probleme afichage
Dernière réponse : dans Sécurité
bonjour a toutes et a tous
je demande votre aide aujourdhui car je me suis retrouver avec spy sheriff je les desinstaler grace a aout/suppression de programme mais depuis ce jour je ne peut plus mettre de wallpapers et mon pc ram d'un coup réguliérement .
si vous avez la moindre info laisser moi la svp
merci d'avance
je demande votre aide aujourdhui car je me suis retrouver avec spy sheriff je les desinstaler grace a aout/suppression de programme mais depuis ce jour je ne peut plus mettre de wallpapers et mon pc ram d'un coup réguliérement .
si vous avez la moindre info laisser moi la svp
merci d'avance
Autres pages sur : probleme afichage
Lassé par la pub ? Créez un compte
Salut,
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Télécharge, installe et mets à jour ewido
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
- Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
3/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
4/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix et celui d'Ewido
5/ Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Télécharge, installe et mets à jour ewido
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
- Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
3/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
4/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix et celui d'Ewido
5/ Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
voila deja mon rapport smitfraudfix
C:\WINDOWS\tool3.exe PRESENT !
C:\WINDOWS\toolbar.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\jeremy\Application Data
C:\Documents and Settings\jeremy\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"=""
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\GTA\\fe44.jpg"
"SubscribedURL"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\GTA\\fe44.jpg"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\autre\\Zed_Jeux-Video_00009.jpg"
"SubscribedURL"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\autre\\Zed_Jeux-Video_00009.jpg"
"FriendlyName"=""
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
C:\WINDOWS\tool3.exe PRESENT !
C:\WINDOWS\toolbar.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\jeremy\Application Data
C:\Documents and Settings\jeremy\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"=""
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\GTA\\fe44.jpg"
"SubscribedURL"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\GTA\\fe44.jpg"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\autre\\Zed_Jeux-Video_00009.jpg"
"SubscribedURL"="C:\\Documents and Settings\\jeremy\\Mes documents\\Mes images\\autre\\Zed_Jeux-Video_00009.jpg"
"FriendlyName"=""
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
rebonjour voila le deuxieme rapport smitfraudfix
SmitFraudFix v2.26
Rapport fait à 14:34:08,23 le dim. 02/04/2006
Executé à partir de C:\Documents and Settings\jeremy\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
et celui de ewido
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 16:23:11, 2/04/2006
+ Somme de contrôle: B8A1A843
+ Résultats du scan:
[612] C:\WINDOWS\system32\pbtorec.dll -> Adware.Look2Me : Erreur durant le nettoyage
[1368] C:\WINDOWS\system32\pbtorec.dll -> Adware.Look2Me : Erreur durant le nettoyage
:mozilla.6:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.7:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.8:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.9:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.10:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.12:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.13:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.17:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.18:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.19:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.20:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.21:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.23:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.25:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.26:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.28:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.29:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.32:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.38:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.42:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.44:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.50:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.52:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
:mozilla.58:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.59:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.61:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.63:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.64:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.65:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.66:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.81:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.82:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.83:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.84:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.85:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.86:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.88:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.93:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.95:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.96:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder
:mozilla.97:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\Content.IE5\GHIJKHMN\xckjutbay[1].txt -> Proxy.Small.bo : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\Content.IE5\W1Y34563\cksgfeqb[1].txt -> Downloader.Adload.ai : Nettoyer et sauvegarder
C:\WINDOWS\system32\fp6s03j7e.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\kudsl1.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\mfswch.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\nqwddi.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\ppintui.dll -> Adware.Look2Me : Nettoyer et sauvegarder
::Fin du rapport
SmitFraudFix v2.26
Rapport fait à 14:34:08,23 le dim. 02/04/2006
Executé à partir de C:\Documents and Settings\jeremy\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
et celui de ewido
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 16:23:11, 2/04/2006
+ Somme de contrôle: B8A1A843
+ Résultats du scan:
[612] C:\WINDOWS\system32\pbtorec.dll -> Adware.Look2Me : Erreur durant le nettoyage
[1368] C:\WINDOWS\system32\pbtorec.dll -> Adware.Look2Me : Erreur durant le nettoyage
:mozilla.6:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.7:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.8:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.9:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.10:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.12:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.13:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.17:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.18:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.19:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.20:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.21:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.23:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.25:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.26:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.28:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.29:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
:mozilla.32:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.38:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.42:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.44:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.50:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.52:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
:mozilla.58:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.59:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.61:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.63:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.64:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.65:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.66:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.81:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.82:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.83:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.84:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.85:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.86:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
:mozilla.88:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.93:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.95:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.96:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder
:mozilla.97:C:\Documents and Settings\jeremy\Application Data\Mozilla\Firefox\Profiles\220sbcm3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Cookies\jeremy@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\Content.IE5\GHIJKHMN\xckjutbay[1].txt -> Proxy.Small.bo : Nettoyer et sauvegarder
C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\Content.IE5\W1Y34563\cksgfeqb[1].txt -> Downloader.Adload.ai : Nettoyer et sauvegarder
C:\WINDOWS\system32\fp6s03j7e.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\kudsl1.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\mfswch.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\nqwddi.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\ppintui.dll -> Adware.Look2Me : Nettoyer et sauvegarder
::Fin du rapport
et voici le rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 16:48:22, on 2/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Winamp\Winamp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jeremy\Mes documents\solution spysheriff\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [shellbn] C:\WINDOWS\System32\shellbn.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\dnj8011ue.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dGVzdA\command.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 16:48:22, on 2/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Winamp\Winamp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jeremy\Mes documents\solution spysheriff\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [shellbn] C:\WINDOWS\System32\shellbn.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\dnj8011ue.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dGVzdA\command.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
Salut,
Tu as une infection de type Look2me
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Tu as une infection de type Look2me
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Merci pour la pluie d'intelligence lol
efnin voila le rapport look2me
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 2/04/2006 18:28:14
Infected! C:\WINDOWS\system32\dnj8011ue.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll
Infected! C:\WINDOWS\system32\dnj8011ue.dll
Infected! C:\WINDOWS\system32\e2jm0c11ef.dll
Infected! C:\WINDOWS\system32\mjw3prt.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\dnj8011ue.dll
C:\WINDOWS\system32\dnj8011ue.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\dnj8011ue.dll
C:\WINDOWS\system32\dnj8011ue.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e2jm0c11ef.dll
C:\WINDOWS\system32\e2jm0c11ef.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\mjw3prt.dll
C:\WINDOWS\system32\mjw3prt.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C83F71F5-BB82-4CE5-ADB8-607546D1DDD8}"
HKCR\Clsid\{C83F71F5-BB82-4CE5-ADB8-607546D1DDD8}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{65252321-20D8-4876-9480-BD304DD9722D}"
HKCR\Clsid\{65252321-20D8-4876-9480-BD304DD9722D}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{3A078D4A-E4FE-47CE-B368-7A47CC51C3AC}"
HKCR\Clsid\{3A078D4A-E4FE-47CE-B368-7A47CC51C3AC}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
et je moccupe du scan hijackthis
efnin voila le rapport look2me
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 2/04/2006 18:28:14
Infected! C:\WINDOWS\system32\dnj8011ue.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll
Infected! C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll
Infected! C:\WINDOWS\system32\dnj8011ue.dll
Infected! C:\WINDOWS\system32\e2jm0c11ef.dll
Infected! C:\WINDOWS\system32\mjw3prt.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\dnj8011ue.dll
C:\WINDOWS\system32\dnj8011ue.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0029502.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030505.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP104\A0030513.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030672.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030674.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030675.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030676.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030677.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030678.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030679.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030680.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030682.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030683.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0030685.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP105\A0032512.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0034542.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0035507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0037507.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038509.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038511.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038512.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038513.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038514.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038553.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0038561.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP110\A0039559.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039642.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP111\A0039647.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039703.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039711.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039724.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039729.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039733.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP112\A0039739.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039753.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039769.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039776.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0039777.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040778.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040779.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040780.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040781.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040782.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040784.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP113\A0040789.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028644.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP87\A0028648.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028681.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP88\A0028684.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028754.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028755.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028864.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP89\A0028916.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028927.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP90\A0028931.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028978.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP91\A0028982.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028987.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP92\A0028991.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029126.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029131.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029181.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP93\A0029186.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029207.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll
C:\System Volume Information\_restore{5E40DACC-54DA-4458-90FF-5E7049DC8EDD}\RP94\A0029211.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\dnj8011ue.dll
C:\WINDOWS\system32\dnj8011ue.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e2jm0c11ef.dll
C:\WINDOWS\system32\e2jm0c11ef.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\mjw3prt.dll
C:\WINDOWS\system32\mjw3prt.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C83F71F5-BB82-4CE5-ADB8-607546D1DDD8}"
HKCR\Clsid\{C83F71F5-BB82-4CE5-ADB8-607546D1DDD8}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{65252321-20D8-4876-9480-BD304DD9722D}"
HKCR\Clsid\{65252321-20D8-4876-9480-BD304DD9722D}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{3A078D4A-E4FE-47CE-B368-7A47CC51C3AC}"
HKCR\Clsid\{3A078D4A-E4FE-47CE-B368-7A47CC51C3AC}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
et je moccupe du scan hijackthis
et voila le rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 18:44:16, on 2/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\jeremy\Mes documents\solution spysheriff\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [shellbn] C:\WINDOWS\System32\shellbn.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS2\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dGVzdA\command.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 18:44:16, on 2/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\jeremy\Mes documents\solution spysheriff\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [shellbn] C:\WINDOWS\System32\shellbn.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS1\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 80.118.192.110 80.118.196.40
O17 - HKLM\System\CS2\Services\Tcpip\..\{14750FE2-5FD4-4D36-92D9-740A0C20C9F0}: NameServer = 84.103.237.140 86.64.145.140
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dGVzdA\command.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
Lassé par la pub ? Créez un compte
