Mon pc est infecté
Dernière réponse : dans Sécurité
bonjour, je pense que mon pc est infecté par des spywares et des virus.. Je n'en suis pas sur, mais je pense que si car sa vitesse a diminué , problemes et plantages...Je m'en remets donc a vous...
Autres pages sur : infecte
Lassé par la pub ? Créez un compte
Ensuite:
Installe Ewido
Décoche "Install Background Guard" et "Install Scan Via Context Menu"
Lance Ewido puis mets le à jour.
Redémarre en mode sans échec.
Relance Ewido puis fais un Scan complet du système.
Sauvegarde le rapport puis colle le ici en mode normal.
Installe Ewido
Décoche "Install Background Guard" et "Install Scan Via Context Menu"
Lance Ewido puis mets le à jour.
Redémarre en mode sans échec.
Relance Ewido puis fais un Scan complet du système.
Sauvegarde le rapport puis colle le ici en mode normal.
rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 19:48:14, on 12/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\lssas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\System32\0mcamcap.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\rpcc.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\mnsec.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Messenger\msmsgs.exe.mani.exe
C:\WINDOWS\update\updmgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\TEMP\adv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe
c:\unofyrtr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe"
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows Update Manager] C:\WINDOWS\update\updmgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [defender] C:\\defender25.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Weather.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\ping.dll C:\WINDOWS\System32\ping.dll
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\f40oled31h0.dll (file missing)
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\guard.tmp (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe
voila
Logfile of HijackThis v1.99.1
Scan saved at 19:48:14, on 12/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\lssas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\System32\0mcamcap.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\rpcc.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\mnsec.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Messenger\msmsgs.exe.mani.exe
C:\WINDOWS\update\updmgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\TEMP\adv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe
c:\unofyrtr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe"
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows Update Manager] C:\WINDOWS\update\updmgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [defender] C:\\defender25.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Weather.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\ping.dll C:\WINDOWS\System32\ping.dll
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\f40oled31h0.dll (file missing)
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\guard.tmp (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe
voila
Mets en suspens Ewido.
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
commence par supprimer ca sur ton log:
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe"
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\f40oled31h0.dll (file missing)
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\guard.tmp (file missing)
Puis tu telecharge Pocketkillbox, dans la case blanche, tu met ca et tu fait "delete on reboot"
3) Tu telecharge LSPfix, Tu l'ouvre et tu nous indique les dll presentes
4) Tu fais la manip avec ewido
@+
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe"
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\f40oled31h0.dll (file missing)
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\guard.tmp (file missing)
Puis tu telecharge Pocketkillbox, dans la case blanche, tu met ca et tu fait "delete on reboot"
Citation :
C:\WINDOWS\System32\lssas.exe3) Tu telecharge LSPfix, Tu l'ouvre et tu nous indique les dll presentes
4) Tu fais la manip avec ewido
@+
ok je fais ca et je vous tiens au courrant.. sinon, voila le rapport ewido
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 20:03:02, 12/06/2006
+ Somme de contrôle: 9723D56B
+ Résultats du scan:
HKU\S-1-5-21-789336058-1801674531-839522115-500\Software\DNS -> Adware.Shorty : Nettoyer et sauvegarder
[784] C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
:mozilla.13:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.23:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.29:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.32:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.58:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyer et sauvegarder
:mozilla.59:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.61:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.69:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.70:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.71:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.72:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\ch32.exe/rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\25.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\26.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\27.tmp -> Downloader.Small.ciw : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\2C.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art13A2.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art19D.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art2DA2.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art6C32.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artBF1.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artDFFF.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artE562.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artF4FE.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00006b3d -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00006c94 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp0000830a -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp000095f6 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp000123bf -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00017a0d -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp0001c147 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx1.game -> Dropper.Small.aps : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx4.game -> Downloader.Small.ctk : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx6.game -> Downloader.Small.cxz : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt2.game -> Downloader.Small.dak : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt3.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt4.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GQR1BUVE\grzyrq[1].txt -> Not-A-Virus.Hoax.Win32.Renos.dc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GQR1BUVE\lksrp[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OYZRJ2UD\bjedcv[1].txt -> Downloader.Tiny.ap : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OYZRJ2UD\savhwwtq[1].txt -> Downloader.Small.ctf : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RAKUMNF7\xiqlrolv[1].txt -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\knbo.exe -> Downloader.Tiny.ap : Nettoyer et sauvegarder
C:\mrcfyn.exe -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\plnmxsi.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00012.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00013.dll -> Trojan.Sinowal.i : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe -> Trojan.Sinowal.v : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00015.dll -> Trojan.Sinowal.i : Nettoyer et sauvegarder
C:\Program Files\ipwins\ipwins.exe -> Adware.Agent : Nettoyer et sauvegarder
C:\Program Files\Messenger\msmsgs.exe.mani.exe -> Adware.Agent : Nettoyer et sauvegarder
C:\Program Files\qywl.exe -> Not-A-Virus.Hoax.Win32.Renos.dc : Nettoyer et sauvegarder
C:\unofyrtr.exe -> Downloader.Small.ctf : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\ABoxInst_int14.exe -> Downloader.VB.ft : Nettoyer et sauvegarder
C:\WINDOWS\system32\awtsq.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\awvvu.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\ch32.exe/rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\ddabb.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\gebcb.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\lssas.exe -> Backdoor.Rbot.aem : Nettoyer et sauvegarder
C:\WINDOWS\system32\ping.dll -> Adware.PurityScan : Nettoyer et sauvegarder
C:\WINDOWS\system32\rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\rpcc.exe -> Trojan.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\ssqpn.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\TheMatrixHasYou.exe -> Proxy.Small.bo : Nettoyer et sauvegarder
C:\WINDOWS\system32\vtsqp.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\vturp.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2.dlb -> Not-A-Virus.Hoax.Win32.Renos.dn : Nettoyer et sauvegarder
C:\WINDOWS\Temp\235C.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\238B.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\25.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\26.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2C93.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2CDF.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\32.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\33.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\33EE.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\34.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\35.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\3C9A.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\540144176436\4820.tmp -> Dropper.Agent.aqc : Nettoyer et sauvegarder
C:\WINDOWS\Temp\5C9C.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\6.dlb -> Downloader.Tibs.eo : Nettoyer et sauvegarder
C:\WINDOWS\Temp\6D65.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\7.dlb -> Downloader.Tibs.eo : Nettoyer et sauvegarder
C:\WINDOWS\Temp\art430F.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\WINDOWS\Temp\CE83.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\maxdd1.game -> Trojan.Dialer.pw : Nettoyer et sauvegarder
C:\WINDOWS\Temp\pe386.sys -> Not-A-Virus.SpamTool.Win32.Mailbot.ba : Nettoyer et sauvegarder
C:\WINDOWS\Temp\qvxt2.game -> Worm.Locksky.as : Nettoyer et sauvegarder
C:\WINDOWS\Temp\qvxt4.game -> Trojan.Dialer.pz : Nettoyer et sauvegarder
C:\WINDOWS\Temp\tmp00021718 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx1.game -> Dropper.Small.aps : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx4.game -> Downloader.Small.ctk : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx6.game -> Downloader.Small.cxz : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt2.game -> Downloader.Small.dak : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt3.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt4.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\WINDOWS\update\updmgr.exe -> Proxy.Agent.cv : Nettoyer et sauvegarder
::Fin du rapport
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 20:03:02, 12/06/2006
+ Somme de contrôle: 9723D56B
+ Résultats du scan:
HKU\S-1-5-21-789336058-1801674531-839522115-500\Software\DNS -> Adware.Shorty : Nettoyer et sauvegarder
[784] C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
:mozilla.13:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.23:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.29:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.32:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.58:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyer et sauvegarder
:mozilla.59:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.61:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.69:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.70:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.71:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.72:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\kouzsb5q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\ch32.exe/rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\25.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\26.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\27.tmp -> Downloader.Small.ciw : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\2C.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art13A2.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art19D.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art2DA2.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\art6C32.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artBF1.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artDFFF.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artE562.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\artF4FE.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00006b3d -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00006c94 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp0000830a -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp000095f6 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp000123bf -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp00017a0d -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp0001c147 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx1.game -> Dropper.Small.aps : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx4.game -> Downloader.Small.ctk : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vx6.game -> Downloader.Small.cxz : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt2.game -> Downloader.Small.dak : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt3.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\Documents and Settings\Administrateur\Local Settings\Temp\vxt4.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GQR1BUVE\grzyrq[1].txt -> Not-A-Virus.Hoax.Win32.Renos.dc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GQR1BUVE\lksrp[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OYZRJ2UD\bjedcv[1].txt -> Downloader.Tiny.ap : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OYZRJ2UD\savhwwtq[1].txt -> Downloader.Small.ctf : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RAKUMNF7\xiqlrolv[1].txt -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\knbo.exe -> Downloader.Tiny.ap : Nettoyer et sauvegarder
C:\mrcfyn.exe -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\plnmxsi.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00012.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00013.dll -> Trojan.Sinowal.i : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.dll -> Trojan.Sinowal.w : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00014.exe -> Trojan.Sinowal.v : Nettoyer et sauvegarder
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00015.dll -> Trojan.Sinowal.i : Nettoyer et sauvegarder
C:\Program Files\ipwins\ipwins.exe -> Adware.Agent : Nettoyer et sauvegarder
C:\Program Files\Messenger\msmsgs.exe.mani.exe -> Adware.Agent : Nettoyer et sauvegarder
C:\Program Files\qywl.exe -> Not-A-Virus.Hoax.Win32.Renos.dc : Nettoyer et sauvegarder
C:\unofyrtr.exe -> Downloader.Small.ctf : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\ABoxInst_int14.exe -> Downloader.VB.ft : Nettoyer et sauvegarder
C:\WINDOWS\system32\awtsq.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\awvvu.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\ch32.exe/rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\ddabb.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\gebcb.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\lssas.exe -> Backdoor.Rbot.aem : Nettoyer et sauvegarder
C:\WINDOWS\system32\ping.dll -> Adware.PurityScan : Nettoyer et sauvegarder
C:\WINDOWS\system32\rmz.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\rpcc.exe -> Trojan.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\ssqpn.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\TheMatrixHasYou.exe -> Proxy.Small.bo : Nettoyer et sauvegarder
C:\WINDOWS\system32\vtsqp.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\system32\vturp.dll -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2.dlb -> Not-A-Virus.Hoax.Win32.Renos.dn : Nettoyer et sauvegarder
C:\WINDOWS\Temp\235C.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\238B.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\25.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\26.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2C93.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\2CDF.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\32.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\33.tmp -> Backdoor.Agent.aai : Nettoyer et sauvegarder
C:\WINDOWS\Temp\33EE.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\34.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\35.tmp -> Downloader.Agent.afl : Nettoyer et sauvegarder
C:\WINDOWS\Temp\3C9A.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\540144176436\4820.tmp -> Dropper.Agent.aqc : Nettoyer et sauvegarder
C:\WINDOWS\Temp\5C9C.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\6.dlb -> Downloader.Tibs.eo : Nettoyer et sauvegarder
C:\WINDOWS\Temp\6D65.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\7.dlb -> Downloader.Tibs.eo : Nettoyer et sauvegarder
C:\WINDOWS\Temp\art430F.tmp -> Proxy.Xorpix.v : Nettoyer et sauvegarder
C:\WINDOWS\Temp\CE83.tmp -> Proxy.Agent.kb : Nettoyer et sauvegarder
C:\WINDOWS\Temp\maxdd1.game -> Trojan.Dialer.pw : Nettoyer et sauvegarder
C:\WINDOWS\Temp\pe386.sys -> Not-A-Virus.SpamTool.Win32.Mailbot.ba : Nettoyer et sauvegarder
C:\WINDOWS\Temp\qvxt2.game -> Worm.Locksky.as : Nettoyer et sauvegarder
C:\WINDOWS\Temp\qvxt4.game -> Trojan.Dialer.pz : Nettoyer et sauvegarder
C:\WINDOWS\Temp\tmp00021718 -> Adware.Virtumonde : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx1.game -> Dropper.Small.aps : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx4.game -> Downloader.Small.ctk : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vx6.game -> Downloader.Small.cxz : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt2.game -> Downloader.Small.dak : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt3.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\WINDOWS\Temp\vxt4.game -> Proxy.Agent.ji : Nettoyer et sauvegarder
C:\WINDOWS\update\updmgr.exe -> Proxy.Agent.cv : Nettoyer et sauvegarder
::Fin du rapport
Rapport smitfraudfix
SmitFraudFix v2.59
Rapport fait à 20:08:11,28, 12/06/2006
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
C:\uniq PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\0mcamcap.exe PRESENT !
C:\WINDOWS\system32\TheMatrixHasYou.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data
C:\Documents and Settings\Administrateur\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\secure32.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.59
Rapport fait à 20:08:11,28, 12/06/2006
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
C:\uniq PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\0mcamcap.exe PRESENT !
C:\WINDOWS\system32\TheMatrixHasYou.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data
C:\Documents and Settings\Administrateur\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\secure32.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Redémarre en mode sans échec.
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à chaque question
Sauvegarde puis poste le rapport.
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à chaque question
Sauvegarde puis poste le rapport.
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
voici le 2 e rapport smitfraudfix
SmitFraudFix v2.59
Rapport fait à 20:18:41,35, 12/06/2006
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\uniq supprimé
C:\WINDOWS\system32\0mcamcap.exe supprimé
C:\WINDOWS\system32\TheMatrixHasYou.exe supprimé
C:\Documents and Settings\Administrateur\Application Data\Install.dat supprimé
C:\Program Files\secure32.html supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.59
Rapport fait à 20:18:41,35, 12/06/2006
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\uniq supprimé
C:\WINDOWS\system32\0mcamcap.exe supprimé
C:\WINDOWS\system32\TheMatrixHasYou.exe supprimé
C:\Documents and Settings\Administrateur\Application Data\Install.dat supprimé
C:\Program Files\secure32.html supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
rapport look2me... je ne l'ai pas fait en mode sans echec.. doisje le refaire ?
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 12/06/2006 20:27:03
Infected! C:\WINDOWS\system32\f40oled31h0.dll
Infected! C:\WINDOWS\system32\guard.tmp
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll
Attempting to delete infected files...
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ThemeManager
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{657651DC-E8F1-4D8B-A20E-5AAE2EB52CB1}"
HKCR\Clsid\{657651DC-E8F1-4D8B-A20E-5AAE2EB52CB1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E09AE1E5-EAB5-4A88-B9AC-0A588D5849C6}"
HKCR\Clsid\{E09AE1E5-EAB5-4A88-B9AC-0A588D5849C6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{53AB0B7C-29DE-46E8-B598-FEDD28850169}"
HKCR\Clsid\{53AB0B7C-29DE-46E8-B598-FEDD28850169}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{034BDEFA-6277-4A62-8D00-39D1FDD69FD6}"
HKCR\Clsid\{034BDEFA-6277-4A62-8D00-39D1FDD69FD6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7F29F946-D5B9-4B52-BB70-25AD878AB93D}"
HKCR\Clsid\{7F29F946-D5B9-4B52-BB70-25AD878AB93D}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{DF0BD5E7-F0E0-4F84-9832-E9127AFF95EA}"
HKCR\Clsid\{DF0BD5E7-F0E0-4F84-9832-E9127AFF95EA}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{292555A7-4CCA-4BC9-9CBA-2B0F0FA9D1AC}"
HKCR\Clsid\{292555A7-4CCA-4BC9-9CBA-2B0F0FA9D1AC}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{8A3C3713-A356-4CA6-9F8A-8C0467BDD7C2}"
HKCR\Clsid\{8A3C3713-A356-4CA6-9F8A-8C0467BDD7C2}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{CED6BA99-9157-47A8-8DD9-E750B9B8EB62}"
HKCR\Clsid\{CED6BA99-9157-47A8-8DD9-E750B9B8EB62}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{32F004BD-0B0C-4A24-8E18-E27B79697AD4}"
HKCR\Clsid\{32F004BD-0B0C-4A24-8E18-E27B79697AD4}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A668E029-E79D-49DE-8342-5CDD82D615A5}"
HKCR\Clsid\{A668E029-E79D-49DE-8342-5CDD82D615A5}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{35AA84D4-92AA-4B42-B525-D48563BC31E3}"
HKCR\Clsid\{35AA84D4-92AA-4B42-B525-D48563BC31E3}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C20B178E-74DD-4987-BA48-DD72424124AA}"
HKCR\Clsid\{C20B178E-74DD-4987-BA48-DD72424124AA}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{64436B91-8882-4098-8555-382C1570BFE6}"
HKCR\Clsid\{64436B91-8882-4098-8555-382C1570BFE6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{9FBC97AE-D4C9-4DD3-BB81-4CE2F60A56B1}"
HKCR\Clsid\{9FBC97AE-D4C9-4DD3-BB81-4CE2F60A56B1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{11A43AB9-245D-4057-B364-248850D4D8FC}"
HKCR\Clsid\{11A43AB9-245D-4057-B364-248850D4D8FC}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{34AB96E4-9D7B-4F5F-A5B5-2FDD25836404}"
HKCR\Clsid\{34AB96E4-9D7B-4F5F-A5B5-2FDD25836404}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F1BA4DFF-AFDC-49A3-AF6B-333992EE8C78}"
HKCR\Clsid\{F1BA4DFF-AFDC-49A3-AF6B-333992EE8C78}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0786B15F-9CD2-41A9-935F-079CCF81FD66}"
HKCR\Clsid\{0786B15F-9CD2-41A9-935F-079CCF81FD66}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7EB66359-3D7D-4CC9-AB9C-12950AE7C314}"
HKCR\Clsid\{7EB66359-3D7D-4CC9-AB9C-12950AE7C314}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{40125018-BB04-4CBB-913D-066666882C3F}"
HKCR\Clsid\{40125018-BB04-4CBB-913D-066666882C3F}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{4DBB873E-AA8E-44A0-86E8-9F7BFD53761E}"
HKCR\Clsid\{4DBB873E-AA8E-44A0-86E8-9F7BFD53761E}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
Rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 20:33:58, on 12/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\0mcamcap.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Messenger\online.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\mnsec.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe"
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Weather.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\ping.dll C:\WINDOWS\System32\ping.dll
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 12/06/2006 20:27:03
Infected! C:\WINDOWS\system32\f40oled31h0.dll
Infected! C:\WINDOWS\system32\guard.tmp
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll
Infected! C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll
Attempting to delete infected files...
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000007.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0000021.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001009.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP1\A0001108.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP10\A0005359.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005502.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005530.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005531.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005532.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005533.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005534.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005535.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005536.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005537.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005538.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005539.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005540.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005541.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005542.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005543.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005544.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005545.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005546.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005547.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005548.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005549.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005550.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005551.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005552.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005553.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005554.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005555.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005556.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005557.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005558.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005559.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005560.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP14\A0005561.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP20\A0019414.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019545.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP21\A0019546.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0021410.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022243.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022290.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022410.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022411.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022412.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022413.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022414.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022415.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022416.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022417.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022418.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022419.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022420.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022421.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022422.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022423.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022424.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022425.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022426.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022427.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022428.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022429.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022430.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022431.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022432.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022433.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022434.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022435.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022436.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0022437.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP24\A0024917.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025913.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0025975.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0026038.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP25\A0027062.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027182.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027183.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027184.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027185.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027186.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027187.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027188.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027189.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027190.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027191.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027192.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027193.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027194.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027195.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027196.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027197.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027198.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027199.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027200.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027201.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027202.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027203.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027204.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027205.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027206.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027207.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027208.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027209.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027210.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027211.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027212.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027213.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027214.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027215.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027216.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP26\A0027217.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001164.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP3\A0001173.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002164.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002173.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP4\A0002180.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003190.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003193.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0003206.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004218.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP6\A0004221.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004235.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004248.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0004249.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP7\A0005264.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll
C:\System Volume Information\_restore{A842D5C6-1091-4C1E-AB14-4BFEF7655201}\RP8\A0005278.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ThemeManager
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{657651DC-E8F1-4D8B-A20E-5AAE2EB52CB1}"
HKCR\Clsid\{657651DC-E8F1-4D8B-A20E-5AAE2EB52CB1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E09AE1E5-EAB5-4A88-B9AC-0A588D5849C6}"
HKCR\Clsid\{E09AE1E5-EAB5-4A88-B9AC-0A588D5849C6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{53AB0B7C-29DE-46E8-B598-FEDD28850169}"
HKCR\Clsid\{53AB0B7C-29DE-46E8-B598-FEDD28850169}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{034BDEFA-6277-4A62-8D00-39D1FDD69FD6}"
HKCR\Clsid\{034BDEFA-6277-4A62-8D00-39D1FDD69FD6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7F29F946-D5B9-4B52-BB70-25AD878AB93D}"
HKCR\Clsid\{7F29F946-D5B9-4B52-BB70-25AD878AB93D}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{DF0BD5E7-F0E0-4F84-9832-E9127AFF95EA}"
HKCR\Clsid\{DF0BD5E7-F0E0-4F84-9832-E9127AFF95EA}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{292555A7-4CCA-4BC9-9CBA-2B0F0FA9D1AC}"
HKCR\Clsid\{292555A7-4CCA-4BC9-9CBA-2B0F0FA9D1AC}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{8A3C3713-A356-4CA6-9F8A-8C0467BDD7C2}"
HKCR\Clsid\{8A3C3713-A356-4CA6-9F8A-8C0467BDD7C2}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{CED6BA99-9157-47A8-8DD9-E750B9B8EB62}"
HKCR\Clsid\{CED6BA99-9157-47A8-8DD9-E750B9B8EB62}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{32F004BD-0B0C-4A24-8E18-E27B79697AD4}"
HKCR\Clsid\{32F004BD-0B0C-4A24-8E18-E27B79697AD4}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A668E029-E79D-49DE-8342-5CDD82D615A5}"
HKCR\Clsid\{A668E029-E79D-49DE-8342-5CDD82D615A5}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{35AA84D4-92AA-4B42-B525-D48563BC31E3}"
HKCR\Clsid\{35AA84D4-92AA-4B42-B525-D48563BC31E3}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C20B178E-74DD-4987-BA48-DD72424124AA}"
HKCR\Clsid\{C20B178E-74DD-4987-BA48-DD72424124AA}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{64436B91-8882-4098-8555-382C1570BFE6}"
HKCR\Clsid\{64436B91-8882-4098-8555-382C1570BFE6}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{9FBC97AE-D4C9-4DD3-BB81-4CE2F60A56B1}"
HKCR\Clsid\{9FBC97AE-D4C9-4DD3-BB81-4CE2F60A56B1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{11A43AB9-245D-4057-B364-248850D4D8FC}"
HKCR\Clsid\{11A43AB9-245D-4057-B364-248850D4D8FC}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{34AB96E4-9D7B-4F5F-A5B5-2FDD25836404}"
HKCR\Clsid\{34AB96E4-9D7B-4F5F-A5B5-2FDD25836404}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F1BA4DFF-AFDC-49A3-AF6B-333992EE8C78}"
HKCR\Clsid\{F1BA4DFF-AFDC-49A3-AF6B-333992EE8C78}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0786B15F-9CD2-41A9-935F-079CCF81FD66}"
HKCR\Clsid\{0786B15F-9CD2-41A9-935F-079CCF81FD66}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7EB66359-3D7D-4CC9-AB9C-12950AE7C314}"
HKCR\Clsid\{7EB66359-3D7D-4CC9-AB9C-12950AE7C314}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{40125018-BB04-4CBB-913D-066666882C3F}"
HKCR\Clsid\{40125018-BB04-4CBB-913D-066666882C3F}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{4DBB873E-AA8E-44A0-86E8-9F7BFD53761E}"
HKCR\Clsid\{4DBB873E-AA8E-44A0-86E8-9F7BFD53761E}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
Rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 20:33:58, on 12/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\0mcamcap.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Messenger\online.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\mnsec.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe"
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Weather.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\ping.dll C:\WINDOWS\System32\ping.dll
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)
On est pas 24/24 sur le pc !
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Télécharge:
Ccleaner
Installe le dans un répertoire dédié.
Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Redémarre en mode sans échec.
- Lance Hijackthis ->Do a system scan only
->Coche les lignes puis clique sur Fix checked:
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe"
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - Startup: Weather.lnk = ?
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers/dossiers si existe:
C:\Program Files\ToolBar888\
C:\Program Files\ipwins\
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe
C:\WINDOWS\update\updmgr.exe
C:\WINDOWS\System32\0mcamcap.exe
C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
umsydxb.pif
- Lance un nettoyage Ccleaner
Bouton "Analyse" puis "Lancer le Néttoyage"
Redémarre normalement.
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
c:\windows\system32\ping.dll
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Télécharge:
Ccleaner
Installe le dans un répertoire dédié.
Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Redémarre en mode sans échec.
- Lance Hijackthis ->Do a system scan only
->Coche les lignes puis clique sur Fix checked:
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe"
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\RunServices: [DRam prosessor32] umsydxb.pif
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [Raad] "C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe" -vt ndrv
O4 - HKCU\..\Run: [Usjvi] C:\WINDOWS\YMANTE~1\MHTA~1.EXE
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - Startup: Weather.lnk = ?
O20 - Winlogon Notify: pmnnl - pmnnl.dll (file missing)
O21 - SSODL: MNADLgIOFQ - {C84FB25D-62E5-18F7-F843-0A4AADBDDC00} - C:\WINDOWS\System32\fgj.dll (file missing)
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers/dossiers si existe:
C:\Program Files\ToolBar888\
C:\Program Files\ipwins\
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00005.exe
C:\WINDOWS\update\updmgr.exe
C:\WINDOWS\System32\0mcamcap.exe
C:\DOCUME~1\ADMINI~1\MESDOC~1\WNSXS~1\rundll32.exe
C:\WINDOWS\YMANTE~1\MHTA~1.EXE
umsydxb.pif
- Lance un nettoyage Ccleaner
Bouton "Analyse" puis "Lancer le Néttoyage"
Redémarre normalement.
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
c:\windows\system32\ping.dll
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumMon pc infecte par un virus
- ForumMon pc rame et est infecte
- ForumMon pc infecte par tazebama
- ForumMon pc est infecte par des virus
- ForumMon pc est infecte
- ForumMon pc est infecte par adverser5.com
- ForumMon pc est infecte par plusieurs virus
- ForumMon pc est lent et infecte
- ForumMon pc est-il infecte
- ForumMon pc portable est infecter
- Voir plus
