Sujet Précédent Sujet Suivant

Firefox et IE ne m'affiche pas certains sites

Fermé
hugo17230 - 22 juil. 2008 à 12:59
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008 - 26 juil. 2008 à 22:21
Bonjour,

Je viens d'installer Firefox 3.0.1, j'ai aussi redémarrer mon système, quand je veux utiliser Firefox, je double clique sur l'icone, je tape dans la barre d'adresse : http://fr.msn.com, il me dit : Chargement... 30 min plus tard toujours pareil !! C'est pareil pour http://fr.yahoo.com, et pour Google quand je clique sur rechercher. C'est exactement pareil pour Internet Explorer. J'ai essayé de le réinstaller, cela ne marche pas non plus. Là je suis sur l'ordi d'un ami. Par contre les navigateurs m'affichent commentcamarche et d'autres sites. Merci de vos réponses ! Hugo
A voir également:

24 réponses

  • 1
  • 2
Réponse 1 / 24
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
22 juil. 2008 à 13:14
Clique sur ce lien
http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
pour HijackThis.

Enregistre HJTInstall.exe sur C:\hijackthis (tu crées un dossier hijackthis)

Une fois enregistré, le renommer en HJT.exe pour contrer une éventuelle infection de vundo

Ouvre HJT.exe et fais une analyse, en cliquant sur "do a system scan & save a log file"; poste le contenu ici.

A plucheu
1
Réponse 2 / 24
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
22 juil. 2008 à 13:03
Salut,

Infection virtumonde/vundo probable. Poste un log hijackthis pour confirmer.

++
0
Réponse 3 / 24
hugo17230
22 juil. 2008 à 13:07
C'est quoi ? Qu'est qui faut faire
0
Réponse 4 / 24
hugo17230
22 juil. 2008 à 19:53
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:47, on 22/07/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinAntiVirus Pro 2006\winav.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Avant Browser\avant.exe
C:\hijackthis\HJT.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emoticones-messenger.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll
O2 - BHO: {93bb3c8e-17ec-16fb-8ce4-6190ce0ed224} - {422de0ec-0916-4ec8-bf61-ce71e8c3bb39} - C:\WINDOWS\System32\hswpsk.dll
O2 - BHO: (no name) - {6BD219F1-109B-45BC-BC0B-80AAA5D364EF} - C:\Documents and Settings\Lucie.L0N6L2\Local Settings\Temporary Internet Files\Content.IE5\8FW3GK4Q\3077ahntdksr[1].dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8E67F654-4ED2-4BF7-9B09-38CEB7711516} - C:\WINDOWS\System32\dpsrmiij.dll
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\iefwbho.dll
O2 - BHO: (no name) - {D5FD78F2-469C-40D0-9DFA-805070509189} - C:\WINDOWS\System32\mljihfgd.dll
O2 - BHO: (no name) - {E8957F36-147C-4E44-83DD-F9BF3E183535} - C:\WINDOWS\System32\dpsrmiij.dll
O2 - BHO: (no name) - {FF3794FB-0074-40C2-9719-DAFF7AA76128} - C:\WINDOWS\System32\rqrsssqo.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [wa6pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe" -c
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [BMe3b1b3c0] Rundll32.exe "C:\WINDOWS\System32\evtdygxf.dll",s
O4 - HKLM\..\Run: [e082805c] rundll32.exe "C:\WINDOWS\System32\pkameaun.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cda175a57f18f9e9.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AC38F4C-74B8-4D51-BAD8-69E75AC29FD4}: NameServer = 212.216.212.112,212.216.172.62
O20 - AppInit_DLLs: bfbvhafq.dll vpfeelog.dll
O20 - Winlogon Notify: mljihfgd - C:\WINDOWS\SYSTEM32\mljihfgd.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
23 juil. 2008 à 08:44
Re,

Oh, il y a du boulot là, la machine est très infectée. Vundo présent (entre autres), cf. la ligne O2 - BHO: (no name) - {D5FD78F2-469C-40D0-9DFA-805070509189} - C:\WINDOWS\System32\mljihfgd.dll.

Je ne vois pas un antivirus présent (Win Antivirus Pro n'en est pas un !!)

Fais ceci:
1. Installe un antivirus. Voir ici pour les instructions: https://www.malekal.com/avira-free-security-antivirus-gratuit/
2.Télécharge MBAM ici: https://www.besttechie.com/resources/malwarebytes/
Installe-le, fais le scan et supprime tout ce qu'il te trouve. Tu trouveras un tuto complet ici: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ ==> suis les étapes.

3. Poste ici:
- le rapport Antivir
- le rapport de scan MBAM
- un nouveau rapport HijackThis

++
0
Réponse 6 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
23 juil. 2008 à 12:20
t'es sur que win antivirus pro n'est pas un antivirus ?
0
Réponse 7 / 24
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
23 juil. 2008 à 12:25
oui, à 200%...
regarde par ici: http://www.secuser.com/alertes/2007/winantiviruspro.htm
++
0
Réponse 8 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
23 juil. 2008 à 12:27
alors qu'est qu'il faut comme antivirus ?
0
Réponse 9 / 24
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
23 juil. 2008 à 12:30
Tu as le choix entre plusieurs antivirus dont Antivir (qui est bon et gratuit; pour l'install voir mon post no. 5). Perso, j'utilise nod32 (et je le considère, pour des diverses raisons, le meilleur antivirus), mais il est payant. Mais comme c'est mon boss qui le paye, je ne ferai point la fine bouche... :))
0
Réponse 10 / 24
hugo17230
24 juil. 2008 à 10:49
Je suis en train de faire une analyse avec MBAM et Antivir !! Pour l'instant 362 dectections trouvées !!
0
Réponse 11 / 24
hugo17230
24 juil. 2008 à 19:08
rapoort antivir :



Avira AntiVir Personal
Report file date: jeudi 24 juillet 2008 10:52

Scanning for 1492333 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Save mode with network
Username: Hugo
Computer name: L0N6L2

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 10:53:14
ANTIVIR2.VDF : 7.0.5.144 1690624 Bytes 21/07/2008 10:53:19
ANTIVIR3.VDF : 7.0.5.157 111104 Bytes 23/07/2008 10:53:19
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 23/07/2008 10:53:28
AESCN.DLL : 8.1.0.23 119156 Bytes 23/07/2008 10:53:27
AERDL.DLL : 8.1.0.20 418165 Bytes 23/07/2008 10:53:26
AEPACK.DLL : 8.1.2.1 364917 Bytes 23/07/2008 10:53:25
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 23/07/2008 10:53:24
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 23/07/2008 10:53:24
AEHELP.DLL : 8.1.0.15 115063 Bytes 23/07/2008 10:53:22
AEGEN.DLL : 8.1.0.29 307573 Bytes 23/07/2008 10:53:22
AEEMU.DLL : 8.1.0.6 430451 Bytes 23/07/2008 10:53:21
AECORE.DLL : 8.1.1.6 172405 Bytes 23/07/2008 10:53:20
AEBB.DLL : 8.1.0.1 53617 Bytes 23/07/2008 10:53:20
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 24 juillet 2008 10:52

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'mbam.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'avant.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
16 processes with 16 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
C:\WINDOWS\SYSTEM32\mljihfgd.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] The file could not be deleted!

The registry was scanned ( '29' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Hugo\Mes documents\Installations\LimeWire\LimeWire.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162057.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162058.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162059.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162061.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162062.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162063.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162066.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162067.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162068.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162069.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162071.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162072.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162073.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162074.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162075.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162076.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162077.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162078.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162079.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162080.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162081.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162082.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162083.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162084.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162085.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162086.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162087.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162088.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162089.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162090.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162091.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162092.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162093.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162094.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162095.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162096.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162097.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162098.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162099.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162100.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162101.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162102.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162103.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162104.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162105.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162106.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162107.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162108.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162109.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162110.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162111.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162112.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162113.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162114.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162115.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162116.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162117.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162118.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162119.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162120.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162121.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162122.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162123.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162124.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162125.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162127.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162128.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162129.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162130.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162131.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162132.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162133.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162134.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162135.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162136.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162137.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162138.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162139.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162140.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162141.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162142.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162143.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162144.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162145.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162146.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162147.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162148.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162149.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162150.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162151.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162152.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162153.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162154.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162155.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162156.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162157.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162158.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162159.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162160.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162161.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162162.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162163.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162164.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162165.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162166.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162167.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162169.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162170.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162171.com
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162172.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162173.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162174.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162176.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162177.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162178.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162179.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162180.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162181.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162182.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162183.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162184.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162185.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162186.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162187.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162188.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162189.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162190.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162191.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162192.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162193.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162194.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162196.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162197.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162198.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162199.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162200.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162201.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162202.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162204.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162205.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162206.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162209.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162210.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162211.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162212.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162213.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162219.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162232.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162234.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162235.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162236.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162237.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162238.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162244.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162257.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162258.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162259.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162260.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162261.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162262.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162263.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162264.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162265.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162266.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162267.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162268.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162269.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162270.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162271.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162272.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162273.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162274.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162275.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162276.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162277.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162278.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162279.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162280.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162281.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162282.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162283.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162284.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162286.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162288.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162289.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162290.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162291.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162292.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162293.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162294.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162295.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162296.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162299.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162302.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162303.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162306.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162309.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162311.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162313.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162318.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162320.exe
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP148\A0162321.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234428.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234429.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234430.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234431.dll
[DETECTION] Is the Trojan horse TR/Mondera.111616.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234432.dll
[DETECTION] Is the Trojan horse TR/Monder.81408
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234433.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234434.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234435.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234436.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234437.dll
[DETECTION] Is the Trojan horse TR/Monder.104448.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234438.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234439.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234440.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234441.dll
[DETECTION] Is the Trojan horse TR/Mondera.106496.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234442.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234443.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234444.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234445.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234446.dll
[DETECTION] Is the Trojan horse TR/Mondera.113664
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234447.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234448.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234449.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234450.dll
[DETECTION] Is the Trojan horse TR/Vundo.enl.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234451.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234452.dll
[DETECTION] Is the Trojan horse TR/Monder.92672.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234453.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234454.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234455.dll
[DETECTION] Is the Trojan horse TR/Mondera.108544.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234456.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234457.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234458.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234459.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234460.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234461.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234462.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234463.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234464.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234465.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234466.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234467.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234468.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234469.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234470.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234471.dll
[DETECTION] Is the Trojan horse TR/Vundo.enl.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234472.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234473.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234474.dll
[DETECTION] Is the Trojan horse TR/Monder.101888.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234475.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234476.dll
[DETECTION] Is the Trojan horse TR/Mondera.106496.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234477.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234478.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234479.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234480.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234481.dll
[DETECTION] Is the Trojan horse TR/Vundo.ENL
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234482.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234483.dll
[DETECTION] Is the Trojan horse TR/Mondera.113664.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234484.dll
[DETECTION] Is the Trojan horse TR/Mondera.105472.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234485.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234486.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234487.dll
[DETECTION] Is the Trojan horse TR/Vundo.EUG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234488.dll
[DETECTION] Is the Trojan horse TR/Mondera.111616.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234489.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234490.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234491.dll
[DETECTION] Is the Trojan horse TR/Monder.92160.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234492.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234493.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234494.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234495.dll
[DETECTION] Is the Trojan horse TR/Monder.92672
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234496.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234497.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234498.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234499.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234500.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234501.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234502.dll
[DETECTION] Is the Trojan horse TR/Mondera.102400
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234503.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234504.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234505.dll
[DETECTION] Is the Trojan horse TR/Vundo.EWU
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234506.dll
[DETECTION] Is the Trojan horse TR/Mondera.104448.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234507.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234508.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234509.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234510.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234511.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234512.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234513.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234514.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234515.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234516.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234517.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234518.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234519.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234520.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234521.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234522.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234523.dll
[DETECTION] Is the Trojan horse TR/Mondera.108544
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234524.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234525.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234526.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234527.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234528.dll
[DETECTION] Is the Trojan horse TR/Mondera.106496
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234529.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234530.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234531.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234532.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234533.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234534.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234535.dll
[DETECTION] Is the Trojan horse TR/Mondera.108544.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234536.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234537.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234538.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234539.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234540.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234541.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234542.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234543.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234544.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234545.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234546.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234547.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234548.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234549.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234550.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234551.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234552.dll
[DETECTION] Is the Trojan horse TR/Vundo.eug.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234553.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234554.dll
[DETECTION] Is the Trojan horse TR/Vundo.enl.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234555.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234556.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234557.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234558.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234559.dll
[DETECTION] Is the Trojan horse TR/Monder.101888.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234560.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0AE0DB3C-2FAB-45D3-856E-896934180923}\RP184\A0234561.exe
[DETECTION] Is the Trojan horse TR/Lowzones.SG
[NOTE] The file was deleted!
0
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
24 juil. 2008 à 19:10
Ben OK, Il y a plein de Vundo deleted et autres...

Fais également le ménage avec MBAM, efface la quarantaine et reposte un HijackThis pour voir le résultat.

++
0
Réponse 12 / 24
hugo17230
24 juil. 2008 à 19:28
Quand j'ai fais l'analyse avec Antivir, il ne m'a pas dit s'il fallait supprimer ou mettre en quarantaine les virus qu'il avait trouvé ? Comment faire ? Je suis en train de faire une analyse avec MBAM
0
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
24 juil. 2008 à 19:30
C'est bon, tu as plein de 
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was deleted!
, donc les fichies ont été détruits.
0
Réponse 13 / 24
hugo17230
24 juil. 2008 à 21:51
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:51:09, on 24/07/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinAntiVirus Pro 2006\winav.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HJT.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emoticones-messenger.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll
O2 - BHO: (no name) - {6BD219F1-109B-45BC-BC0B-80AAA5D364EF} - C:\Documents and Settings\Lucie.L0N6L2\Local Settings\Temporary Internet Files\Content.IE5\8FW3GK4Q\3077ahntdksr[1].dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7D6CB9D0-EBAF-43D0-89EE-849C6F0B03C9} - C:\WINDOWS\System32\rqrsssqo.dll
O2 - BHO: (no name) - {8E67F654-4ED2-4BF7-9B09-38CEB7711516} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\iefwbho.dll
O2 - BHO: {39dc8ba2-0374-b669-4584-7b19822e7c4d} - {d4c7e228-91b7-4854-966b-47302ab8cd93} - C:\WINDOWS\System32\zhoqdi.dll (file missing)
O2 - BHO: (no name) - {D5FD78F2-469C-40D0-9DFA-805070509189} - C:\WINDOWS\System32\mljihfgd.dll
O2 - BHO: (no name) - {E8957F36-147C-4E44-83DD-F9BF3E183535} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [wa6pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe" -c
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [e082805c] rundll32.exe "C:\WINDOWS\System32\pkameaun.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BMe3b1b3c0] Rundll32.exe "C:\WINDOWS\System32\evtdygxf.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cda175a57f18f9e9.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AC38F4C-74B8-4D51-BAD8-69E75AC29FD4}: NameServer = 212.216.212.112,212.216.172.62
O20 - AppInit_DLLs: bfbvhafq.dll vpfeelog.dll
O20 - Winlogon Notify: mljihfgd - C:\WINDOWS\SYSTEM32\mljihfgd.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
0
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
24 juil. 2008 à 23:37
Hugo, je suis navré, mais tu as encore plein d'infections - est-ce que tu as mis en quarantaine ce que MBAM avait trouvé ou pas?

++
0
Réponse 14 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
25 juil. 2008 à 20:07
Il y avait rien dans la quarantaine
0
Réponse 15 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
25 juil. 2008 à 20:53
J'ai effacer la quarantaine de Win Anti-Virus Pro 2006 :



Details des espiogiciels
HUGO@CA4LELXA.TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA81GXWJ.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA567PHQ.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA0T0JKN.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAH88NLL.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAMJCX8T.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAGHERGH.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA0729M5.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAW7XBE6.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAGFIX0B.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAMVKV9I.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[19].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA09IJ4H.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[25].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CALC3EZN.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA2LF9CO.TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[15].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[25].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[25].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[24].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[15].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[19].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[19].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAXWJ6JH.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAU78NUJ.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAJRVLWC.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAGJI9K5.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA8CP4Y6.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CATKCF59.TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAUZ0RZG.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CABIHC15.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAF1LBQE.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[27].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAUV4HIJ.TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[16].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[16].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAG5EBMN.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[16].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[16].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[16].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CASX2JWH.TXT - Infecte par AdTech.de - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[26].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CANQMH73.TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CASHAJSL.TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAEZS5UN.TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[27].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADS.POINTROLL[2].TXT - Infecte par ads.pointroll - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADS.POINTROLL[3].TXT - Infecte par ads.pointroll - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADS.POINTROLL[2].TXT - Infecte par ads.pointroll - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@XITI[14].TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAOHI5JC.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAY34D6L.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAXJ3TWW.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[28].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[13].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[28].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BS.SERVING-SYS[17].TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@XITI[14].TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAQ81YB1.TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[15].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA2B8TYJ.TXT - Infecte par Apmebf.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CA0TE3C5.TXT - Infecte par Apmebf.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[20].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[15].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@WEBORAMA[14].TXT - Infecte par Weborama.fr - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAH02THR.TXT - Infecte par Com.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAEB8DEB.TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAKVBBAW.TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAUNGX2F.TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAQ249Y6.TXT - Infecte par AdMonitor - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[29].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@BLUESTREAK[21].TXT - Infecte par bluestreak.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@XITI[15].TXT - Infecte par xiti - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@CAG9259U.TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[28].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@ADVERTISING[28].TXT - Infecte par Advertising.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
HUGO@SERVING-SYS[20].TXT - Infecte par Serving-sys.com - Il a été supprimé avec succès
Chemin complet : C:\DOCUMENTS AND SETTINGS\HUGO\COOKIES\
0
Réponse 16 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
25 juil. 2008 à 20:57
Ah voilà !! J'ai refais une analyse de MBAM et j'ai compris comment supprimer la quarantaine !! Je suis en train de faire une analyse hijackthis, je te donnerai des nouvelles...
0
Réponse 17 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
25 juil. 2008 à 21:10
Et là ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:41, on 25/07/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Hugo.L0N6L2\Bureau\SpeedyVideoCapture.exe
C:\WINDOWS\System32\taskmgr.exe
C:\hijackthis\HJT.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emoticones-messenger.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: (no name) - {6BD219F1-109B-45BC-BC0B-80AAA5D364EF} - C:\Documents and Settings\Lucie.L0N6L2\Local Settings\Temporary Internet Files\Content.IE5\8FW3GK4Q\3077ahntdksr[1].dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8E67F654-4ED2-4BF7-9B09-38CEB7711516} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O2 - BHO: (no name) - {E8957F36-147C-4E44-83DD-F9BF3E183535} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BMe3b1b3c0] Rundll32.exe "C:\WINDOWS\System32\evtdygxf.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cda175a57f18f9e9.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AC38F4C-74B8-4D51-BAD8-69E75AC29FD4}: NameServer = 212.216.212.112,212.216.172.62
O20 - AppInit_DLLs: bfbvhafq.dll vpfeelog.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe (file missing)
0
Réponse 18 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
26 juil. 2008 à 13:33
J'ai vidé la quarantaine de MBAM...
0
Réponse 19 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
26 juil. 2008 à 13:41
Voilà l'analyse que Hijack This a fait :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:01, on 26/07/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HJT.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emoticones-messenger.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: (no name) - {6BD219F1-109B-45BC-BC0B-80AAA5D364EF} - C:\Documents and Settings\Lucie.L0N6L2\Local Settings\Temporary Internet Files\Content.IE5\8FW3GK4Q\3077ahntdksr[1].dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8E67F654-4ED2-4BF7-9B09-38CEB7711516} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O2 - BHO: (no name) - {E8957F36-147C-4E44-83DD-F9BF3E183535} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BMe3b1b3c0] Rundll32.exe "C:\WINDOWS\System32\evtdygxf.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-cda175a57f18f9e9.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AC38F4C-74B8-4D51-BAD8-69E75AC29FD4}: NameServer = 212.216.212.112,212.216.172.62
O20 - AppInit_DLLs: bfbvhafq.dll vpfeelog.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe (file missing)
0
sandul Messages postés 3927 Date d'inscription jeudi 22 mai 2008 Statut Membre Dernière intervention 8 octobre 2010 723
26 juil. 2008 à 14:17
Coche dans HijackThis les lignes suivantes:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Crux P2P\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: (no name) - {6BD219F1-109B-45BC-BC0B-80AAA5D364EF} - C:\Documents and Settings\Lucie.L0N6L2\Local Settings\Temporary Internet Files\Content.IE5\8FW3GK4Q\3077ahntdksr[1].dll (file missing)
O2 - BHO: (no name) - {8E67F654-4ED2-4BF7-9B09-38CEB7711516} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O2 - BHO: (no name) - {E8957F36-147C-4E44-83DD-F9BF3E183535} - C:\WINDOWS\System32\dpsrmiij.dll (file missing)
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [BMe3b1b3c0] Rundll32.exe "C:\WINDOWS\System32\evtdygxf.dll",s
O20 - AppInit_DLLs: bfbvhafq.dll vpfeelog.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe (file missing)

Par la suite, clique sur Fix Checked et redémarre. Note bien les éventuels messages d'erreur au démarrage.
Refais un HijackThis et colle un rapport ici.

A plus
0
Réponse 20 / 24
Ugho Messages postés 22 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 16 août 2008
26 juil. 2008 à 14:27
J'ai pas compris...
0

Discussions similaires

Facture de google 380€ !
Misternet -
okapi -

61 réponses
Arnaque frauduleuse Ireland ltd
Mymy -
mel -

4 réponses