocx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xcosxhne.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eqipftnm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mntfpiqe.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ervowfoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qofwovre.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eujffapo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opaffjue.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdqoask.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ksaoqdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdsdwrv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrwdsdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fevpfybv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbyfpvef.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffmaupgx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgpuamff.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\forsxvys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syvxsrof.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fqngmsxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wxsmgnqf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvdyauoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eouaydvf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fyxlodhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhdolxyf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjsnbho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohbnsjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjxrjtt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttjrxjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjwljcrm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mrcjlwjg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glowxmvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvmxwolg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnvmclgp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pglcmvng.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\heylmmgo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogmmlyeh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgnfgkan.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nakgfngh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgoultjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjtluogh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hktbanov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonabtkh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ibnmykoc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cokymnbi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icycmfsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psfmcyci.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\idibfuid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diufbidi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifnsivhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhvisnfi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihkcidcm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcdickhi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ijatfbvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvbftaji.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iksccgnh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hngccski.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imqugmvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvmguqmi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipqslpup.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\puplsqpi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iubbblot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tolbbbui.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwktpsyk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kysptkwi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jgpnbayc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cyabnpgj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jjitflkg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gklftijj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jlyslekj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkelsylj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jniplpyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iyplpinj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpaigyeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geygiapj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jwuiuvgv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vgvuiuwj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxhdkynf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fnykdhxj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kchxoeeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeeoxhck.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdibyxng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnxybidk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfplwiqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqiwlpfk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgfagctg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtcgafgk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kwctmrfk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfrmtcwk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldexnjmm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mmjnxedl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhfqkowl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwokqfhl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkiyvqps.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spqvyikl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwgpppcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncpppgwl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhwpodnk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kndopwhm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mkhxeqtp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptqexhkm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mljjh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mpbxbucg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gcubxbpm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nagcuxwf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fwxucgan.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfqtovrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrvotqfn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntxvdcnw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wncdvxtn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyslvjmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omjvlsyn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oancrrto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otrrcnao.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocgishud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\duhsigco.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojobwbid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dibwbojo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okbuhehg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghehubko.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olpveeck.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kceevplo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqppxrit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tirxppqo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pauutcnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tnctuuap.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcjqcljr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjlcqjcp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\peqyjuoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ooujyqep.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgkwlkft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tfklwkgp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkhg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkpdhcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rchdpkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pnnaabmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbaannp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pogffoqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqoffgop.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdflluba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abullfdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdrwpwhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chwpwrdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qenrajul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lujarneq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgkcqqln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlqqckgq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtusgywe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewygsutq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvovjwbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jbwjvovq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdumasov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vosamudr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\recjiwss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sswijcer.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rfshsncd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcnshsfr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmldanjs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjnadlmr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnamuopt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpoumanr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrrtqwjl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljwqtrrr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sivapslr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlspavis.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjbchgxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kxghcbjs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjeaneuf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuenaejs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\snkeilqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqliekns.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\solplhkb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bkhlplos.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thfbodxi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ixdobfht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thlgpurk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krupglht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trkujfvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvfjukrt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txfvlhgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cghlvfxt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufokubkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkbukofu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ugbfwonl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lnowfbgu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uiacxfsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csfxcaiu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujqdjlmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omljdqju.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulwjwhec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cehwjwlu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmiunqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vqnuimcv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vkhtcmve.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\evmcthkv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vpysktut.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tutksypv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvfpefey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yefepfvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvgkudrx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xrdukgvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waxsiyou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uoyisxaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whbbxtgy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ygtxbbhw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wmsswonn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnowssmw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnmuktst.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tstkumnw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnoiwrdp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdrwionw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqtgqtpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jptqgtqw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrkraagb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgaarkrw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wtpewjom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojweptw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xamovmvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovmvomax.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xetxgyqy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqygxtex.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgowydcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncdywogx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmwrddfx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xfddrwmx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnfssqjd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djqssfnx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xokthlna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anlhtkox.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yabdgdiq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qidgdbay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ydtlylxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vxlyltdy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yugbyeyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyeybguy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
Version de la base de données: 600
Type de recherche: Examen complet (C:\|)
Eléments examinés: 23983
Temps écoulé: 8 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\aiojvsag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gasvjoia.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amskxumc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmuxksma.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aoonodox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xodonooa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aumtvwjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mjwvtmua.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgresafg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfasergb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhdpdset.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tesdpdhb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjnxphcf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fchpxnjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjskqvqm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqvqksjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccflqdvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svdqlfcc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chnjblra.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arlbjnhc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxkrqpie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eipqrkxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddccy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dividiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ayidivid.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drdqkota.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atokqdrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drlcewkn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nkweclrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxdbthwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vwhtbdxd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxiygqjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjqgyixd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edtyiicl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lciiytde.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enhxsocx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xcosxhne.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eqipftnm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mntfpiqe.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ervowfoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qofwovre.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eujffapo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opaffjue.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdqoask.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ksaoqdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdsdwrv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrwdsdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fevpfybv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbyfpvef.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffmaupgx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgpuamff.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\forsxvys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syvxsrof.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fqngmsxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wxsmgnqf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvdyauoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eouaydvf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fyxlodhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhdolxyf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjsnbho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohbnsjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjxrjtt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttjrxjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjwljcrm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mrcjlwjg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glowxmvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvmxwolg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnvmclgp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pglcmvng.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\heylmmgo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogmmlyeh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgnfgkan.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nakgfngh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgoultjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjtluogh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hktbanov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonabtkh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ibnmykoc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cokymnbi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icycmfsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psfmcyci.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\idibfuid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diufbidi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifnsivhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhvisnfi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihkcidcm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcdickhi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ijatfbvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvbftaji.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iksccgnh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hngccski.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imqugmvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvmguqmi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipqslpup.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\puplsqpi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iubbblot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tolbbbui.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwktpsyk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kysptkwi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jgpnbayc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cyabnpgj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jjitflkg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gklftijj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jlyslekj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkelsylj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jniplpyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iyplpinj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpaigyeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geygiapj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jwuiuvgv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vgvuiuwj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxhdkynf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fnykdhxj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kchxoeeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeeoxhck.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdibyxng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnxybidk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfplwiqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqiwlpfk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgfagctg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtcgafgk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kwctmrfk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfrmtcwk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldexnjmm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mmjnxedl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhfqkowl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwokqfhl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkiyvqps.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spqvyikl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwgpppcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncpppgwl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhwpodnk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kndopwhm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mkhxeqtp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptqexhkm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mljjh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mpbxbucg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gcubxbpm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nagcuxwf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fwxucgan.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfqtovrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrvotqfn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntxvdcnw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wncdvxtn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyslvjmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omjvlsyn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oancrrto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otrrcnao.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocgishud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\duhsigco.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojobwbid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dibwbojo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okbuhehg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghehubko.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olpveeck.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kceevplo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqppxrit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tirxppqo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pauutcnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tnctuuap.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcjqcljr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjlcqjcp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\peqyjuoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ooujyqep.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgkwlkft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tfklwkgp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkhg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkpdhcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rchdpkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pnnaabmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbaannp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pogffoqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqoffgop.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdflluba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abullfdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdrwpwhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chwpwrdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qenrajul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lujarneq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgkcqqln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlqqckgq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtusgywe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewygsutq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvovjwbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jbwjvovq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdumasov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vosamudr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\recjiwss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sswijcer.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rfshsncd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcnshsfr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmldanjs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjnadlmr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnamuopt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpoumanr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrrtqwjl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljwqtrrr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sivapslr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlspavis.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjbchgxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kxghcbjs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjeaneuf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuenaejs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\snkeilqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqliekns.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\solplhkb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bkhlplos.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thfbodxi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ixdobfht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thlgpurk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krupglht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trkujfvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvfjukrt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txfvlhgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cghlvfxt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufokubkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkbukofu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ugbfwonl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lnowfbgu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uiacxfsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csfxcaiu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujqdjlmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omljdqju.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulwjwhec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cehwjwlu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmiunqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vqnuimcv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vkhtcmve.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\evmcthkv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vpysktut.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tutksypv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvfpefey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yefepfvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvgkudrx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xrdukgvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waxsiyou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uoyisxaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whbbxtgy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ygtxbbhw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wmsswonn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnowssmw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnmuktst.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tstkumnw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnoiwrdp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdrwionw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqtgqtpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jptqgtqw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrkraagb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgaarkrw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wtpewjom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojweptw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xamovmvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovmvomax.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xetxgyqy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqygxtex.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgowydcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncdywogx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmwrddfx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xfddrwmx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnfssqjd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djqssfnx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xokthlna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anlhtkox.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yabdgdiq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qidgdbay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ydtlylxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vxlyltdy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yugbyeyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyeybguy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 600
Type de recherche: Examen complet (C:\|)
Eléments examinés: 23983
Temps écoulé: 8 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\aiojvsag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gasvjoia.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amskxumc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmuxksma.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aoonodox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xodonooa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aumtvwjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mjwvtmua.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgresafg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfasergb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhdpdset.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tesdpdhb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjnxphcf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fchpxnjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjskqvqm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqvqksjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccflqdvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svdqlfcc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chnjblra.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arlbjnhc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxkrqpie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eipqrkxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddccy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dividiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ayidivid.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drdqkota.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atokqdrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drlcewkn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nkweclrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxdbthwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vwhtbdxd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxiygqjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjqgyixd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edtyiicl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lciiytde.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enhxsocx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xcosxhne.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eqipftnm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mntfpiqe.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ervowfoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qofwovre.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eujffapo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opaffjue.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdqoask.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ksaoqdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdsdwrv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrwdsdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fevpfybv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbyfpvef.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffmaupgx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgpuamff.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\forsxvys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syvxsrof.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fqngmsxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wxsmgnqf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvdyauoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eouaydvf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fyxlodhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhdolxyf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjsnbho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohbnsjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjxrjtt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttjrxjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjwljcrm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mrcjlwjg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glowxmvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvmxwolg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnvmclgp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pglcmvng.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\heylmmgo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogmmlyeh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgnfgkan.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nakgfngh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgoultjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjtluogh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hktbanov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonabtkh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ibnmykoc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cokymnbi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icycmfsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psfmcyci.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\idibfuid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diufbidi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifnsivhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhvisnfi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihkcidcm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcdickhi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ijatfbvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvbftaji.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iksccgnh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hngccski.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imqugmvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvmguqmi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipqslpup.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\puplsqpi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iubbblot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tolbbbui.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwktpsyk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kysptkwi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jgpnbayc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cyabnpgj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jjitflkg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gklftijj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jlyslekj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkelsylj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jniplpyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iyplpinj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpaigyeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geygiapj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jwuiuvgv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vgvuiuwj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxhdkynf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fnykdhxj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kchxoeeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeeoxhck.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdibyxng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnxybidk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfplwiqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqiwlpfk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgfagctg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtcgafgk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kwctmrfk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfrmtcwk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldexnjmm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mmjnxedl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhfqkowl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwokqfhl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkiyvqps.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spqvyikl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwgpppcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncpppgwl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhwpodnk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kndopwhm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mkhxeqtp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptqexhkm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mljjh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mpbxbucg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gcubxbpm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nagcuxwf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fwxucgan.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfqtovrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrvotqfn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntxvdcnw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wncdvxtn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyslvjmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omjvlsyn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oancrrto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otrrcnao.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocgishud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\duhsigco.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojobwbid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dibwbojo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okbuhehg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghehubko.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olpveeck.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kceevplo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqppxrit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tirxppqo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pauutcnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tnctuuap.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcjqcljr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjlcqjcp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\peqyjuoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ooujyqep.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgkwlkft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tfklwkgp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkhg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkpdhcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rchdpkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pnnaabmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbaannp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pogffoqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqoffgop.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdflluba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abullfdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdrwpwhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chwpwrdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qenrajul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lujarneq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgkcqqln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlqqckgq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtusgywe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewygsutq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvovjwbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jbwjvovq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdumasov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vosamudr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\recjiwss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sswijcer.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rfshsncd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcnshsfr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmldanjs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjnadlmr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnamuopt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpoumanr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrrtqwjl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljwqtrrr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sivapslr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlspavis.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjbchgxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kxghcbjs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjeaneuf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuenaejs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\snkeilqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqliekns.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\solplhkb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bkhlplos.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thfbodxi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ixdobfht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thlgpurk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krupglht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trkujfvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvfjukrt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txfvlhgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cghlvfxt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufokubkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkbukofu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ugbfwonl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lnowfbgu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uiacxfsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csfxcaiu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujqdjlmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omljdqju.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulwjwhec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cehwjwlu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmiunqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vqnuimcv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vkhtcmve.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\evmcthkv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vpysktut.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tutksypv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvfpefey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yefepfvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvgkudrx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xrdukgvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waxsiyou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uoyisxaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whbbxtgy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ygtxbbhw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wmsswonn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnowssmw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnmuktst.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tstkumnw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnoiwrdp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdrwionw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqtgqtpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jptqgtqw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrkraagb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgaarkrw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wtpewjom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojweptw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xamovmvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovmvomax.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xetxgyqy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqygxtex.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgowydcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncdywogx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmwrddfx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xfddrwmx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnfssqjd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djqssfnx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xokthlna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anlhtkox.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yabdgdiq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qidgdbay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ydtlylxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vxlyltdy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yugbyeyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyeybguy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
Version de la base de données: 600
Type de recherche: Examen complet (C:\|)
Eléments examinés: 23983
Temps écoulé: 8 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 277
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\aiojvsag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gasvjoia.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amskxumc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmuxksma.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aoonodox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xodonooa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aumtvwjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mjwvtmua.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgresafg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfasergb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhdpdset.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tesdpdhb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjnxphcf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fchpxnjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bjskqvqm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqvqksjb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccflqdvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svdqlfcc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chnjblra.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arlbjnhc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxkrqpie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eipqrkxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddccy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yccdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dividiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ayidivid.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drdqkota.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atokqdrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drlcewkn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nkweclrd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxdbthwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vwhtbdxd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dxiygqjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjqgyixd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edtyiicl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lciiytde.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enhxsocx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xcosxhne.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eqipftnm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mntfpiqe.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ervowfoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qofwovre.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eujffapo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opaffjue.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdqoask.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ksaoqdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbdsdwrv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrwdsdbf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fevpfybv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbyfpvef.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffmaupgx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgpuamff.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\forsxvys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syvxsrof.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fqngmsxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wxsmgnqf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvdyauoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eouaydvf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fyxlodhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhdolxyf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjsnbho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohbnsjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggjxrjtt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttjrxjgg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjwljcrm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mrcjlwjg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\glowxmvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvmxwolg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnvmclgp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pglcmvng.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\heylmmgo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogmmlyeh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgnfgkan.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nakgfngh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgoultjx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjtluogh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hktbanov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonabtkh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ibnmykoc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cokymnbi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icycmfsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psfmcyci.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\idibfuid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diufbidi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifnsivhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhvisnfi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihkcidcm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcdickhi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ijatfbvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvbftaji.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iksccgnh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hngccski.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imqugmvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fvmguqmi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipqslpup.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\puplsqpi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iubbblot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tolbbbui.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwktpsyk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kysptkwi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jgpnbayc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cyabnpgj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jjitflkg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gklftijj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jlyslekj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkelsylj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jniplpyi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iyplpinj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpaigyeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geygiapj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jwuiuvgv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vgvuiuwj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxhdkynf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fnykdhxj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kchxoeeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeeoxhck.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdibyxng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnxybidk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfplwiqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqiwlpfk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgfagctg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gtcgafgk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kwctmrfk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kfrmtcwk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldexnjmm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mmjnxedl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhfqkowl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwokqfhl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkiyvqps.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spqvyikl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwgpppcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncpppgwl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhwpodnk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kndopwhm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mkhxeqtp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptqexhkm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mljjh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.bak2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjjlm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mpbxbucg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gcubxbpm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nagcuxwf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fwxucgan.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfqtovrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrvotqfn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntxvdcnw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wncdvxtn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyslvjmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omjvlsyn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oancrrto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otrrcnao.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocgishud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\duhsigco.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojobwbid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dibwbojo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okbuhehg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghehubko.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olpveeck.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kceevplo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqppxrit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tirxppqo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pauutcnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tnctuuap.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcjqcljr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjlcqjcp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\peqyjuoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ooujyqep.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgkwlkft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tfklwkgp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkhg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.bak1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ghkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmkpdhcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rchdpkmp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pnnaabmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbaannp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pogffoqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqoffgop.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdflluba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abullfdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qdrwpwhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chwpwrdq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qenrajul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lujarneq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qgkcqqln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nlqqckgq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtusgywe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewygsutq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvovjwbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jbwjvovq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdumasov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vosamudr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\recjiwss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sswijcer.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rfshsncd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcnshsfr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmldanjs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjnadlmr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rnamuopt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpoumanr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrrtqwjl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljwqtrrr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sivapslr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlspavis.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjbchgxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kxghcbjs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjeaneuf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fuenaejs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\snkeilqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqliekns.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\solplhkb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bkhlplos.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thfbodxi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ixdobfht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thlgpurk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krupglht.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trkujfvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvfjukrt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txfvlhgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cghlvfxt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufokubkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkbukofu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ugbfwonl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lnowfbgu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uiacxfsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csfxcaiu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujqdjlmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omljdqju.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulwjwhec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cehwjwlu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmiunqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vqnuimcv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vkhtcmve.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\evmcthkv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vpysktut.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tutksypv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvfpefey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yefepfvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvgkudrx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xrdukgvv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waxsiyou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uoyisxaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\whbbxtgy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ygtxbbhw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wmsswonn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnowssmw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnmuktst.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tstkumnw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnoiwrdp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdrwionw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wqtgqtpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jptqgtqw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrkraagb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgaarkrw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wtpewjom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojweptw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xamovmvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovmvomax.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xetxgyqy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqygxtex.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgowydcn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncdywogx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmwrddfx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xfddrwmx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnfssqjd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djqssfnx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xokthlna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anlhtkox.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yabdgdiq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qidgdbay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ydtlylxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vxlyltdy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yugbyeyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyeybguy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
ok il a bien fais le menage ;-)
repost un nouveau rapport combofix stp
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
+ un nouveau rapport hijack this stp
@+
repost un nouveau rapport combofix stp
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
+ un nouveau rapport hijack this stp
@+
ComboFix 08-04-07.5 - Compaq_Propriétaire 2008-04-09 15:21:43.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.590 [GMT 2:00]
Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
.
TimedOut: progfile.dat
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\err.log
C:\WINDOWS\system32\__c0010DF6.dat
C:\WINDOWS\system32\__c0013D0A.dat
C:\WINDOWS\system32\__c0022AD2.dat
C:\WINDOWS\system32\__c0029BDE.dat
C:\WINDOWS\system32\__c003367A.dat
C:\WINDOWS\system32\__c0035CE.dat
C:\WINDOWS\system32\__c0039B60.dat
C:\WINDOWS\system32\__c00417EE.dat
C:\WINDOWS\system32\__c0043BEC.dat
C:\WINDOWS\system32\__c0045851.dat
C:\WINDOWS\system32\__c0053240.dat
C:\WINDOWS\system32\__c00570AA.dat
C:\WINDOWS\system32\__c0057624.dat
C:\WINDOWS\system32\__c005A9B0.dat
C:\WINDOWS\system32\__c006317C.dat
C:\WINDOWS\system32\__c006A808.dat
C:\WINDOWS\system32\__c006E03F.dat
C:\WINDOWS\system32\__c0078A8A.dat
C:\WINDOWS\system32\__c007E53C.dat
C:\WINDOWS\system32\__c0080624.dat
C:\WINDOWS\system32\__c0085538.dat
C:\WINDOWS\system32\__c008A6BB.dat
C:\WINDOWS\system32\__c008DF7D.dat
C:\WINDOWS\system32\__c009231C.dat
C:\WINDOWS\system32\__c009D2E2.dat
C:\WINDOWS\system32\__c00AA84C.dat
C:\WINDOWS\system32\__c00C42A4.dat
C:\WINDOWS\system32\__c00C873E.dat
C:\WINDOWS\system32\__c00CAC16.dat
C:\WINDOWS\system32\__c00DB032.dat
C:\WINDOWS\system32\__c00EAD0C.dat
C:\WINDOWS\system32\__c00EBDF6.dat
C:\WINDOWS\system32\__c00ECC4F.dat
C:\WINDOWS\system32\__c00EF506.dat
C:\WINDOWS\system32\__c00F42D6.dat
C:\WINDOWS\system32\__c00F7E6C.dat
C:\WINDOWS\system32\__c00FF69.dat
C:\WINDOWS\system32\ehdcugsy.dll
C:\WINDOWS\system32\fmnlylbn.dll
C:\WINDOWS\system32\frrslahn.dll
C:\WINDOWS\system32\hfstmptm.dll
C:\WINDOWS\system32\hnajhpxy.dll
C:\WINDOWS\system32\netwbix32.dll
C:\WINDOWS\system32\purjctvk.dll
C:\WINDOWS\system32\qdxjkenm.dll
C:\WINDOWS\system32\roletunu.dll
C:\WINDOWS\system32\xhdjdcvl.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-09 to 2008-04-09 ))))))))))))))))))))))))))))))))))))
.
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-08 18:08 . 2008-04-08 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-08 17:16 . 2008-04-08 18:27 <REP> d-------- C:\SDFix
2008-04-08 15:43 . 2008-04-08 15:43 3,648 --a------ C:\WINDOWS\system32\synyfato.dll
2008-04-08 15:21 . 2008-04-08 15:21 3,648 --a------ C:\WINDOWS\system32\nkvuuunl.dll
2008-04-08 14:51 . 2008-04-08 14:51 <REP> d-------- C:\Program Files\Trend Micro
2008-04-07 19:09 . 2008-04-07 19:09 85,056 --------- C:\WINDOWS\system32\bmovglsl.dll
2008-04-07 19:08 . 2008-04-07 19:08 88,128 --a------ C:\WINDOWS\system32\eydjftjx.dll
2008-04-07 18:42 . 2008-04-07 18:42 90,176 --a------ C:\WINDOWS\system32\sylatxim.dll
2008-04-07 18:33 . 2008-04-07 18:33 90,176 --a------ C:\WINDOWS\system32\apdmrsfb.dll
2008-04-07 18:33 . 2008-04-07 18:33 85,056 --------- C:\WINDOWS\system32\xsueaqmn.dll
2008-04-07 18:32 . 2008-04-07 18:33 88,128 --a------ C:\WINDOWS\system32\eymdgxav.dll
2008-04-07 18:27 . 2008-04-07 18:27 90,176 --a------ C:\WINDOWS\system32\axtnfqqs.dll
2008-04-07 18:27 . 2008-04-07 18:27 88,128 --a------ C:\WINDOWS\system32\vmoahemt.dll
2008-04-07 18:27 . 2008-04-07 18:27 85,056 --------- C:\WINDOWS\system32\eysxartr.dll
2008-04-07 17:53 . 2008-04-08 10:21 2,249,587 ---hs---- C:\WINDOWS\system32\amjhdhea.ini
2008-04-07 14:31 . 2008-04-07 14:31 90,176 --a------ C:\WINDOWS\system32\uowdqbyk.dll
2008-04-07 14:31 . 2008-04-07 14:31 88,128 --a------ C:\WINDOWS\system32\fjphtiha.dll
2008-04-07 14:31 . 2008-04-07 14:31 85,056 --------- C:\WINDOWS\system32\ppywtukv.dll
2008-04-07 13:26 . 2008-04-07 13:26 90,176 --a------ C:\WINDOWS\system32\ebaitcrw.dll
2008-04-07 13:25 . 2008-04-07 13:25 88,128 --a------ C:\WINDOWS\system32\kptnbmtc.dll
2008-04-07 13:25 . 2008-04-07 13:26 85,056 --------- C:\WINDOWS\system32\qkyonqyh.dll
2008-04-07 12:56 . 2008-04-07 12:56 90,176 --a------ C:\WINDOWS\system32\xvmtwxlo.dll
2008-04-07 12:56 . 2008-04-07 12:56 88,128 --a------ C:\WINDOWS\system32\jjchmfko.dll
2008-04-07 12:56 . 2008-04-07 12:56 85,056 --------- C:\WINDOWS\system32\ffrebpvh.dll
2008-04-07 11:49 . 2008-04-07 11:49 90,176 --a------ C:\WINDOWS\system32\sinlwaaj.dll
2008-04-07 11:49 . 2008-04-07 11:49 88,128 --a------ C:\WINDOWS\system32\odknjdsv.dll
2008-04-07 11:49 . 2008-04-07 11:49 85,056 --a------ C:\WINDOWS\system32\vnbamctp.dll
2008-04-07 11:31 . 2008-04-07 11:31 90,176 --a------ C:\WINDOWS\system32\dpytppmp.dll
2008-04-07 11:31 . 2008-04-07 11:31 88,128 --a------ C:\WINDOWS\system32\bwyevekv.dll
2008-04-07 11:31 . 2008-04-07 11:31 85,056 --------- C:\WINDOWS\system32\ouovmtaj.dll
2008-04-07 10:57 . 2008-04-07 10:57 90,176 --a------ C:\WINDOWS\system32\usujngor.dll
2008-04-07 10:57 . 2008-04-07 10:57 85,056 --------- C:\WINDOWS\system32\wfcfhxmo.dll
2008-04-07 10:56 . 2008-04-07 10:56 88,128 --a------ C:\WINDOWS\system32\frwvghew.dll
2008-04-07 10:42 . 2008-04-07 10:42 90,176 --a------ C:\WINDOWS\system32\xbbyjcic.dll
2008-04-07 10:41 . 2008-04-07 10:41 88,128 --a------ C:\WINDOWS\system32\tctokugd.dll
2008-04-06 15:59 . 2008-04-06 15:59 89,664 --a------ C:\WINDOWS\system32\nogtffuu.dll
2008-04-06 15:59 . 2008-04-06 15:59 87,104 --a------ C:\WINDOWS\system32\gmsrdjsf.dll
2008-04-06 15:59 . 2008-04-06 15:59 85,056 --------- C:\WINDOWS\system32\jwxgvkaw.dll
2008-04-06 14:48 . 2008-04-06 14:57 230,424 --a------ C:\WINDOWS\[u]0/u0000000.STI
2008-04-06 11:37 . 2008-04-06 11:37 89,664 --a------ C:\WINDOWS\system32\otfgcknk.dll
2008-04-06 11:37 . 2008-04-06 11:37 85,056 --------- C:\WINDOWS\system32\hggocooj.dll
2008-04-06 11:36 . 2008-04-06 11:36 87,104 --a------ C:\WINDOWS\system32\tyvmpwrk.dll
2008-04-05 19:45 . 2008-04-05 19:45 89,664 --a------ C:\WINDOWS\system32\lvnfkhex.dll
2008-04-05 19:45 . 2008-04-05 19:45 87,104 --a------ C:\WINDOWS\system32\ddiehceq.dll
2008-04-05 19:45 . 2008-04-05 19:45 85,056 --------- C:\WINDOWS\system32\dhikipxi.dll
2008-04-05 19:36 . 2008-04-05 19:36 89,664 --a------ C:\WINDOWS\system32\oipjaqsw.dll
2008-04-05 19:36 . 2008-04-05 19:36 87,104 --a------ C:\WINDOWS\system32\nhocehgb.dll
2008-04-05 19:36 . 2008-04-05 19:36 85,056 --------- C:\WINDOWS\system32\bqpdbanl.dll
2008-04-05 19:21 . 2008-04-05 19:21 89,664 --a------ C:\WINDOWS\system32\keyecwcc.dll
2008-04-05 19:21 . 2008-04-05 19:21 87,104 --a------ C:\WINDOWS\system32\njsjvttp.dll
2008-04-05 19:21 . 2008-04-05 19:21 85,056 --a------ C:\WINDOWS\system32\ranhljjc.dll
2008-04-05 13:09 . 2008-04-07 17:53 2,255,697 ---hs---- C:\WINDOWS\system32\svfijrxi.ini
2008-04-04 20:25 . 2008-04-05 13:08 2,275,181 ---hs---- C:\WINDOWS\system32\pedxflhg.ini
2008-04-04 19:41 . 2008-04-04 20:23 1,966,990 ---hs---- C:\WINDOWS\system32\jdjujsbf.ini
2008-04-04 17:53 . 2008-04-04 17:53 90,688 --a------ C:\WINDOWS\system32\tqbnrfgv.dll
2008-04-04 17:53 . 2008-04-04 17:53 88,640 --a------ C:\WINDOWS\system32\warcayei.dll
2008-04-04 17:53 . 2008-04-04 17:53 85,056 --------- C:\WINDOWS\system32\xjtwkhph.dll
2008-04-03 16:52 . 2008-04-03 16:52 89,152 --a------ C:\WINDOWS\system32\anqqyfkr.dll
2008-04-03 16:52 . 2008-04-03 16:52 86,592 --------- C:\WINDOWS\system32\cgvsjnpn.dll
2008-04-03 16:51 . 2008-04-03 16:51 88,640 --a------ C:\WINDOWS\system32\goxlecqa.dll
2008-04-03 16:45 . 2008-04-03 16:45 88,640 --a------ C:\WINDOWS\system32\edrnnrlo.dll
2008-04-02 20:16 . 2008-04-04 19:40 1,969,443 ---hs---- C:\WINDOWS\system32\mlqtluqn.ini
2008-04-02 20:00 . 2008-04-02 20:00 91,712 --a------ C:\WINDOWS\system32\kdcejrgf.dll
2008-04-02 20:00 . 2008-04-02 20:00 88,128 --a------ C:\WINDOWS\system32\mlrwkhap.dll
2008-04-02 20:00 . 2008-04-02 20:00 83,520 --a------ C:\WINDOWS\system32\gnqqnnkv.dll
2008-04-02 11:40 . 2008-04-02 11:40 91,712 --a------ C:\WINDOWS\system32\wvylwlhl.dll
2008-04-02 11:40 . 2008-04-02 11:40 88,128 --a------ C:\WINDOWS\system32\qpggldnm.dll
2008-04-01 20:24 . 2008-04-02 20:14 1,449,123 ---hs---- C:\WINDOWS\system32\ponrqjln.ini
2008-03-31 19:05 . 2008-03-31 19:05 91,712 --a------ C:\WINDOWS\system32\ehycwpqd.dll
2008-03-31 17:54 . 2008-03-31 17:54 90,688 --a------ C:\WINDOWS\system32\hkoyogvd.dll
2008-03-31 17:09 . 2008-03-31 17:09 90,688 --a------ C:\WINDOWS\system32\camosqke.dll
2008-03-30 11:55 . 2008-03-30 11:55 90,176 --a------ C:\WINDOWS\system32\ivvftdra.dll
2008-03-30 11:55 . 2008-03-30 11:55 88,128 --a------ C:\WINDOWS\system32\msmkyfgb.dll
2008-03-29 19:56 . 2008-04-01 19:48 1,318,641 ---hs---- C:\WINDOWS\system32\otbognel.ini
2008-03-29 13:38 . 2008-03-29 14:17 1,512,886 ---hs---- C:\WINDOWS\system32\ousxgrbs.ini
2008-03-28 20:46 . 2008-03-28 20:46 90,688 --a------ C:\WINDOWS\system32\wohnnabp.dll
2008-03-28 20:45 . 2008-03-28 20:45 87,616 --a------ C:\WINDOWS\system32\wkioajnh.dll
2008-03-28 19:06 . 2008-03-28 19:06 90,688 --a------ C:\WINDOWS\system32\qtrebrkb.dll
2008-03-28 19:05 . 2008-03-28 19:05 87,616 --a------ C:\WINDOWS\system32\askhygpj.dll
2008-03-27 18:26 . 2008-03-27 18:26 92,224 --a------ C:\WINDOWS\system32\wuwfurof.dll
2008-03-27 18:25 . 2008-03-27 18:25 93,248 --a------ C:\WINDOWS\system32\yndmnseu.dll
2008-03-26 20:42 . 2008-03-26 20:42 92,736 --a------ C:\WINDOWS\system32\flivygjf.dll
2008-03-26 20:42 . 2008-03-26 20:42 90,688 --a------ C:\WINDOWS\system32\rnhebxeu.dll
2008-03-26 00:41 . 2008-03-26 00:41 94,272 --a------ C:\WINDOWS\system32\fwmbnbss.dll
2008-03-26 00:41 . 2008-03-26 00:41 90,688 --a------ C:\WINDOWS\system32\jblfuovh.dll
2008-03-25 21:00 . 2008-03-25 21:00 94,272 --a------ C:\WINDOWS\system32\pfoldjso.dll
2008-03-25 21:00 . 2008-03-25 21:00 90,688 --a------ C:\WINDOWS\system32\phbwwihn.dll
2008-03-25 18:26 . 2008-03-25 18:26 94,272 --a------ C:\WINDOWS\system32\yerqnjye.dll
2008-03-25 18:26 . 2008-03-25 18:26 90,688 --a------ C:\WINDOWS\system32\yhciqcxk.dll
2008-03-24 21:41 . 2008-03-29 13:34 1,930,827 ---hs---- C:\WINDOWS\system32\aafnwfmi.ini
2008-03-24 18:23 . 2008-03-24 21:37 1,635,114 ---hs---- C:\WINDOWS\system32\tcwjobby.ini
2008-03-24 16:19 . 2008-03-24 18:23 1,550,720 ---hs---- C:\WINDOWS\system32\yuctxgkn.ini
2008-03-24 15:36 . 2008-03-24 16:15 1,549,562 ---hs---- C:\WINDOWS\system32\uvhxjrid.ini
2008-03-24 13:45 . 2008-03-24 13:45 93,248 --a------ C:\WINDOWS\system32\tqroeyrw.dll
2008-03-24 13:45 . 2008-03-24 13:45 91,200 --a------ C:\WINDOWS\system32\objctjeg.dll
2008-03-24 12:05 . 2008-03-24 12:05 93,248 --a------ C:\WINDOWS\system32\jheisnvu.dll
2008-03-24 12:05 . 2008-03-24 12:05 91,200 --a------ C:\WINDOWS\system32\idjxvuwg.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-09 13:19 --------- d-----w C:\Program Files\Wanadoo
2008-04-09 13:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-04-09 13:07 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-04-08 08:23 --------- d-----w C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\OpenOffice.org2
2008-04-05 11:25 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-15 12:21 --------- d-----w C:\Program Files\LimeWire
2008-03-08 20:16 92,224 ----a-w C:\WINDOWS\system32\ybqsgijx.dll
2008-03-08 17:21 92,224 ----a-w C:\WINDOWS\system32\qcxssqmj.dll
2008-03-08 17:21 88,640 ----a-w C:\WINDOWS\system32\mejjhxec.dll
2008-03-08 14:21 92,224 ----a-w C:\WINDOWS\system32\sqyptruc.dll
2008-03-08 14:21 88,640 ----a-w C:\WINDOWS\system32\jjydiplo.dll
2008-03-08 11:38 92,224 ----a-w C:\WINDOWS\system32\pkueurxf.dll
2008-03-08 11:38 88,640 ----a-w C:\WINDOWS\system32\onrrhvoo.dll
2008-03-08 10:28 92,224 ----a-w C:\WINDOWS\system32\vmhpdsew.dll
2008-03-08 10:27 88,640 ----a-w C:\WINDOWS\system32\ltwtowdw.dll
2008-03-06 17:24 96,320 ----a-w C:\WINDOWS\system32\olcdjied.dll
2008-03-06 17:24 92,736 ----a-w C:\WINDOWS\system32\qsujnkcq.dll
2008-03-05 19:08 96,832 ----a-w C:\WINDOWS\system32\klirgdsj.dll
2008-03-05 19:07 91,712 ----a-w C:\WINDOWS\system32\ogqtcslc.dll
2008-03-05 11:04 94,784 ----a-w C:\WINDOWS\system32\lpfooawl.dll
2008-03-05 11:03 91,712 ----a-w C:\WINDOWS\system32\dygwefyd.dll
2008-03-05 10:43 94,784 ----a-w C:\WINDOWS\system32\gdnbqrof.dll
2008-03-05 10:42 91,712 ----a-w C:\WINDOWS\system32\vfwchipo.dll
2008-03-04 18:43 96,832 ----a-w C:\WINDOWS\system32\kmqiyohw.dll
2008-03-04 18:43 91,712 ----a-w C:\WINDOWS\system32\hlbpydcy.dll
2008-03-04 16:55 97,344 ----a-w C:\WINDOWS\system32\ofhmjogd.dll
2008-03-04 16:55 91,712 ----a-w C:\WINDOWS\system32\bycndnxf.dll
2008-03-03 16:57 90,176 ----a-w C:\WINDOWS\system32\kfqsmorh.dll
2008-03-03 16:57 86,080 ------w C:\WINDOWS\system32\yrxrandf.dll
2008-03-03 16:56 91,712 ----a-w C:\WINDOWS\system32\dyfcohka.dll
2008-03-02 11:08 91,712 ----a-w C:\WINDOWS\system32\wqlpauvu.dll
2008-03-02 11:08 89,664 ----a-w C:\WINDOWS\system32\xujfexuu.dll
2008-03-02 11:08 84,544 ------w C:\WINDOWS\system32\wmnslohy.dll
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-01 08:17 91,712 ----a-w C:\WINDOWS\system32\xhgmjvcm.dll
2008-03-01 07:50 91,712 ----a-w C:\WINDOWS\system32\fwqqkplo.dll
2008-02-29 18:03 91,712 ----a-w C:\WINDOWS\system32\xljrkexk.dll
2008-02-29 18:03 88,640 ----a-w C:\WINDOWS\system32\mpgkgvcx.dll
2008-02-29 16:33 --------- d-----w C:\Program Files\Windows Live
2008-02-29 16:30 91,712 ----a-w C:\WINDOWS\system32\cofwmtou.dll
2008-02-29 16:30 88,640 ----a-w C:\WINDOWS\system32\vjrkitpv.dll
2008-02-29 16:30 84,544 ------w C:\WINDOWS\system32\ubnjiwvd.dll
2008-02-27 14:05 90,176 ----a-w C:\WINDOWS\system32\hyftkkgj.dll
2008-02-27 14:05 85,056 ------w C:\WINDOWS\system32\uafmuryo.dll
2008-02-27 14:04 91,712 ----a-w C:\WINDOWS\system32\xipehfbf.dll
2008-02-27 13:34 90,176 ----a-w C:\WINDOWS\system32\vrpaneof.dll
2008-02-27 13:34 85,056 ------w C:\WINDOWS\system32\sxhfqbaa.dll
2008-02-27 13:33 91,712 ----a-w C:\WINDOWS\system32\yxojhovs.dll
2008-02-27 13:25 91,712 ----a-w C:\WINDOWS\system32\pmkgvqok.dll
2008-02-27 13:25 90,176 ----a-w C:\WINDOWS\system32\cdiemfcp.dll
2008-02-27 13:25 85,056 ------w C:\WINDOWS\system32\tmurfncp.dll
2008-02-24 21:31 91,712 ----a-w C:\WINDOWS\system32\rfgjrrnd.dll
2008-02-24 21:03 91,712 ----a-w C:\WINDOWS\system32\kaltqgmq.dll
2008-02-24 19:41 91,712 ----a-w C:\WINDOWS\system32\xatcqpdl.dll
2008-02-24 19:20 91,712 ----a-w C:\WINDOWS\system32\vfcllbhi.dll
2008-02-24 17:02 90,176 ----a-w C:\WINDOWS\system32\jelowirp.dll
2008-02-24 17:02 86,592 ------w C:\WINDOWS\system32\lqgvdrix.dll
2008-02-24 17:01 91,712 ----a-w C:\WINDOWS\system32\mwuuhvwn.dll
2008-02-24 15:43 91,712 ----a-w C:\WINDOWS\system32\ojmxrdsd.dll
2008-02-24 15:43 90,176 ----a-w C:\WINDOWS\system32\mquddfob.dll
2008-02-24 15:43 86,592 ------w C:\WINDOWS\system32\hvxtoesh.dll
2008-02-24 12:42 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-24 12:36 91,712 ----a-w C:\WINDOWS\system32\ctxxclfu.dll
2008-02-24 12:36 90,176 ----a-w C:\WINDOWS\system32\muobvgcj.dll
2008-02-24 12:36 86,592 ------w C:\WINDOWS\system32\mvykqheu.dll
2008-02-24 12:14 91,712 ----a-w C:\WINDOWS\system32\wjxgisvf.dll
2008-02-24 12:14 90,176 ----a-w C:\WINDOWS\system32\itnmjboq.dll
2008-02-24 12:14 86,592 ------w C:\WINDOWS\system32\urmwwuuk.dll
2008-02-23 17:53 85,056 ------w C:\WINDOWS\system32\mrsjxkdd.dll
2008-02-23 17:52 91,712 ----a-w C:\WINDOWS\system32\qnildfdc.dll
2008-02-23 17:52 89,152 ----a-w C:\WINDOWS\system32\leolvwav.dll
2008-02-23 16:35 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-23 16:25 --------- d-----w C:\Program Files\VCW VicMan's Photo Editor
2008-02-23 16:01 89,152 ----a-w C:\WINDOWS\system32\gpcaecub.dll
2008-02-23 16:00 91,712 ----a-w C:\WINDOWS\system32\piujtspn.dll
2008-02-23 16:00 85,056 ----a-w C:\WINDOWS\system32\eecxiism.dll
2008-02-23 15:48 91,712 ----a-w C:\WINDOWS\system32\xgxnamtm.dll
2008-02-23 15:48 89,152 ----a-w C:\WINDOWS\system32\vepxcmex.dll
2008-02-23 15:48 85,056 ----a-w C:\WINDOWS\system32\dhrrskea.dll
2008-02-23 12:28 91,712 ----a-w C:\WINDOWS\system32\dndbuibr.dll
2008-02-22 16:19 91,712 ----a-w C:\WINDOWS\system32\ifxpvcmk.dll
2008-02-22 16:19 91,712 ----a-w C:\WINDOWS\system32\gtdmawyk.dll
2008-02-22 16:19 89,664 ----a-w C:\WINDOWS\system32\djfflrwu.dll
2008-02-22 13:19 91,712 ----a-w C:\WINDOWS\system32\ikpgsstw.dll
2008-02-22 13:18 91,712 ----a-w C:\WINDOWS\system32\tpkrqxxb.dll
2008-02-22 13:18 91,712 ----a-w C:\WINDOWS\system32\tgjifoxw.dll
2008-02-22 13:11 91,712 ----a-w C:\WINDOWS\system32\qeaaivns.dll
2008-02-22 13:11 91,712 ----a-w C:\WINDOWS\system32\apokbamd.dll
2008-02-22 13:10 91,712 ----a-w C:\WINDOWS\system32\unjcbefd.dll
2008-02-22 12:44 91,712 ----a-w C:\WINDOWS\system32\uivbqlje.dll
2008-02-22 12:43 91,712 ----a-w C:\WINDOWS\system32\vgrgcjle.dll
2008-02-22 12:43 91,712 ----a-w C:\WINDOWS\system32\iabclwql.dll
2008-02-21 23:18 93,760 ----a-w C:\WINDOWS\system32\vanngfyf.dll
2008-02-21 23:18 88,128 ------w C:\WINDOWS\system32\lnydhvmg.dll
2008-02-21 23:17 91,712 ----a-w C:\WINDOWS\system32\tqbringl.dll
2008-02-21 23:17 91,712 ----a-w C:\WINDOWS\system32\dmklhsjm.dll
2008-02-21 14:23 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-02-21 13:13 93,760 ----a-w C:\WINDOWS\system32\fqytubks.dll
2008-02-21 13:13 91,712 ----a-w C:\WINDOWS\system32\gluhwosr.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-08_16.43.29.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-07 10:18:20 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-08 16:09:17 4,177,920 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000001\ntuser.dat
+ 2008-04-08 16:09:18 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2008-04-07 10:18:20 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-08 16:09:06 4,177,920 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\ntuser.dat
+ 2008-04-08 16:09:06 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:08:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
- 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-06-26 17:41:32 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-05 10:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2007-12-19 22:53:23 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:32:25 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:00 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-01-11 05:36:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-03-08 15:33:58 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-06-26 17:41:32 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-05 10:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2007-12-19 22:53:23 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-12-07 02:08:32 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 12:58:06 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-06-29 11:39:25 107,008 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-09 13:16:33 107,008 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:32:25 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:51:00 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2007-12-07 02:08:32 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-12-06 11:02:31 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:56:41 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2007-12-07 02:08:32 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2007-12-07 02:08:32 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 12:58:07 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-12-07 02:08:33 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 12:58:08 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2007-12-07 02:08:33 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-12-07 02:08:33 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-05 20:56:22 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-12-07 02:08:33 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-12-07 02:08:33 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 02:08:34 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 12:58:09 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2007-12-07 02:08:34 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 12:58:10 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-12-07 02:08:34 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 12:58:10 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2007-12-07 02:08:34 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 12:58:10 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-08 13:44:26 67,798 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-09 13:20:58 68,842 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-08 13:44:26 91,430 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-09 13:20:58 92,762 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-04-08 13:44:26 418,356 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-09 13:20:58 421,128 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-04-08 13:44:26 513,248 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-09 13:20:58 516,650 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2008-01-11 05:36:55 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-12-07 02:08:34 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 02:08:34 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-12-07 02:08:34 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50 122880]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-02-10 22:57 1404928]
"nwiz"="nwiz.exe" [2004-07-02 00:12 843776 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe" []
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 03:21 50176 C:\WINDOWS\ALCXMNTR.EXE]
"Lexmark X5100 Series"="C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [2002-12-03 19:30 86101]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"FSASWREG"="C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe" [2004-11-04 12:03 16451]
"F-Secure TNB"="C:\Program Files\Securitoo\TNB\TNBUtil.exe" [2005-01-25 17:13 684032]
"F-Secure Manager"="C:\Program Files\Securitoo\Av_Fw\Common\FSM32.exe" [2004-12-22 10:28 118832]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.exe" [2005-03-16 15:45 208896]
"News Service"="C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 14:21 372736]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304]
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-07-14 21:26:34 393216]
C:\Documents and Settings\Compaq_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-07-14 21:26:34 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 15:40:46 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccy]
C:\WINDOWS\system32\ddccy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkhhf]
C:\WINDOWS\system32\jkhhf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjh]
C:\WINDOWS\system32\mljjh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
C:\WINDOWS\system32\pmkhg.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-10-24 14:01]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 00:00]
R2 BackWeb Plug-in - 8520111;Securitoo Antivirus Firewall;C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE [2006-09-24 16:41]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2003-11-14 18:52]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSgk.sys [2008-03-26 20:51]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2003-02-06 14:32]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
S3 pfsvgae;pfsvgae;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\pfsvgae.sys []
S3 rcrusoe;rcrusoe;C:\DOCUME~1\ERIC~1.COM\LOCALS~1\Temp\rcrusoe.sys []
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys [2007-03-14 16:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0e29044-b3a7-11dc-aade-000b6b9a52a9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-02 17:50:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-09 11:57:14 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus.
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 15:29:18
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-09 15:31:44
ComboFix-quarantined-files.txt 2008-04-09 13:31:14
ComboFix2.txt 2008-04-08 14:44:42
Pre-Run: 91,505,049,600 octets libres
Post-Run: 91,480,391,680 octets libres
.
2008-04-09 13:11:40 --- E O F ---
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.590 [GMT 2:00]
Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
.
TimedOut: progfile.dat
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\err.log
C:\WINDOWS\system32\__c0010DF6.dat
C:\WINDOWS\system32\__c0013D0A.dat
C:\WINDOWS\system32\__c0022AD2.dat
C:\WINDOWS\system32\__c0029BDE.dat
C:\WINDOWS\system32\__c003367A.dat
C:\WINDOWS\system32\__c0035CE.dat
C:\WINDOWS\system32\__c0039B60.dat
C:\WINDOWS\system32\__c00417EE.dat
C:\WINDOWS\system32\__c0043BEC.dat
C:\WINDOWS\system32\__c0045851.dat
C:\WINDOWS\system32\__c0053240.dat
C:\WINDOWS\system32\__c00570AA.dat
C:\WINDOWS\system32\__c0057624.dat
C:\WINDOWS\system32\__c005A9B0.dat
C:\WINDOWS\system32\__c006317C.dat
C:\WINDOWS\system32\__c006A808.dat
C:\WINDOWS\system32\__c006E03F.dat
C:\WINDOWS\system32\__c0078A8A.dat
C:\WINDOWS\system32\__c007E53C.dat
C:\WINDOWS\system32\__c0080624.dat
C:\WINDOWS\system32\__c0085538.dat
C:\WINDOWS\system32\__c008A6BB.dat
C:\WINDOWS\system32\__c008DF7D.dat
C:\WINDOWS\system32\__c009231C.dat
C:\WINDOWS\system32\__c009D2E2.dat
C:\WINDOWS\system32\__c00AA84C.dat
C:\WINDOWS\system32\__c00C42A4.dat
C:\WINDOWS\system32\__c00C873E.dat
C:\WINDOWS\system32\__c00CAC16.dat
C:\WINDOWS\system32\__c00DB032.dat
C:\WINDOWS\system32\__c00EAD0C.dat
C:\WINDOWS\system32\__c00EBDF6.dat
C:\WINDOWS\system32\__c00ECC4F.dat
C:\WINDOWS\system32\__c00EF506.dat
C:\WINDOWS\system32\__c00F42D6.dat
C:\WINDOWS\system32\__c00F7E6C.dat
C:\WINDOWS\system32\__c00FF69.dat
C:\WINDOWS\system32\ehdcugsy.dll
C:\WINDOWS\system32\fmnlylbn.dll
C:\WINDOWS\system32\frrslahn.dll
C:\WINDOWS\system32\hfstmptm.dll
C:\WINDOWS\system32\hnajhpxy.dll
C:\WINDOWS\system32\netwbix32.dll
C:\WINDOWS\system32\purjctvk.dll
C:\WINDOWS\system32\qdxjkenm.dll
C:\WINDOWS\system32\roletunu.dll
C:\WINDOWS\system32\xhdjdcvl.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-09 to 2008-04-09 ))))))))))))))))))))))))))))))))))))
.
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
2008-04-08 18:46 . 2008-04-08 18:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-08 18:08 . 2008-04-08 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-08 17:16 . 2008-04-08 18:27 <REP> d-------- C:\SDFix
2008-04-08 15:43 . 2008-04-08 15:43 3,648 --a------ C:\WINDOWS\system32\synyfato.dll
2008-04-08 15:21 . 2008-04-08 15:21 3,648 --a------ C:\WINDOWS\system32\nkvuuunl.dll
2008-04-08 14:51 . 2008-04-08 14:51 <REP> d-------- C:\Program Files\Trend Micro
2008-04-07 19:09 . 2008-04-07 19:09 85,056 --------- C:\WINDOWS\system32\bmovglsl.dll
2008-04-07 19:08 . 2008-04-07 19:08 88,128 --a------ C:\WINDOWS\system32\eydjftjx.dll
2008-04-07 18:42 . 2008-04-07 18:42 90,176 --a------ C:\WINDOWS\system32\sylatxim.dll
2008-04-07 18:33 . 2008-04-07 18:33 90,176 --a------ C:\WINDOWS\system32\apdmrsfb.dll
2008-04-07 18:33 . 2008-04-07 18:33 85,056 --------- C:\WINDOWS\system32\xsueaqmn.dll
2008-04-07 18:32 . 2008-04-07 18:33 88,128 --a------ C:\WINDOWS\system32\eymdgxav.dll
2008-04-07 18:27 . 2008-04-07 18:27 90,176 --a------ C:\WINDOWS\system32\axtnfqqs.dll
2008-04-07 18:27 . 2008-04-07 18:27 88,128 --a------ C:\WINDOWS\system32\vmoahemt.dll
2008-04-07 18:27 . 2008-04-07 18:27 85,056 --------- C:\WINDOWS\system32\eysxartr.dll
2008-04-07 17:53 . 2008-04-08 10:21 2,249,587 ---hs---- C:\WINDOWS\system32\amjhdhea.ini
2008-04-07 14:31 . 2008-04-07 14:31 90,176 --a------ C:\WINDOWS\system32\uowdqbyk.dll
2008-04-07 14:31 . 2008-04-07 14:31 88,128 --a------ C:\WINDOWS\system32\fjphtiha.dll
2008-04-07 14:31 . 2008-04-07 14:31 85,056 --------- C:\WINDOWS\system32\ppywtukv.dll
2008-04-07 13:26 . 2008-04-07 13:26 90,176 --a------ C:\WINDOWS\system32\ebaitcrw.dll
2008-04-07 13:25 . 2008-04-07 13:25 88,128 --a------ C:\WINDOWS\system32\kptnbmtc.dll
2008-04-07 13:25 . 2008-04-07 13:26 85,056 --------- C:\WINDOWS\system32\qkyonqyh.dll
2008-04-07 12:56 . 2008-04-07 12:56 90,176 --a------ C:\WINDOWS\system32\xvmtwxlo.dll
2008-04-07 12:56 . 2008-04-07 12:56 88,128 --a------ C:\WINDOWS\system32\jjchmfko.dll
2008-04-07 12:56 . 2008-04-07 12:56 85,056 --------- C:\WINDOWS\system32\ffrebpvh.dll
2008-04-07 11:49 . 2008-04-07 11:49 90,176 --a------ C:\WINDOWS\system32\sinlwaaj.dll
2008-04-07 11:49 . 2008-04-07 11:49 88,128 --a------ C:\WINDOWS\system32\odknjdsv.dll
2008-04-07 11:49 . 2008-04-07 11:49 85,056 --a------ C:\WINDOWS\system32\vnbamctp.dll
2008-04-07 11:31 . 2008-04-07 11:31 90,176 --a------ C:\WINDOWS\system32\dpytppmp.dll
2008-04-07 11:31 . 2008-04-07 11:31 88,128 --a------ C:\WINDOWS\system32\bwyevekv.dll
2008-04-07 11:31 . 2008-04-07 11:31 85,056 --------- C:\WINDOWS\system32\ouovmtaj.dll
2008-04-07 10:57 . 2008-04-07 10:57 90,176 --a------ C:\WINDOWS\system32\usujngor.dll
2008-04-07 10:57 . 2008-04-07 10:57 85,056 --------- C:\WINDOWS\system32\wfcfhxmo.dll
2008-04-07 10:56 . 2008-04-07 10:56 88,128 --a------ C:\WINDOWS\system32\frwvghew.dll
2008-04-07 10:42 . 2008-04-07 10:42 90,176 --a------ C:\WINDOWS\system32\xbbyjcic.dll
2008-04-07 10:41 . 2008-04-07 10:41 88,128 --a------ C:\WINDOWS\system32\tctokugd.dll
2008-04-06 15:59 . 2008-04-06 15:59 89,664 --a------ C:\WINDOWS\system32\nogtffuu.dll
2008-04-06 15:59 . 2008-04-06 15:59 87,104 --a------ C:\WINDOWS\system32\gmsrdjsf.dll
2008-04-06 15:59 . 2008-04-06 15:59 85,056 --------- C:\WINDOWS\system32\jwxgvkaw.dll
2008-04-06 14:48 . 2008-04-06 14:57 230,424 --a------ C:\WINDOWS\[u]0/u0000000.STI
2008-04-06 11:37 . 2008-04-06 11:37 89,664 --a------ C:\WINDOWS\system32\otfgcknk.dll
2008-04-06 11:37 . 2008-04-06 11:37 85,056 --------- C:\WINDOWS\system32\hggocooj.dll
2008-04-06 11:36 . 2008-04-06 11:36 87,104 --a------ C:\WINDOWS\system32\tyvmpwrk.dll
2008-04-05 19:45 . 2008-04-05 19:45 89,664 --a------ C:\WINDOWS\system32\lvnfkhex.dll
2008-04-05 19:45 . 2008-04-05 19:45 87,104 --a------ C:\WINDOWS\system32\ddiehceq.dll
2008-04-05 19:45 . 2008-04-05 19:45 85,056 --------- C:\WINDOWS\system32\dhikipxi.dll
2008-04-05 19:36 . 2008-04-05 19:36 89,664 --a------ C:\WINDOWS\system32\oipjaqsw.dll
2008-04-05 19:36 . 2008-04-05 19:36 87,104 --a------ C:\WINDOWS\system32\nhocehgb.dll
2008-04-05 19:36 . 2008-04-05 19:36 85,056 --------- C:\WINDOWS\system32\bqpdbanl.dll
2008-04-05 19:21 . 2008-04-05 19:21 89,664 --a------ C:\WINDOWS\system32\keyecwcc.dll
2008-04-05 19:21 . 2008-04-05 19:21 87,104 --a------ C:\WINDOWS\system32\njsjvttp.dll
2008-04-05 19:21 . 2008-04-05 19:21 85,056 --a------ C:\WINDOWS\system32\ranhljjc.dll
2008-04-05 13:09 . 2008-04-07 17:53 2,255,697 ---hs---- C:\WINDOWS\system32\svfijrxi.ini
2008-04-04 20:25 . 2008-04-05 13:08 2,275,181 ---hs---- C:\WINDOWS\system32\pedxflhg.ini
2008-04-04 19:41 . 2008-04-04 20:23 1,966,990 ---hs---- C:\WINDOWS\system32\jdjujsbf.ini
2008-04-04 17:53 . 2008-04-04 17:53 90,688 --a------ C:\WINDOWS\system32\tqbnrfgv.dll
2008-04-04 17:53 . 2008-04-04 17:53 88,640 --a------ C:\WINDOWS\system32\warcayei.dll
2008-04-04 17:53 . 2008-04-04 17:53 85,056 --------- C:\WINDOWS\system32\xjtwkhph.dll
2008-04-03 16:52 . 2008-04-03 16:52 89,152 --a------ C:\WINDOWS\system32\anqqyfkr.dll
2008-04-03 16:52 . 2008-04-03 16:52 86,592 --------- C:\WINDOWS\system32\cgvsjnpn.dll
2008-04-03 16:51 . 2008-04-03 16:51 88,640 --a------ C:\WINDOWS\system32\goxlecqa.dll
2008-04-03 16:45 . 2008-04-03 16:45 88,640 --a------ C:\WINDOWS\system32\edrnnrlo.dll
2008-04-02 20:16 . 2008-04-04 19:40 1,969,443 ---hs---- C:\WINDOWS\system32\mlqtluqn.ini
2008-04-02 20:00 . 2008-04-02 20:00 91,712 --a------ C:\WINDOWS\system32\kdcejrgf.dll
2008-04-02 20:00 . 2008-04-02 20:00 88,128 --a------ C:\WINDOWS\system32\mlrwkhap.dll
2008-04-02 20:00 . 2008-04-02 20:00 83,520 --a------ C:\WINDOWS\system32\gnqqnnkv.dll
2008-04-02 11:40 . 2008-04-02 11:40 91,712 --a------ C:\WINDOWS\system32\wvylwlhl.dll
2008-04-02 11:40 . 2008-04-02 11:40 88,128 --a------ C:\WINDOWS\system32\qpggldnm.dll
2008-04-01 20:24 . 2008-04-02 20:14 1,449,123 ---hs---- C:\WINDOWS\system32\ponrqjln.ini
2008-03-31 19:05 . 2008-03-31 19:05 91,712 --a------ C:\WINDOWS\system32\ehycwpqd.dll
2008-03-31 17:54 . 2008-03-31 17:54 90,688 --a------ C:\WINDOWS\system32\hkoyogvd.dll
2008-03-31 17:09 . 2008-03-31 17:09 90,688 --a------ C:\WINDOWS\system32\camosqke.dll
2008-03-30 11:55 . 2008-03-30 11:55 90,176 --a------ C:\WINDOWS\system32\ivvftdra.dll
2008-03-30 11:55 . 2008-03-30 11:55 88,128 --a------ C:\WINDOWS\system32\msmkyfgb.dll
2008-03-29 19:56 . 2008-04-01 19:48 1,318,641 ---hs---- C:\WINDOWS\system32\otbognel.ini
2008-03-29 13:38 . 2008-03-29 14:17 1,512,886 ---hs---- C:\WINDOWS\system32\ousxgrbs.ini
2008-03-28 20:46 . 2008-03-28 20:46 90,688 --a------ C:\WINDOWS\system32\wohnnabp.dll
2008-03-28 20:45 . 2008-03-28 20:45 87,616 --a------ C:\WINDOWS\system32\wkioajnh.dll
2008-03-28 19:06 . 2008-03-28 19:06 90,688 --a------ C:\WINDOWS\system32\qtrebrkb.dll
2008-03-28 19:05 . 2008-03-28 19:05 87,616 --a------ C:\WINDOWS\system32\askhygpj.dll
2008-03-27 18:26 . 2008-03-27 18:26 92,224 --a------ C:\WINDOWS\system32\wuwfurof.dll
2008-03-27 18:25 . 2008-03-27 18:25 93,248 --a------ C:\WINDOWS\system32\yndmnseu.dll
2008-03-26 20:42 . 2008-03-26 20:42 92,736 --a------ C:\WINDOWS\system32\flivygjf.dll
2008-03-26 20:42 . 2008-03-26 20:42 90,688 --a------ C:\WINDOWS\system32\rnhebxeu.dll
2008-03-26 00:41 . 2008-03-26 00:41 94,272 --a------ C:\WINDOWS\system32\fwmbnbss.dll
2008-03-26 00:41 . 2008-03-26 00:41 90,688 --a------ C:\WINDOWS\system32\jblfuovh.dll
2008-03-25 21:00 . 2008-03-25 21:00 94,272 --a------ C:\WINDOWS\system32\pfoldjso.dll
2008-03-25 21:00 . 2008-03-25 21:00 90,688 --a------ C:\WINDOWS\system32\phbwwihn.dll
2008-03-25 18:26 . 2008-03-25 18:26 94,272 --a------ C:\WINDOWS\system32\yerqnjye.dll
2008-03-25 18:26 . 2008-03-25 18:26 90,688 --a------ C:\WINDOWS\system32\yhciqcxk.dll
2008-03-24 21:41 . 2008-03-29 13:34 1,930,827 ---hs---- C:\WINDOWS\system32\aafnwfmi.ini
2008-03-24 18:23 . 2008-03-24 21:37 1,635,114 ---hs---- C:\WINDOWS\system32\tcwjobby.ini
2008-03-24 16:19 . 2008-03-24 18:23 1,550,720 ---hs---- C:\WINDOWS\system32\yuctxgkn.ini
2008-03-24 15:36 . 2008-03-24 16:15 1,549,562 ---hs---- C:\WINDOWS\system32\uvhxjrid.ini
2008-03-24 13:45 . 2008-03-24 13:45 93,248 --a------ C:\WINDOWS\system32\tqroeyrw.dll
2008-03-24 13:45 . 2008-03-24 13:45 91,200 --a------ C:\WINDOWS\system32\objctjeg.dll
2008-03-24 12:05 . 2008-03-24 12:05 93,248 --a------ C:\WINDOWS\system32\jheisnvu.dll
2008-03-24 12:05 . 2008-03-24 12:05 91,200 --a------ C:\WINDOWS\system32\idjxvuwg.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-09 13:19 --------- d-----w C:\Program Files\Wanadoo
2008-04-09 13:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-04-09 13:07 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-04-08 08:23 --------- d-----w C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Application Data\OpenOffice.org2
2008-04-05 11:25 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-15 12:21 --------- d-----w C:\Program Files\LimeWire
2008-03-08 20:16 92,224 ----a-w C:\WINDOWS\system32\ybqsgijx.dll
2008-03-08 17:21 92,224 ----a-w C:\WINDOWS\system32\qcxssqmj.dll
2008-03-08 17:21 88,640 ----a-w C:\WINDOWS\system32\mejjhxec.dll
2008-03-08 14:21 92,224 ----a-w C:\WINDOWS\system32\sqyptruc.dll
2008-03-08 14:21 88,640 ----a-w C:\WINDOWS\system32\jjydiplo.dll
2008-03-08 11:38 92,224 ----a-w C:\WINDOWS\system32\pkueurxf.dll
2008-03-08 11:38 88,640 ----a-w C:\WINDOWS\system32\onrrhvoo.dll
2008-03-08 10:28 92,224 ----a-w C:\WINDOWS\system32\vmhpdsew.dll
2008-03-08 10:27 88,640 ----a-w C:\WINDOWS\system32\ltwtowdw.dll
2008-03-06 17:24 96,320 ----a-w C:\WINDOWS\system32\olcdjied.dll
2008-03-06 17:24 92,736 ----a-w C:\WINDOWS\system32\qsujnkcq.dll
2008-03-05 19:08 96,832 ----a-w C:\WINDOWS\system32\klirgdsj.dll
2008-03-05 19:07 91,712 ----a-w C:\WINDOWS\system32\ogqtcslc.dll
2008-03-05 11:04 94,784 ----a-w C:\WINDOWS\system32\lpfooawl.dll
2008-03-05 11:03 91,712 ----a-w C:\WINDOWS\system32\dygwefyd.dll
2008-03-05 10:43 94,784 ----a-w C:\WINDOWS\system32\gdnbqrof.dll
2008-03-05 10:42 91,712 ----a-w C:\WINDOWS\system32\vfwchipo.dll
2008-03-04 18:43 96,832 ----a-w C:\WINDOWS\system32\kmqiyohw.dll
2008-03-04 18:43 91,712 ----a-w C:\WINDOWS\system32\hlbpydcy.dll
2008-03-04 16:55 97,344 ----a-w C:\WINDOWS\system32\ofhmjogd.dll
2008-03-04 16:55 91,712 ----a-w C:\WINDOWS\system32\bycndnxf.dll
2008-03-03 16:57 90,176 ----a-w C:\WINDOWS\system32\kfqsmorh.dll
2008-03-03 16:57 86,080 ------w C:\WINDOWS\system32\yrxrandf.dll
2008-03-03 16:56 91,712 ----a-w C:\WINDOWS\system32\dyfcohka.dll
2008-03-02 11:08 91,712 ----a-w C:\WINDOWS\system32\wqlpauvu.dll
2008-03-02 11:08 89,664 ----a-w C:\WINDOWS\system32\xujfexuu.dll
2008-03-02 11:08 84,544 ------w C:\WINDOWS\system32\wmnslohy.dll
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-01 08:17 91,712 ----a-w C:\WINDOWS\system32\xhgmjvcm.dll
2008-03-01 07:50 91,712 ----a-w C:\WINDOWS\system32\fwqqkplo.dll
2008-02-29 18:03 91,712 ----a-w C:\WINDOWS\system32\xljrkexk.dll
2008-02-29 18:03 88,640 ----a-w C:\WINDOWS\system32\mpgkgvcx.dll
2008-02-29 16:33 --------- d-----w C:\Program Files\Windows Live
2008-02-29 16:30 91,712 ----a-w C:\WINDOWS\system32\cofwmtou.dll
2008-02-29 16:30 88,640 ----a-w C:\WINDOWS\system32\vjrkitpv.dll
2008-02-29 16:30 84,544 ------w C:\WINDOWS\system32\ubnjiwvd.dll
2008-02-27 14:05 90,176 ----a-w C:\WINDOWS\system32\hyftkkgj.dll
2008-02-27 14:05 85,056 ------w C:\WINDOWS\system32\uafmuryo.dll
2008-02-27 14:04 91,712 ----a-w C:\WINDOWS\system32\xipehfbf.dll
2008-02-27 13:34 90,176 ----a-w C:\WINDOWS\system32\vrpaneof.dll
2008-02-27 13:34 85,056 ------w C:\WINDOWS\system32\sxhfqbaa.dll
2008-02-27 13:33 91,712 ----a-w C:\WINDOWS\system32\yxojhovs.dll
2008-02-27 13:25 91,712 ----a-w C:\WINDOWS\system32\pmkgvqok.dll
2008-02-27 13:25 90,176 ----a-w C:\WINDOWS\system32\cdiemfcp.dll
2008-02-27 13:25 85,056 ------w C:\WINDOWS\system32\tmurfncp.dll
2008-02-24 21:31 91,712 ----a-w C:\WINDOWS\system32\rfgjrrnd.dll
2008-02-24 21:03 91,712 ----a-w C:\WINDOWS\system32\kaltqgmq.dll
2008-02-24 19:41 91,712 ----a-w C:\WINDOWS\system32\xatcqpdl.dll
2008-02-24 19:20 91,712 ----a-w C:\WINDOWS\system32\vfcllbhi.dll
2008-02-24 17:02 90,176 ----a-w C:\WINDOWS\system32\jelowirp.dll
2008-02-24 17:02 86,592 ------w C:\WINDOWS\system32\lqgvdrix.dll
2008-02-24 17:01 91,712 ----a-w C:\WINDOWS\system32\mwuuhvwn.dll
2008-02-24 15:43 91,712 ----a-w C:\WINDOWS\system32\ojmxrdsd.dll
2008-02-24 15:43 90,176 ----a-w C:\WINDOWS\system32\mquddfob.dll
2008-02-24 15:43 86,592 ------w C:\WINDOWS\system32\hvxtoesh.dll
2008-02-24 12:42 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-24 12:36 91,712 ----a-w C:\WINDOWS\system32\ctxxclfu.dll
2008-02-24 12:36 90,176 ----a-w C:\WINDOWS\system32\muobvgcj.dll
2008-02-24 12:36 86,592 ------w C:\WINDOWS\system32\mvykqheu.dll
2008-02-24 12:14 91,712 ----a-w C:\WINDOWS\system32\wjxgisvf.dll
2008-02-24 12:14 90,176 ----a-w C:\WINDOWS\system32\itnmjboq.dll
2008-02-24 12:14 86,592 ------w C:\WINDOWS\system32\urmwwuuk.dll
2008-02-23 17:53 85,056 ------w C:\WINDOWS\system32\mrsjxkdd.dll
2008-02-23 17:52 91,712 ----a-w C:\WINDOWS\system32\qnildfdc.dll
2008-02-23 17:52 89,152 ----a-w C:\WINDOWS\system32\leolvwav.dll
2008-02-23 16:35 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-23 16:25 --------- d-----w C:\Program Files\VCW VicMan's Photo Editor
2008-02-23 16:01 89,152 ----a-w C:\WINDOWS\system32\gpcaecub.dll
2008-02-23 16:00 91,712 ----a-w C:\WINDOWS\system32\piujtspn.dll
2008-02-23 16:00 85,056 ----a-w C:\WINDOWS\system32\eecxiism.dll
2008-02-23 15:48 91,712 ----a-w C:\WINDOWS\system32\xgxnamtm.dll
2008-02-23 15:48 89,152 ----a-w C:\WINDOWS\system32\vepxcmex.dll
2008-02-23 15:48 85,056 ----a-w C:\WINDOWS\system32\dhrrskea.dll
2008-02-23 12:28 91,712 ----a-w C:\WINDOWS\system32\dndbuibr.dll
2008-02-22 16:19 91,712 ----a-w C:\WINDOWS\system32\ifxpvcmk.dll
2008-02-22 16:19 91,712 ----a-w C:\WINDOWS\system32\gtdmawyk.dll
2008-02-22 16:19 89,664 ----a-w C:\WINDOWS\system32\djfflrwu.dll
2008-02-22 13:19 91,712 ----a-w C:\WINDOWS\system32\ikpgsstw.dll
2008-02-22 13:18 91,712 ----a-w C:\WINDOWS\system32\tpkrqxxb.dll
2008-02-22 13:18 91,712 ----a-w C:\WINDOWS\system32\tgjifoxw.dll
2008-02-22 13:11 91,712 ----a-w C:\WINDOWS\system32\qeaaivns.dll
2008-02-22 13:11 91,712 ----a-w C:\WINDOWS\system32\apokbamd.dll
2008-02-22 13:10 91,712 ----a-w C:\WINDOWS\system32\unjcbefd.dll
2008-02-22 12:44 91,712 ----a-w C:\WINDOWS\system32\uivbqlje.dll
2008-02-22 12:43 91,712 ----a-w C:\WINDOWS\system32\vgrgcjle.dll
2008-02-22 12:43 91,712 ----a-w C:\WINDOWS\system32\iabclwql.dll
2008-02-21 23:18 93,760 ----a-w C:\WINDOWS\system32\vanngfyf.dll
2008-02-21 23:18 88,128 ------w C:\WINDOWS\system32\lnydhvmg.dll
2008-02-21 23:17 91,712 ----a-w C:\WINDOWS\system32\tqbringl.dll
2008-02-21 23:17 91,712 ----a-w C:\WINDOWS\system32\dmklhsjm.dll
2008-02-21 14:23 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-02-21 13:13 93,760 ----a-w C:\WINDOWS\system32\fqytubks.dll
2008-02-21 13:13 91,712 ----a-w C:\WINDOWS\system32\gluhwosr.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-08_16.43.29.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-07 10:18:20 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-08 16:09:17 4,177,920 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000001\ntuser.dat
+ 2008-04-08 16:09:18 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2008-04-07 10:18:20 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-08 16:09:06 4,177,920 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\ntuser.dat
+ 2008-04-08 16:09:06 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:08:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
- 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-06-26 17:41:32 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-05 10:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2007-12-19 22:53:23 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:32:25 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:00 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-01-11 05:36:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-03-08 15:33:58 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-06-26 17:41:32 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-05 10:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2007-12-19 22:53:23 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-12-07 02:08:32 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 12:58:06 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-06-29 11:39:25 107,008 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-09 13:16:33 107,008 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:32:25 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:51:00 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2007-12-07 02:08:32 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-12-06 11:02:31 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:56:41 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2007-12-07 02:08:32 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2007-12-07 02:08:32 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 12:58:07 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-12-07 02:08:33 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 12:58:08 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2007-12-07 02:08:33 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-12-07 02:08:33 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-05 20:56:22 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-12-07 02:08:33 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-12-07 02:08:33 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 02:08:34 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 12:58:09 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2007-12-07 02:08:34 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 12:58:10 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-12-07 02:08:34 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 12:58:10 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2007-12-07 02:08:34 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 12:58:10 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-08 13:44:26 67,798 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-09 13:20:58 68,842 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-08 13:44:26 91,430 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-09 13:20:58 92,762 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-04-08 13:44:26 418,356 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-09 13:20:58 421,128 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-04-08 13:44:26 513,248 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-09 13:20:58 516,650 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2008-01-11 05:36:55 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-12-07 02:08:34 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 02:08:34 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-12-07 02:08:34 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50 122880]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-02-10 22:57 1404928]
"nwiz"="nwiz.exe" [2004-07-02 00:12 843776 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe" []
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 10:47 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 03:21 50176 C:\WINDOWS\ALCXMNTR.EXE]
"Lexmark X5100 Series"="C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [2002-12-03 19:30 86101]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"FSASWREG"="C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe" [2004-11-04 12:03 16451]
"F-Secure TNB"="C:\Program Files\Securitoo\TNB\TNBUtil.exe" [2005-01-25 17:13 684032]
"F-Secure Manager"="C:\Program Files\Securitoo\Av_Fw\Common\FSM32.exe" [2004-12-22 10:28 118832]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.exe" [2005-03-16 15:45 208896]
"News Service"="C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 14:21 372736]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304]
C:\Documents and Settings\arnaud.COMPAQ-FAMILLE\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-07-14 21:26:34 393216]
C:\Documents and Settings\Compaq_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-07-14 21:26:34 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 15:40:46 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccy]
C:\WINDOWS\system32\ddccy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkhhf]
C:\WINDOWS\system32\jkhhf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjh]
C:\WINDOWS\system32\mljjh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
C:\WINDOWS\system32\pmkhg.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
"C:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-10-24 14:01]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 00:00]
R2 BackWeb Plug-in - 8520111;Securitoo Antivirus Firewall;C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE [2006-09-24 16:41]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2003-11-14 18:52]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSgk.sys [2008-03-26 20:51]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2003-02-06 14:32]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
S3 pfsvgae;pfsvgae;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\pfsvgae.sys []
S3 rcrusoe;rcrusoe;C:\DOCUME~1\ERIC~1.COM\LOCALS~1\Temp\rcrusoe.sys []
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys [2007-03-14 16:10]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0e29044-b3a7-11dc-aade-000b6b9a52a9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-02 17:50:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-09 11:57:14 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\Av_Fw\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus.
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 15:29:18
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-09 15:31:44
ComboFix-quarantined-files.txt 2008-04-09 13:31:14
ComboFix2.txt 2008-04-08 14:44:42
Pre-Run: 91,505,049,600 octets libres
Post-Run: 91,480,391,680 octets libres
.
2008-04-09 13:11:40 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:28, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll (file missing)
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll (file missing)
O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing)
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Scan saved at 15:39:28, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll (file missing)
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll (file missing)
O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing)
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
twister
tu es super infecté...
on va faire comme ceci :
escan :
Étape 1:
Télécharge eScan Antivirus Toolkit ici:
http://www.spywareinfo.dk/download/mwav.exe
Sauvegarde-le sur ton Bureau.
Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.
Étape 2:
Voici comment mettre l'outil à jour :
1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau ; dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").
2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky ; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.
3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une clé pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).
4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.
Ne pas lancer le scan tout de suite !
Étape 3:
Redémarre en mode Sans Échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisi la première option : Sans Échec, et valide avec "Entrée"
5) Choisi ton compte régulier, et non Administrateur
Étape 4:
Du mode Sans Échec, voici comment utiliser le programme :
1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky
2.) Double-clique sur mwavscan.com ; l'interface d'eScan va apparaître à l'écran.
3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.
4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous ; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.
5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.
6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !
7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.
Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.
Tutoriel :
http://www.malekal.com/tutorial_eScan_antivirus_toolkit.php
@´+
tu es super infecté...
on va faire comme ceci :
escan :
Étape 1:
Télécharge eScan Antivirus Toolkit ici:
http://www.spywareinfo.dk/download/mwav.exe
Sauvegarde-le sur ton Bureau.
Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.
Étape 2:
Voici comment mettre l'outil à jour :
1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau ; dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").
2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky ; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.
3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une clé pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).
4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.
Ne pas lancer le scan tout de suite !
Étape 3:
Redémarre en mode Sans Échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisi la première option : Sans Échec, et valide avec "Entrée"
5) Choisi ton compte régulier, et non Administrateur
Étape 4:
Du mode Sans Échec, voici comment utiliser le programme :
1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky
2.) Double-clique sur mwavscan.com ; l'interface d'eScan va apparaître à l'écran.
3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.
4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous ; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.
5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.
6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !
7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.
Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.
Tutoriel :
http://www.malekal.com/tutorial_eScan_antivirus_toolkit.php
@´+
J'ai fini le scan (et j'ai trouvé plus de 800 virus!!) mais je ne parviens pas à réaliser un copié/collé. Le clic droit est sans effet ( l'action copié ne peut pas apparaître). Que dois-je faire ?
ok twister
800, oui ca ne m´etonne pas...
tu as tout supprimé ?
c´est dommage que je ne puisse pas voir le rapport...
repost un nouveau combofix apres l´avoir passé stp avec un nouveau rapport hijack this
@+
800, oui ca ne m´etonne pas...
tu as tout supprimé ?
c´est dommage que je ne puisse pas voir le rapport...
repost un nouveau combofix apres l´avoir passé stp avec un nouveau rapport hijack this
@+
Bonsoir,
g!rly est en vacances....
Je prend le relai.
On va repartir de bases saines car tu es très infecté.
Alors,
> Télécharge ToolsCleaner : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/ sur ton bureau.
- Clique sur Recherche et laisse le scan agir ...
- Clique sur Suppression pour finaliser (tu peux, si tu le souhaites, te servir des Options facultatives)
- Clique sur Quitter pour obtenir le rapport et poste le dans ta réponse (TCleaner.txt se trouve à la racine de ton disque dur (C:\)).
- Supprime ToolsCleaner ensuite.
Ensuite,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance Hijackthis, sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie stp, par collier/coller, ton log Hijackthis sur le forum,
Puis,
> Télécharge MalwareByte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour")
- Démarre en mode sans échec (image). Si problème : tuto ici
- Lance le MalwareByte's Anti-Malware puis clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin clique sur clique "supprimer" (Si des éléments très difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- Un rapport va être généré : sauvegarde le et poste le sur forum stp.
Bon courage,
;)
A+
g!rly est en vacances....
Je prend le relai.
On va repartir de bases saines car tu es très infecté.
Alors,
> Télécharge ToolsCleaner : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/ sur ton bureau.
- Clique sur Recherche et laisse le scan agir ...
- Clique sur Suppression pour finaliser (tu peux, si tu le souhaites, te servir des Options facultatives)
- Clique sur Quitter pour obtenir le rapport et poste le dans ta réponse (TCleaner.txt se trouve à la racine de ton disque dur (C:\)).
- Supprime ToolsCleaner ensuite.
Ensuite,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance Hijackthis, sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie stp, par collier/coller, ton log Hijackthis sur le forum,
Puis,
> Télécharge MalwareByte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour")
- Démarre en mode sans échec (image). Si problème : tuto ici
- Lance le MalwareByte's Anti-Malware puis clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin clique sur clique "supprimer" (Si des éléments très difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- Un rapport va être généré : sauvegarde le et poste le sur forum stp.
Bon courage,
;)
A+
Scan saved at 14:51:53, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {24fc3de5-dcb2-0b98-4f14-9568f02a6ee1} - {1ee6a20f-8659-41f4-89b0-2bcd5ed3cf42} - C:\WINDOWS\system32\fgumvfvl.dll
O2 - BHO: (no name) - {54F00630-66A3-409B-BEB9-E7878947CB42} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [BM6b3eadef] Rundll32.exe "C:\WINDOWS\system32\jhvfrjni.dll",s
O4 - HKLM\..\Run: [680d9e73] rundll32.exe "C:\WINDOWS\system32\toimsbet.dll",b
O4 - HKLM\..\Run: [kibmhf] c:\windows\system32\kibmhf.exe kibmhf
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0048071.dat
O20 - Winlogon Notify: awvvu - C:\WINDOWS\system32\awvvu.dll
O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll
O20 - Winlogon Notify: gebyx - C:\WINDOWS\system32\gebyx.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll (file missing)
O20 - Winlogon Notify: jkklj - C:\WINDOWS\system32\jkklj.dll
O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll
O20 - Winlogon Notify: vtsts - C:\WINDOWS\system32\vtsts.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe