Win32 navipromo please help me !
Résolu
knacky
-
anonym -
anonym -
Bonjour! moi aussi j' ai tenté de supprimer messenger skiner via l' ajout/suppression de programmes, mais avast ouvre un message d' alerte virus nomé win32 navipromo, je le met donc en zone de quarantaine comme recommandé mais j' aimerais m' en débarasser définitivement car il me pose quelques pb. J' ai effectué la 1e opération et voici mon rapport
Est ce que qq1 pourrait m' indiquer les démarches a suivre en sachant que je ne suis pas experte en matière d' informatique ... merci bcp =)
Search Navipromo version 3.5.8 commencé le 19/06/2008 à 12:34:48,12
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis D:\Program Files\navilog1
Session actuelle : "alice"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
MessengerSkinner
Windows Live Favorites pour Windows Live Toolbar
*** Recherche dossiers dans "D:\WINDOWS" ***
*** Recherche dossiers dans "D:\Program Files" ***
D:\Program Files\MessengerSkinner trouvé !
*** Recherche dossiers dans "d:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "d:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\applic~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\applic~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\locals~1\applic~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\locals~1\applic~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\menudm~1\progra~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "D:\WINDOWS\system32" *
Fichiers trouvés :
akmjlcxj.exe trouvé !
aojvdu.exe trouvé !
awvikwxsq.exe trouvé !
awvikwxsq.exe trouvé !
badezzovm.exe trouvé !
bqsyggyed.exe trouvé !
ceqdbai.exe trouvé !
clmabfnug.exe trouvé !
clmabfnug.exe trouvé !
clyoqx.exe trouvé !
clyoqx.exe trouvé !
coqvnp.exe trouvé !
coqvnp.exe trouvé !
ctxksbvbp.exe trouvé !
cupbeic.exe trouvé !
cupbeic.exe trouvé !
cwivsditea.exe trouvé !
dgisfhcqvw.exe trouvé !
dgisfhcqvw.exe trouvé !
dpaljh.exe trouvé !
etjsmwnr.exe trouvé !
evvfilhkfm.exe trouvé !
fhjsiqgqde.exe trouvé !
fhjsiqgqde.exe trouvé !
fskeuff.exe trouvé !
fwvrongmsl.exe trouvé !
gkvxljq.exe trouvé !
glwpqkvgm.exe trouvé !
gsmjczsrp.exe trouvé !
hhrgrt.exe trouvé !
hvrvqf.exe trouvé !
hyqwdkpq.exe trouvé !
iexmwuaf.exe trouvé !
ikvxsdrwz.exe trouvé !
jaakfuk.exe trouvé !
jaakfuk.exe trouvé !
jpsorzw.exe trouvé !
jpsorzw.exe trouvé !
jtgjkdr.exe trouvé !
jtgjkdr.exe trouvé !
jxltgcsfo.exe trouvé !
jynwbxu.exe trouvé !
kfygeywc.exe trouvé !
kfygeywc.exe trouvé !
kkmhjw.exe trouvé !
kmdrto.exe trouvé !
lhnzlwjb.exe trouvé !
lhnzlwjb.exe trouvé !
ltzmsrsru.exe trouvé !
lwbjzro.exe trouvé !
mbwaspjgml.exe trouvé !
mqdhlllcr.exe trouvé !
mqdhlllcr.exe trouvé !
mqpbhxjrar.exe trouvé !
mqpbhxjrar.exe trouvé !
mvkwgi.exe trouvé !
mwnnde.exe trouvé !
nbrkwdmtdc.exe trouvé !
nfxqhd.exe trouvé !
nfxqhd.exe trouvé !
nixurh.exe trouvé !
ohvchoing.exe trouvé !
othpzcjto.exe trouvé !
ozzwvylnej.exe trouvé !
pevxxfx.exe trouvé !
pfhgjljbmf.exe trouvé !
pspicrej.exe trouvé !
pucjgy.exe trouvé !
qgstnk.exe trouvé !
qgtsct.exe trouvé !
qgtsct.exe trouvé !
qpjamzgnzj.exe trouvé !
rlrtla.exe trouvé !
ruxzbktp.exe trouvé !
ruxzbktp.exe trouvé !
sclsbwzym.exe trouvé !
sddhna.exe trouvé !
sghqok.exe trouvé !
slqoemzo.exe trouvé !
soffckt.exe trouvé !
tfwxdgiz.exe trouvé !
tfwxdgiz.exe trouvé !
tkdaxqdsd.exe trouvé !
trmmjx.exe trouvé !
trmmjx.exe trouvé !
uadeqcz.exe trouvé !
ucctlp.exe trouvé !
ucgvrjptyd.exe trouvé !
ucgvrjptyd.exe trouvé !
ulpnpgfyq.exe trouvé !
uslfwc.exe trouvé !
uubinjekaq.exe trouvé !
uubinjekaq.exe trouvé !
vhzuweiwn.exe trouvé !
vhzuweiwn.exe trouvé !
vobfgqt.exe trouvé !
vzdylhncq.exe trouvé !
wipsnyp.exe trouvé !
wogdsqsoz.exe trouvé !
xajrmq.exe trouvé !
xajrmq.exe trouvé !
xbjohgj.exe trouvé !
xcnpbi.exe trouvé !
xcnpbi.exe trouvé !
xlmngo.exe trouvé !
xqqwogf.exe trouvé !
xsotivrh.exe trouvé !
xyasiybbtx.exe trouvé !
yyillak.exe trouvé !
zasuipitin.exe trouvé !
zygtzbcr.exe trouvé !
zztxbzisv.exe trouvé !
zztxbzisv.exe trouvé !
akmjlcxj.exe trouvé !
aojvdu.exe trouvé !
awzmexlg.exe trouvé !
bqsyggyed.exe trouvé !
ceqdbai.exe trouvé !
clmabfnug.exe trouvé !
coqvnp.exe trouvé !
cupbeic.exe trouvé !
dgisfhcqvw.exe trouvé !
dpaljh.exe trouvé !
ekxqumq.exe trouvé !
etjsmwnr.exe trouvé !
evvfilhkfm.exe trouvé !
fhjsiqgqde.exe trouvé !
fvveon.exe trouvé !
fwvrongmsl.exe trouvé !
gcbscrl.exe trouvé !
gcjpofzoup.exe trouvé !
glwpqkvgm.exe trouvé !
gmummljrr.exe trouvé !
grautb.exe trouvé !
gsmjczsrp.exe trouvé !
gyqemdzcct.exe trouvé !
hhrgrt.exe trouvé !
hvrvqf.exe trouvé !
hyqwdkpq.exe trouvé !
ikvxsdrwz.exe trouvé !
itvtjr.exe trouvé !
jaakfuk.exe trouvé !
jgnvejci.exe trouvé !
jkwfrcoo.exe trouvé !
jtgjkdr.exe trouvé !
kfygeywc.exe trouvé !
kjyvvpt.exe trouvé !
kkmhjw.exe trouvé !
kxvdvm.exe trouvé !
ltzmsrsru.exe trouvé !
matusomxh.exe trouvé !
mbwaspjgml.exe trouvé !
mqdhlllcr.exe trouvé !
mqpbhxjrar.exe trouvé !
mvkwgi.exe trouvé !
mwnnde.exe trouvé !
othpzcjto.exe trouvé !
ozzwvylnej.exe trouvé !
pevxxfx.exe trouvé !
pspicrej.exe trouvé !
qgstnk.exe trouvé !
qgtsct.exe trouvé !
qpjamzgnzj.exe trouvé !
rlrtla.exe trouvé !
ruxzbktp.exe trouvé !
soffckt.exe trouvé !
tbaupbfjp.exe trouvé !
uadeqcz.exe trouvé !
ucctlp.exe trouvé !
ucgvrjptyd.exe trouvé !
ufbtncr.exe trouvé !
uubinjekaq.exe trouvé !
uzhwbuussh.exe trouvé !
vhzuweiwn.exe trouvé !
wipsnyp.exe trouvé !
wogdsqsoz.exe trouvé !
xqqwogf.exe trouvé !
xyasiybbtx.exe trouvé !
yyillak.exe trouvé !
zcxrxpvtk.exe trouvé !
* Recherche dans "D:\Documents and Settings\alice\locals~1\applic~1" *
* Recherche dans "D:\DOCUME~1\soanes\locals~1\applic~1" *
*** Recherche fichiers ***
D:\WINDOWS\pack.epk trouvé !
D:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "D:\WINDOWS\system32" :
anxdojt.exe trouvé !
avdoqr.exe trouvé !
azcyislf.exe trouvé !
bgmxpanwd.exe trouvé !
bwyxdnkt.exe trouvé !
bzkbnxqps.exe trouvé !
cdzlpng.exe trouvé !
dnbxwgaoh.exe trouvé !
dqkmaktrs.exe trouvé !
eapdwtyv.exe trouvé !
eitihh.exe trouvé !
endqbj.exe trouvé !
folyqsvz.exe trouvé !
fpdvrlhmtg.exe trouvé !
frqsagcnut.exe trouvé !
geifwnsig.exe trouvé !
gfitok.exe trouvé !
gfypiokedb.exe trouvé !
ghlomkcvn.exe trouvé !
gpbfnka.exe trouvé !
gyiztfk.dat trouvé !
gyiztfk_nav.dat trouvé !
gyiztfk_navps.dat trouvé !
hfyvdpt.exe trouvé !
hubtsc.exe trouvé !
hxjoyvazb.exe trouvé !
iajvycoq.exe trouvé !
jtlntru.exe trouvé !
kbmlva.exe trouvé !
kfjide.exe trouvé !
kjoquisal.exe trouvé !
kqdxfr.exe trouvé !
kusazlrof.exe trouvé !
kzrflesyqo.exe trouvé !
lcvwcft.exe trouvé !
lhcsxay.exe trouvé !
lplibu.exe trouvé !
lrjwfgu.exe trouvé !
lwobvlv.exe trouvé !
manfob.exe trouvé !
mauagafaf.exe trouvé !
mcguvek.exe trouvé !
mgnurqbdvc.exe trouvé !
miimrp.exe trouvé !
miwdzcr.exe trouvé !
mqlfsohw.exe trouvé !
msgqav.exe trouvé !
mzbfye.exe trouvé !
ncmfilw.exe trouvé !
nfwtyvz.exe trouvé !
ngwroslcq.exe trouvé !
nmfblch.exe trouvé !
nqjkihgvra.exe trouvé !
nuxdbges.exe trouvé !
obadurze.exe trouvé !
ocgbdjh.exe trouvé !
ofrvmfb.exe trouvé !
ogdmeisb.exe trouvé !
ohgzzaruf.exe trouvé !
ohjsgm.exe trouvé !
ohpuacija.exe trouvé !
pbodus.exe trouvé !
qblouhwpne.exe trouvé !
qntbgxv.exe trouvé !
rfyxvt.exe trouvé !
rhgwqs.exe trouvé !
rlngnmr.exe trouvé !
rmjjdin.exe trouvé !
servpmdiux.exe trouvé !
sgcafwiukb.exe trouvé !
tdewziu.exe trouvé !
tdmrwfo.exe trouvé !
tkgmiyb.exe trouvé !
tlzpiyx.exe trouvé !
ueilbncm.exe trouvé !
unktfep.exe trouvé !
uqhjsq.exe trouvé !
vmdblkjcf.exe trouvé !
vmeleac.exe trouvé !
vsfwqk.exe trouvé !
vulsfkqon.exe trouvé !
wbvysth.exe trouvé !
wfbjugekm.exe trouvé !
woiagb.exe trouvé !
wsaweo.exe trouvé !
wtpkqj.exe trouvé !
wytiqmda.exe trouvé !
xakfmp.exe trouvé !
xkypqlwpo.exe trouvé !
xlvmowf.exe trouvé !
xmqeojg.exe trouvé !
xrubtr.exe trouvé !
yihwqglsv.exe trouvé !
ykziurmpa.exe trouvé !
ymhtzb.exe trouvé !
yshqirgz.exe trouvé !
yyealis.exe trouvé !
zdlbwfgyem.exe trouvé !
zgnfbau.exe trouvé !
* Dans "D:\Documents and Settings\alice\locals~1\applic~1" :
* Dans "D:\DOCUME~1\soanes\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 19/06/2008 à 12:58:47,84 ***
Est ce que qq1 pourrait m' indiquer les démarches a suivre en sachant que je ne suis pas experte en matière d' informatique ... merci bcp =)
Search Navipromo version 3.5.8 commencé le 19/06/2008 à 12:34:48,12
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis D:\Program Files\navilog1
Session actuelle : "alice"
Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
MessengerSkinner
Windows Live Favorites pour Windows Live Toolbar
*** Recherche dossiers dans "D:\WINDOWS" ***
*** Recherche dossiers dans "D:\Program Files" ***
D:\Program Files\MessengerSkinner trouvé !
*** Recherche dossiers dans "d:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "d:\docume~1\alluse~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\applic~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\applic~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\locals~1\applic~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\locals~1\applic~1" ***
*** Recherche dossiers dans "D:\Documents and Settings\alice\menudm~1\progra~1" ***
*** Recherche dossiers dans "D:\DOCUME~1\soanes\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "D:\WINDOWS\system32" *
Fichiers trouvés :
akmjlcxj.exe trouvé !
aojvdu.exe trouvé !
awvikwxsq.exe trouvé !
awvikwxsq.exe trouvé !
badezzovm.exe trouvé !
bqsyggyed.exe trouvé !
ceqdbai.exe trouvé !
clmabfnug.exe trouvé !
clmabfnug.exe trouvé !
clyoqx.exe trouvé !
clyoqx.exe trouvé !
coqvnp.exe trouvé !
coqvnp.exe trouvé !
ctxksbvbp.exe trouvé !
cupbeic.exe trouvé !
cupbeic.exe trouvé !
cwivsditea.exe trouvé !
dgisfhcqvw.exe trouvé !
dgisfhcqvw.exe trouvé !
dpaljh.exe trouvé !
etjsmwnr.exe trouvé !
evvfilhkfm.exe trouvé !
fhjsiqgqde.exe trouvé !
fhjsiqgqde.exe trouvé !
fskeuff.exe trouvé !
fwvrongmsl.exe trouvé !
gkvxljq.exe trouvé !
glwpqkvgm.exe trouvé !
gsmjczsrp.exe trouvé !
hhrgrt.exe trouvé !
hvrvqf.exe trouvé !
hyqwdkpq.exe trouvé !
iexmwuaf.exe trouvé !
ikvxsdrwz.exe trouvé !
jaakfuk.exe trouvé !
jaakfuk.exe trouvé !
jpsorzw.exe trouvé !
jpsorzw.exe trouvé !
jtgjkdr.exe trouvé !
jtgjkdr.exe trouvé !
jxltgcsfo.exe trouvé !
jynwbxu.exe trouvé !
kfygeywc.exe trouvé !
kfygeywc.exe trouvé !
kkmhjw.exe trouvé !
kmdrto.exe trouvé !
lhnzlwjb.exe trouvé !
lhnzlwjb.exe trouvé !
ltzmsrsru.exe trouvé !
lwbjzro.exe trouvé !
mbwaspjgml.exe trouvé !
mqdhlllcr.exe trouvé !
mqdhlllcr.exe trouvé !
mqpbhxjrar.exe trouvé !
mqpbhxjrar.exe trouvé !
mvkwgi.exe trouvé !
mwnnde.exe trouvé !
nbrkwdmtdc.exe trouvé !
nfxqhd.exe trouvé !
nfxqhd.exe trouvé !
nixurh.exe trouvé !
ohvchoing.exe trouvé !
othpzcjto.exe trouvé !
ozzwvylnej.exe trouvé !
pevxxfx.exe trouvé !
pfhgjljbmf.exe trouvé !
pspicrej.exe trouvé !
pucjgy.exe trouvé !
qgstnk.exe trouvé !
qgtsct.exe trouvé !
qgtsct.exe trouvé !
qpjamzgnzj.exe trouvé !
rlrtla.exe trouvé !
ruxzbktp.exe trouvé !
ruxzbktp.exe trouvé !
sclsbwzym.exe trouvé !
sddhna.exe trouvé !
sghqok.exe trouvé !
slqoemzo.exe trouvé !
soffckt.exe trouvé !
tfwxdgiz.exe trouvé !
tfwxdgiz.exe trouvé !
tkdaxqdsd.exe trouvé !
trmmjx.exe trouvé !
trmmjx.exe trouvé !
uadeqcz.exe trouvé !
ucctlp.exe trouvé !
ucgvrjptyd.exe trouvé !
ucgvrjptyd.exe trouvé !
ulpnpgfyq.exe trouvé !
uslfwc.exe trouvé !
uubinjekaq.exe trouvé !
uubinjekaq.exe trouvé !
vhzuweiwn.exe trouvé !
vhzuweiwn.exe trouvé !
vobfgqt.exe trouvé !
vzdylhncq.exe trouvé !
wipsnyp.exe trouvé !
wogdsqsoz.exe trouvé !
xajrmq.exe trouvé !
xajrmq.exe trouvé !
xbjohgj.exe trouvé !
xcnpbi.exe trouvé !
xcnpbi.exe trouvé !
xlmngo.exe trouvé !
xqqwogf.exe trouvé !
xsotivrh.exe trouvé !
xyasiybbtx.exe trouvé !
yyillak.exe trouvé !
zasuipitin.exe trouvé !
zygtzbcr.exe trouvé !
zztxbzisv.exe trouvé !
zztxbzisv.exe trouvé !
akmjlcxj.exe trouvé !
aojvdu.exe trouvé !
awzmexlg.exe trouvé !
bqsyggyed.exe trouvé !
ceqdbai.exe trouvé !
clmabfnug.exe trouvé !
coqvnp.exe trouvé !
cupbeic.exe trouvé !
dgisfhcqvw.exe trouvé !
dpaljh.exe trouvé !
ekxqumq.exe trouvé !
etjsmwnr.exe trouvé !
evvfilhkfm.exe trouvé !
fhjsiqgqde.exe trouvé !
fvveon.exe trouvé !
fwvrongmsl.exe trouvé !
gcbscrl.exe trouvé !
gcjpofzoup.exe trouvé !
glwpqkvgm.exe trouvé !
gmummljrr.exe trouvé !
grautb.exe trouvé !
gsmjczsrp.exe trouvé !
gyqemdzcct.exe trouvé !
hhrgrt.exe trouvé !
hvrvqf.exe trouvé !
hyqwdkpq.exe trouvé !
ikvxsdrwz.exe trouvé !
itvtjr.exe trouvé !
jaakfuk.exe trouvé !
jgnvejci.exe trouvé !
jkwfrcoo.exe trouvé !
jtgjkdr.exe trouvé !
kfygeywc.exe trouvé !
kjyvvpt.exe trouvé !
kkmhjw.exe trouvé !
kxvdvm.exe trouvé !
ltzmsrsru.exe trouvé !
matusomxh.exe trouvé !
mbwaspjgml.exe trouvé !
mqdhlllcr.exe trouvé !
mqpbhxjrar.exe trouvé !
mvkwgi.exe trouvé !
mwnnde.exe trouvé !
othpzcjto.exe trouvé !
ozzwvylnej.exe trouvé !
pevxxfx.exe trouvé !
pspicrej.exe trouvé !
qgstnk.exe trouvé !
qgtsct.exe trouvé !
qpjamzgnzj.exe trouvé !
rlrtla.exe trouvé !
ruxzbktp.exe trouvé !
soffckt.exe trouvé !
tbaupbfjp.exe trouvé !
uadeqcz.exe trouvé !
ucctlp.exe trouvé !
ucgvrjptyd.exe trouvé !
ufbtncr.exe trouvé !
uubinjekaq.exe trouvé !
uzhwbuussh.exe trouvé !
vhzuweiwn.exe trouvé !
wipsnyp.exe trouvé !
wogdsqsoz.exe trouvé !
xqqwogf.exe trouvé !
xyasiybbtx.exe trouvé !
yyillak.exe trouvé !
zcxrxpvtk.exe trouvé !
* Recherche dans "D:\Documents and Settings\alice\locals~1\applic~1" *
* Recherche dans "D:\DOCUME~1\soanes\locals~1\applic~1" *
*** Recherche fichiers ***
D:\WINDOWS\pack.epk trouvé !
D:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "D:\WINDOWS\system32" :
anxdojt.exe trouvé !
avdoqr.exe trouvé !
azcyislf.exe trouvé !
bgmxpanwd.exe trouvé !
bwyxdnkt.exe trouvé !
bzkbnxqps.exe trouvé !
cdzlpng.exe trouvé !
dnbxwgaoh.exe trouvé !
dqkmaktrs.exe trouvé !
eapdwtyv.exe trouvé !
eitihh.exe trouvé !
endqbj.exe trouvé !
folyqsvz.exe trouvé !
fpdvrlhmtg.exe trouvé !
frqsagcnut.exe trouvé !
geifwnsig.exe trouvé !
gfitok.exe trouvé !
gfypiokedb.exe trouvé !
ghlomkcvn.exe trouvé !
gpbfnka.exe trouvé !
gyiztfk.dat trouvé !
gyiztfk_nav.dat trouvé !
gyiztfk_navps.dat trouvé !
hfyvdpt.exe trouvé !
hubtsc.exe trouvé !
hxjoyvazb.exe trouvé !
iajvycoq.exe trouvé !
jtlntru.exe trouvé !
kbmlva.exe trouvé !
kfjide.exe trouvé !
kjoquisal.exe trouvé !
kqdxfr.exe trouvé !
kusazlrof.exe trouvé !
kzrflesyqo.exe trouvé !
lcvwcft.exe trouvé !
lhcsxay.exe trouvé !
lplibu.exe trouvé !
lrjwfgu.exe trouvé !
lwobvlv.exe trouvé !
manfob.exe trouvé !
mauagafaf.exe trouvé !
mcguvek.exe trouvé !
mgnurqbdvc.exe trouvé !
miimrp.exe trouvé !
miwdzcr.exe trouvé !
mqlfsohw.exe trouvé !
msgqav.exe trouvé !
mzbfye.exe trouvé !
ncmfilw.exe trouvé !
nfwtyvz.exe trouvé !
ngwroslcq.exe trouvé !
nmfblch.exe trouvé !
nqjkihgvra.exe trouvé !
nuxdbges.exe trouvé !
obadurze.exe trouvé !
ocgbdjh.exe trouvé !
ofrvmfb.exe trouvé !
ogdmeisb.exe trouvé !
ohgzzaruf.exe trouvé !
ohjsgm.exe trouvé !
ohpuacija.exe trouvé !
pbodus.exe trouvé !
qblouhwpne.exe trouvé !
qntbgxv.exe trouvé !
rfyxvt.exe trouvé !
rhgwqs.exe trouvé !
rlngnmr.exe trouvé !
rmjjdin.exe trouvé !
servpmdiux.exe trouvé !
sgcafwiukb.exe trouvé !
tdewziu.exe trouvé !
tdmrwfo.exe trouvé !
tkgmiyb.exe trouvé !
tlzpiyx.exe trouvé !
ueilbncm.exe trouvé !
unktfep.exe trouvé !
uqhjsq.exe trouvé !
vmdblkjcf.exe trouvé !
vmeleac.exe trouvé !
vsfwqk.exe trouvé !
vulsfkqon.exe trouvé !
wbvysth.exe trouvé !
wfbjugekm.exe trouvé !
woiagb.exe trouvé !
wsaweo.exe trouvé !
wtpkqj.exe trouvé !
wytiqmda.exe trouvé !
xakfmp.exe trouvé !
xkypqlwpo.exe trouvé !
xlvmowf.exe trouvé !
xmqeojg.exe trouvé !
xrubtr.exe trouvé !
yihwqglsv.exe trouvé !
ykziurmpa.exe trouvé !
ymhtzb.exe trouvé !
yshqirgz.exe trouvé !
yyealis.exe trouvé !
zdlbwfgyem.exe trouvé !
zgnfbau.exe trouvé !
* Dans "D:\Documents and Settings\alice\locals~1\applic~1" :
* Dans "D:\DOCUME~1\soanes\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 19/06/2008 à 12:58:47,84 ***
A voir également:
- Win32 navipromo please help me !
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- Trojan win32 - Forum Virus
- PUADlManager:Win32/OfferCore ✓ - Forum Virus
- Win32 pup gen ✓ - Forum Linux / Unix
75 réponses
tu telecharge malwarbyte http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
a l'installation tu verifie que mise a jour et lançer programme et scan complet sont bien cocher
tu suprime se qu'il trouve et tu poste le raport
a l'installation tu verifie que mise a jour et lançer programme et scan complet sont bien cocher
tu suprime se qu'il trouve et tu poste le raport
salut, voila le rapport :
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 871
09:45:21 20/06/2008
mbam-log-6-20-2008 (09-45-21).txt
Type de recherche: Examen rapide
Eléments examinés: 140814
Temps écoulé: 39 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
D:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
D:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 871
09:45:21 20/06/2008
mbam-log-6-20-2008 (09-45-21).txt
Type de recherche: Examen rapide
Eléments examinés: 140814
Temps écoulé: 39 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
D:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
D:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Télécharge Clean.zip de Malekal.
Comment l'utiliser : http://mickael.barroux.free.fr/securite/clean.php
https://www.malekal.com/supprimer-virus-desinfecter-pc/#mozTocId711944 <-tuto
Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd
une fenêtre noire va apparaître pendant un instant, laisse la ouverte.
Choisis l'option 1 puis patiente
Poste le rapport obtenu
S’il te demande d’uploader un fichier, tu le fais…
pour retrouver le rapport : double clique sur => C => double clique sur " rapport_clean txt.
et copie/colle le sur ta prochaine réponse .
Comment l'utiliser : http://mickael.barroux.free.fr/securite/clean.php
https://www.malekal.com/supprimer-virus-desinfecter-pc/#mozTocId711944 <-tuto
Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd
une fenêtre noire va apparaître pendant un instant, laisse la ouverte.
Choisis l'option 1 puis patiente
Poste le rapport obtenu
S’il te demande d’uploader un fichier, tu le fais…
pour retrouver le rapport : double clique sur => C => double clique sur " rapport_clean txt.
et copie/colle le sur ta prochaine réponse .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
il me semble que c celui la :
20/06/2008 a 9:58:31,50
*** Recherche des fichiers dans D:
*** Recherche des fichiers dans D:\WINDOWS\
*** Recherche des fichiers dans D:\WINDOWS\system32
"D:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans D:\Program Files
"D:\Program Files\msn messenger\riched20.dll" FOUND
20/06/2008 a 9:58:31,50
*** Recherche des fichiers dans D:
*** Recherche des fichiers dans D:\WINDOWS\
*** Recherche des fichiers dans D:\WINDOWS\system32
"D:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans D:\Program Files
"D:\Program Files\msn messenger\riched20.dll" FOUND
au fait avast a ouvert un autre message d' alerte virus nommé win32 je nme souvien pas de la suite ...
NETTOYAGE :
1) Redémarre en mode sans échec
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur [Entrée]
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
2) Cleanzip
_ Ouvre le dossier Clean qui se trouve sur ton bureau.
_ Double-clique sur clean.cmd.
Une fenêtre noire va apparaître,
choisis l'option 2.
Clean va maintenant supprimer les fichiers infectés,
3) Rapport
_ Appuis sur la touche ENTREE du clavier pour ouvrir le rapport. tu l'enregistrer si besoin.
(menu Edition / Enregistrer sous).
Sans quoi le rapport sera quand même sauvegardé dans le fichier suivant :
"rapport_clean.txt" à la racine de votre disque dur (ex : C:\rapport_clean.txt).
Comment faire :Tuto
http://mickael.barroux.free.fr/securite/clean.php
Redémarre en mode normal et poste le rapport qui se trouve ici C:\rapport_clean.txt et un nouvel HJT's stp !
1) Redémarre en mode sans échec
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur [Entrée]
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
2) Cleanzip
_ Ouvre le dossier Clean qui se trouve sur ton bureau.
_ Double-clique sur clean.cmd.
Une fenêtre noire va apparaître,
choisis l'option 2.
Clean va maintenant supprimer les fichiers infectés,
3) Rapport
_ Appuis sur la touche ENTREE du clavier pour ouvrir le rapport. tu l'enregistrer si besoin.
(menu Edition / Enregistrer sous).
Sans quoi le rapport sera quand même sauvegardé dans le fichier suivant :
"rapport_clean.txt" à la racine de votre disque dur (ex : C:\rapport_clean.txt).
Comment faire :Tuto
http://mickael.barroux.free.fr/securite/clean.php
Redémarre en mode normal et poste le rapport qui se trouve ici C:\rapport_clean.txt et un nouvel HJT's stp !
dsl benurrr je vais devoir partir, je reviens dans la soirée a partir de 20h
merci pour tout
a ce soir !
merci pour tout
a ce soir !
voila le 1er rapport
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 20/06/2008 a 18:11:42,81
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans D:
*** Suppression des fichiers dans D:\WINDOWS\
*** Suppression des fichiers dans D:\WINDOWS\system32
tentative de suppression de "D:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans D:\Program Files
tentative de suppression de "D:\Program Files\msn messenger\riched20.dll"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:15, on 20/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\ALCWZRD.EXE
D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
D:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Logitech\ImageStudio\LogiTray.exe
D:\Program Files\Real\RealPlayer\RealPlay.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
D:\Program Files\QuickTime\QTTask.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Google\Google Updater\GoogleUpdater.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Desktop Search\WindowsSearch.exe
D:\WINDOWS\system32\SearchIndexer.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\SearchProtocolHost.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMS] D:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] D:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] D:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [RealTray] D:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "D:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = D:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = D:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107033788559
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 20/06/2008 a 18:11:42,81
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans D:
*** Suppression des fichiers dans D:\WINDOWS\
*** Suppression des fichiers dans D:\WINDOWS\system32
tentative de suppression de "D:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans D:\Program Files
tentative de suppression de "D:\Program Files\msn messenger\riched20.dll"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:15, on 20/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\ALCWZRD.EXE
D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
D:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Logitech\ImageStudio\LogiTray.exe
D:\Program Files\Real\RealPlayer\RealPlay.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
D:\Program Files\QuickTime\QTTask.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Google\Google Updater\GoogleUpdater.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Desktop Search\WindowsSearch.exe
D:\WINDOWS\system32\SearchIndexer.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\SearchProtocolHost.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMS] D:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] D:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] D:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [RealTray] D:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "D:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = D:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = D:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107033788559
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - D:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
re les ligne quand voulait fixer avec hijack ne sont plus là
regarde dans ajout et supression de programme si y'a
navilog
clean
lopsd
hijackthis
si oui tu suprime et on passe un coup de toolscleaner pour enlever les outils qui nous ont servit
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
tu double clic sur l'icone et tu fait recherche et tu suprime et tu poste le raport
moi je voit rien sur le raport de hijack mais on attendra quand meme l'avis aviser de tenshi002
regarde dans ajout et supression de programme si y'a
navilog
clean
lopsd
hijackthis
si oui tu suprime et on passe un coup de toolscleaner pour enlever les outils qui nous ont servit
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
tu double clic sur l'icone et tu fait recherche et tu suprime et tu poste le raport
moi je voit rien sur le raport de hijack mais on attendra quand meme l'avis aviser de tenshi002
ok cool , voila le rapport
-->- Recherche:
D:\Lop SD: trouvé !
D:\_OtMoveIt: trouvé !
D:\Program Files\Navilog1: trouvé !
D:\Program Files\Trend Micro\HijackThis: trouvé !
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
D:\Lop SD: supprimé !
D:\_OtMoveIt: supprimé !
D:\Program Files\Navilog1: supprimé !
D:\Program Files\Trend Micro\HijackThis: supprimé !
-->- Recherche:
D:\Lop SD: trouvé !
D:\_OtMoveIt: trouvé !
D:\Program Files\Navilog1: trouvé !
D:\Program Files\Trend Micro\HijackThis: trouvé !
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
D:\Lop SD: supprimé !
D:\_OtMoveIt: supprimé !
D:\Program Files\Navilog1: supprimé !
D:\Program Files\Trend Micro\HijackThis: supprimé !
le lien pour antivir http://www.commentcamarche.net/telecharger/telecharger 55 antivir personal
et le tuto https://www.malekal.com/avira-free-security-antivirus-gratuit/
et le tuto https://www.malekal.com/avira-free-security-antivirus-gratuit/
merci bcp benurrr :)
par contre je vais te laisser, je sais pas si tu penses qu' il y a encore des manipes a faire mais si c le cas jte retrouve demain si tu peu. en tous cas c super très gentil a vs de m' avoir aidé, sa va deja bcp mieu =)
aller jte laisse paske la mes yeux sont tels ceux d' un hiboux =D
a bientooooo ...
par contre je vais te laisser, je sais pas si tu penses qu' il y a encore des manipes a faire mais si c le cas jte retrouve demain si tu peu. en tous cas c super très gentil a vs de m' avoir aidé, sa va deja bcp mieu =)
aller jte laisse paske la mes yeux sont tels ceux d' un hiboux =D
a bientooooo ...
Salut !je trouve qu' il y a de l' amélioration au niveau de mon PC mais j' ai eu un message d' alerte virus avec antivir j' ai fais un scan et voila le rapport que dois-je faire ... merci de m' aider
Avira AntiVir Personal
Report file date: samedi 21 juin 2008 12:12
Scanning for 1349608 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 20:45:11
ANTIVIR3.VDF : 7.0.4.232 250880 Bytes 20/06/2008 20:45:13
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 20/06/2008 20:45:28
AESCN.DLL : 8.1.0.22 119157 Bytes 20/06/2008 20:45:27
AERDL.DLL : 8.1.0.20 418165 Bytes 20/06/2008 20:45:27
AEPACK.DLL : 8.1.1.6 364918 Bytes 20/06/2008 20:45:25
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 20/06/2008 20:45:24
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 20/06/2008 20:45:23
AEHELP.DLL : 8.1.0.15 115063 Bytes 20/06/2008 20:45:19
AEGEN.DLL : 8.1.0.29 307573 Bytes 20/06/2008 20:45:18
AEEMU.DLL : 8.1.0.6 430451 Bytes 20/06/2008 20:45:16
AECORE.DLL : 8.1.0.31 168310 Bytes 20/06/2008 20:45:14
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 21 juin 2008 12:12
Starting search for hidden objects.
'153999' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'Ares.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'PSFree.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SSScsiSV.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'realplay.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'opwareSE2.exe' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '39' files ).
Starting the file scan:
Begin scan in 'C:\' <Swap>
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Windows XP>
D:\hiberfil.sys
[WARNING] The file could not be opened!
D:\Documents and Settings\lovelina\Application Data\32 five name\vxmiaroi.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
D:\Documents and Settings\lovelina\Application Data\32 five name\zwotgdqs.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
D:\Documents and Settings\lovelina\Local Settings\Temp\bis36.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '48cfda7d.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\sta1FD.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.MW
[NOTE] The file was moved to '48bdda96.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\staE.exe
[DETECTION] Is the Trojan horse TR/Obfus.6.Gen.60
[NOTE] The file was moved to '48bdda9a.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\~nsu.tmp\Au_.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.AO.7
[NOTE] The file was moved to '48bbdb2b.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temporary Internet Files\Content.IE5\CMWYHFJB\Navilog1[1].exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48d2dc0f.qua'!
D:\Program Files\MSN Messenger\hbtools.exe
[DETECTION] Contains detection pattern of the dropper DR/Hotbar.BQ.2
[NOTE] The file was moved to '48d0e524.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP294\A0195739.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488de61e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP295\A0195779.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488de620.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP303\A0198264.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488de652.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP310\A0201015.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee66b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215456.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee703.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215457.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215458.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee704.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215459.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215460.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee705.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215462.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215463.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee707.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215464.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee706.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215466.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215467.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee708.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215468.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215469.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee709.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215470.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5aa.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215471.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215472.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215473.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215474.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ab.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215476.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ac.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215477.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215478.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215479.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ad.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215480.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215481.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5af.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215482.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ae.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215483.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215484.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215485.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee710.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215487.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215488.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee712.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215489.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee711.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215490.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215491.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee713.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215492.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215493.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215495.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee714.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215496.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee715.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215497.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215498.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee717.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215499.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215500.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee716.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215501.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215502.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215503.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee719.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215504.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ba.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215505.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee718.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215506.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215508.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215509.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215510.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bc.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215511.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215512.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215513.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215515.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5be.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215516.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215517.exe
[DETECTION] Is the Trojan horse TR/Dldr.Injecter.AT
[NOTE] The file was moved to '49f0f580.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215518.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee721.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215519.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215520.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215522.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f582.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215523.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee723.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215524.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f584.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215526.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee725.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215527.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bf.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215529.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee760.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215531.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215532.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f586.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215533.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee727.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215534.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee762.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215539.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215540.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee764.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215541.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f588.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215542.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee729.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215543.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215544.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee766.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215545.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215546.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215547.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee72b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215548.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215549.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee768.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215550.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215551.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215552.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee72d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215554.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215555.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee72f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215556.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee720.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215557.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f581.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215559.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee722.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215560.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.AO.7
[NOTE] The file was moved to '49f0f583.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215593.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee726.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215617.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f590.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215624.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee731.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215697.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[NOTE] The file was moved to '49f0f592.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215808.scr
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '488ee735.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215810.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '49f0f596.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0216997.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217001.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217002.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217004.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217006.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217010.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217012.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee700.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217013.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217014.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217016.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217017.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee740.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217019.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217023.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee741.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217025.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217026.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee743.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217027.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee742.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217031.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217032.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee745.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217034.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217035.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee744.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217040.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217041.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee747.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217042.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217044.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee746.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217045.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217046.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee748.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217048.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee749.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217050.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ea.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217054.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217055.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217056.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5eb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217057.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217058.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ec.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217059.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217060.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217063.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ed.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217064.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217065.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f5ee.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217067.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ef.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217069.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee750.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217070.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217071.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217074.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217078.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee752.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217081.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee751.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217082.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217085.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217087.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee754.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217094.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217096.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee756.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217097.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217099.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee753.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217102.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217104.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee758.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217106.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f5f9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217113.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee755.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217116.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217117.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217119.exe
[DETECTION] Is the Trojan horse TR/Dldr.Injecter.AT
[NOTE] The file was moved to '488ee757.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217120.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217121.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217122.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217125.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ff.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217127.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee759.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217131.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee4a0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217134.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217135.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fc.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217139.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217141.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f601.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217144.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fe.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217145.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217148.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217154.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee4a2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217157.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee761.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217158.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217159.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217160.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217163.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217166.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee763.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217169.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217170.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cf.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217175.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217177.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee770.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217178.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5d1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217180.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee772.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217183.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '49f0f5d3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217186.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee774.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217192.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee767.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217193.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217194.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee769.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217198.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ca.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217388.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was moved to '49f0f5d5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217389.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee776.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217390.exe
[DETECTION] Contains detection pattern of the dropper DR/Hotbar.BQ.2
[NOTE] The file was moved to '488ee771.qua'!
D:\WINDOWS\system32\bxviwx.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d2e8e4.qua'!
D:\WINDOWS\system32\canwnkfipl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48cae8cd.qua'!
D:\WINDOWS\system32\jkflgrjd.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c2e8ea.qua'!
D:\WINDOWS\system32\ldrgwf.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48cee8e5.qua'!
D:\WINDOWS\system32\lhxsnhz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48d4e8ea.qua'!
D:\WINDOWS\system32\olfmdiu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c2e8fd.qua'!
D:\WINDOWS\system32\oqydjn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48d5e902.qua'!
D:\WINDOWS\system32\udxlrcxyu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d4e902.qua'!
D:\WINDOWS\system32\vxmjfsdip.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c9e91a.qua'!
D:\WINDOWS\system32\wqztqhd.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d6e919.qua'!
Begin scan in 'E:\' <Données 1>
E:\Lovelina\Ma musique\Navilog1.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48d2ea03.qua'!
Begin scan in 'F:\' <Données 2>
Begin scan in 'G:\' <Ghost>
End of the scan: samedi 21 juin 2008 13:50
Used time: 1:38:57 min
The scan has been done completely.
11457 Scanning directories
287997 Files were scanned
211 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
209 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
287786 Files not concerned
2669 Archives were scanned
2 Warnings
211 Notes
153999 Objects were scanned with rootkit scan
0 Hidden objects were found
Avira AntiVir Personal
Report file date: samedi 21 juin 2008 12:12
Scanning for 1349608 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 20:45:11
ANTIVIR3.VDF : 7.0.4.232 250880 Bytes 20/06/2008 20:45:13
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 20/06/2008 20:45:28
AESCN.DLL : 8.1.0.22 119157 Bytes 20/06/2008 20:45:27
AERDL.DLL : 8.1.0.20 418165 Bytes 20/06/2008 20:45:27
AEPACK.DLL : 8.1.1.6 364918 Bytes 20/06/2008 20:45:25
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 20/06/2008 20:45:24
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 20/06/2008 20:45:23
AEHELP.DLL : 8.1.0.15 115063 Bytes 20/06/2008 20:45:19
AEGEN.DLL : 8.1.0.29 307573 Bytes 20/06/2008 20:45:18
AEEMU.DLL : 8.1.0.6 430451 Bytes 20/06/2008 20:45:16
AECORE.DLL : 8.1.0.31 168310 Bytes 20/06/2008 20:45:14
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 21 juin 2008 12:12
Starting search for hidden objects.
'153999' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'Ares.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'PSFree.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SSScsiSV.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'realplay.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'opwareSE2.exe' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '39' files ).
Starting the file scan:
Begin scan in 'C:\' <Swap>
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Windows XP>
D:\hiberfil.sys
[WARNING] The file could not be opened!
D:\Documents and Settings\lovelina\Application Data\32 five name\vxmiaroi.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was deleted!
D:\Documents and Settings\lovelina\Application Data\32 five name\zwotgdqs.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
D:\Documents and Settings\lovelina\Local Settings\Temp\bis36.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '48cfda7d.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\sta1FD.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.MW
[NOTE] The file was moved to '48bdda96.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\staE.exe
[DETECTION] Is the Trojan horse TR/Obfus.6.Gen.60
[NOTE] The file was moved to '48bdda9a.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temp\~nsu.tmp\Au_.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.AO.7
[NOTE] The file was moved to '48bbdb2b.qua'!
D:\Documents and Settings\lovelina\Local Settings\Temporary Internet Files\Content.IE5\CMWYHFJB\Navilog1[1].exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48d2dc0f.qua'!
D:\Program Files\MSN Messenger\hbtools.exe
[DETECTION] Contains detection pattern of the dropper DR/Hotbar.BQ.2
[NOTE] The file was moved to '48d0e524.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP294\A0195739.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488de61e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP295\A0195779.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488de620.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP303\A0198264.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488de652.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP310\A0201015.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee66b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215456.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee703.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215457.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215458.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee704.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215459.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215460.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee705.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215462.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215463.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee707.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215464.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee706.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215466.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215467.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee708.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215468.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215469.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee709.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215470.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5aa.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215471.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215472.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215473.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215474.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ab.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215476.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ac.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215477.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215478.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215479.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ad.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215480.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215481.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5af.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215482.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ae.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215483.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee70f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215484.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215485.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee710.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215487.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215488.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee712.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215489.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee711.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215490.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215491.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee713.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215492.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215493.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215495.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee714.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215496.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee715.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215497.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215498.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee717.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215499.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215500.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee716.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215501.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215502.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215503.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee719.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215504.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ba.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215505.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee718.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215506.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5b9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215508.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215509.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215510.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bc.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215511.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215512.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215513.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215515.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5be.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215516.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215517.exe
[DETECTION] Is the Trojan horse TR/Dldr.Injecter.AT
[NOTE] The file was moved to '49f0f580.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215518.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee721.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215519.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215520.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee71e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215522.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f582.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215523.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee723.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215524.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f584.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215526.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee725.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215527.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5bf.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215529.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee760.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215531.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215532.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f586.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215533.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee727.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215534.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee762.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215539.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215540.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee764.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215541.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f588.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215542.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee729.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215543.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215544.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee766.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215545.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215546.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215547.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee72b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215548.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215549.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee768.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215550.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215551.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215552.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee72d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215554.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f58e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215555.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee72f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215556.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee720.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215557.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f581.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215559.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee722.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215560.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.AO.7
[NOTE] The file was moved to '49f0f583.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215593.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee726.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215617.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f590.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215624.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee731.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215697.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
[NOTE] The file was moved to '49f0f592.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215808.scr
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '488ee735.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP347\A0215810.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '49f0f596.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0216997.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217001.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217002.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217004.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217006.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217010.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f59f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217012.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee700.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217013.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5a1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217014.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee73f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217016.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217017.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee740.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217019.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217023.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee741.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217025.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217026.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee743.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217027.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee742.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217031.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217032.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee745.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217034.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e6.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217035.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee744.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217040.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217041.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee747.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217042.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217044.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee746.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217045.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217046.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee748.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217048.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee749.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217050.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ea.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217054.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5e9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217055.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217056.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5eb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217057.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217058.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ec.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217059.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217060.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217063.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ed.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217064.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217065.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f5ee.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217067.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ef.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217069.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee750.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217070.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217071.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee74f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217074.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217078.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee752.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217081.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee751.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217082.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217085.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217087.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee754.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217094.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217096.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee756.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217097.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f7.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217099.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee753.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217102.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5f4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217104.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee758.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217106.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '49f0f5f9.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217113.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was moved to '488ee755.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217116.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75a.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217117.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217119.exe
[DETECTION] Is the Trojan horse TR/Dldr.Injecter.AT
[NOTE] The file was moved to '488ee757.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217120.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217121.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217122.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217125.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ff.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217127.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee759.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217131.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee4a0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217134.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75b.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217135.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fc.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217139.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75d.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217141.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f601.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217144.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5fe.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217145.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee75f.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217148.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c0.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217154.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee4a2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217157.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee761.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217158.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c2.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217159.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cb.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217160.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76c.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217163.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cd.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217166.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee763.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217169.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee76e.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217170.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5cf.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217175.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c4.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217177.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee770.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217178.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5d1.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217180.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee772.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217183.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '49f0f5d3.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217186.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee774.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217192.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee767.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217193.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5c8.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217194.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '488ee769.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP348\A0217198.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '49f0f5ca.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217388.exe
[DETECTION] Is the Trojan horse TR/Obfusgen.A.5356
[NOTE] The file was moved to '49f0f5d5.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217389.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '488ee776.qua'!
D:\System Volume Information\_restore{0A7C2B29-5C87-4E5F-904F-988C7A3A04D0}\RP350\A0217390.exe
[DETECTION] Contains detection pattern of the dropper DR/Hotbar.BQ.2
[NOTE] The file was moved to '488ee771.qua'!
D:\WINDOWS\system32\bxviwx.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d2e8e4.qua'!
D:\WINDOWS\system32\canwnkfipl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48cae8cd.qua'!
D:\WINDOWS\system32\jkflgrjd.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c2e8ea.qua'!
D:\WINDOWS\system32\ldrgwf.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48cee8e5.qua'!
D:\WINDOWS\system32\lhxsnhz.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48d4e8ea.qua'!
D:\WINDOWS\system32\olfmdiu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c2e8fd.qua'!
D:\WINDOWS\system32\oqydjn.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '48d5e902.qua'!
D:\WINDOWS\system32\udxlrcxyu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d4e902.qua'!
D:\WINDOWS\system32\vxmjfsdip.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c9e91a.qua'!
D:\WINDOWS\system32\wqztqhd.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48d6e919.qua'!
Begin scan in 'E:\' <Données 1>
E:\Lovelina\Ma musique\Navilog1.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.99
[NOTE] The file was moved to '48d2ea03.qua'!
Begin scan in 'F:\' <Données 2>
Begin scan in 'G:\' <Ghost>
End of the scan: samedi 21 juin 2008 13:50
Used time: 1:38:57 min
The scan has been done completely.
11457 Scanning directories
287997 Files were scanned
211 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
209 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
287786 Files not concerned
2669 Archives were scanned
2 Warnings
211 Notes
153999 Objects were scanned with rootkit scan
0 Hidden objects were found
oui le problème vient de ta restauration ;)
fais ceci :
Désactiver puis réactiver le systeme restauration.
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
Suit bien tout à la lettre, ensuite refait un scan avec antivir ;)
fais ceci :
Désactiver puis réactiver le systeme restauration.
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
Suit bien tout à la lettre, ensuite refait un scan avec antivir ;)
Ok merci je fais sa. Faut dire que jme ss posé qq qestion quand g vu 210 virus XD
est ce que jte poste le rapport après le scan ?
est ce que jte poste le rapport après le scan ?
