secure32
Dernière réponse : dans Sécurité
Bonjour à tous,
Lorsque j'essaie d'accéder à IE, une page pleue s'affiche C\secure 32, quasiment plus de connexion sinon à deux à l'heure (là je suis au bureau) et donc impossible de telecharger quoi que ce soit ! Comment faire pour m'en dépêtrer ????? :-(
Lorsque j'essaie d'accéder à IE, une page pleue s'affiche C\secure 32, quasiment plus de connexion sinon à deux à l'heure (là je suis au bureau) et donc impossible de telecharger quoi que ce soit ! Comment faire pour m'en dépêtrer ????? :-(
Autres pages sur : secure32
Lassé par la pub ? Créez un compte
Là je ne suis pas chez moi, mais de toute facon je ne peux plus utiliser ma connexion, ce qui se passe c'est que qud je clique sur IE, j'ai une page en fond bleu qui s'ouvre m'informant que mon ordi est infesté (c\secure32.html), j'ai également dans ma barre de tache une icone ronde et rouge barrée d'une croix blanche qui toutes les cinq minutes m'informe que mon ordi est infesté, la moindre manip sur mon ordi prend un temps fou. :-(
telecharge firefox si IE marche plus, met le sur clé usb et installe le chez toi.
arrete les processus innutile pour gagner un peu de temps en faisant ctrl - alt - delet
sinon desactive ceux qui sont inutile et qui demarre au demarrage de windows , tu fait demarrer , executer, msconfig et et va dans l onglet demarrage.
ensuite bah telecharge des anti virus mon ptit![:/]( ":/")
essaye ad-aware, panda , hijack this, tu les trouvera partout sur internet et les version d evaluation suffiront.
arrete les processus innutile pour gagner un peu de temps en faisant ctrl - alt - delet
sinon desactive ceux qui sont inutile et qui demarre au demarrage de windows , tu fait demarrer , executer, msconfig et et va dans l onglet demarrage.
ensuite bah telecharge des anti virus mon ptit
essaye ad-aware, panda , hijack this, tu les trouvera partout sur internet et les version d evaluation suffiront.
Merci.
L'informaticien de la boîte me conseille de faire ce qui suit :
Telecharger SmitFraudFix
Dezipper la totalité de l'archive smitfraudfix.zip
double cliquez sur SmitFraudFix.cmd
Selectionnez 1. Recherche
Redémarrez l'ordi en mode sans échec
double cliquez sur SmitFraudFix.cmd
Selectionnez 2. Nettoyage
Répondre O (Oui) à la question Voulez vous nettoyer le registre.
C'est d'aprés lui le seul véritable moyen de m'en sortir !
:-(
L'informaticien de la boîte me conseille de faire ce qui suit :
Telecharger SmitFraudFix
Dezipper la totalité de l'archive smitfraudfix.zip
double cliquez sur SmitFraudFix.cmd
Selectionnez 1. Recherche
Redémarrez l'ordi en mode sans échec
double cliquez sur SmitFraudFix.cmd
Selectionnez 2. Nettoyage
Répondre O (Oui) à la question Voulez vous nettoyer le registre.
C'est d'aprés lui le seul véritable moyen de m'en sortir !
:-(
Bonsoir
Effectivement, Smitfraudfix nettoye ce type d'infection.
Mais d'abord, as tu Windows XP ou 2000 ?
Fais aussi ceci.
Tu télécharge s'il le faut sur un autre PC (et tant pis pour les mises à jours).
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
4 Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils)
Puis sur l'onglets Settings, pour How to Act. Clique sur Recommanded Actions. Sélectionne Quarantine.
Reviens a l'onglet Scan. Clique Complete system Scan
A la fin du scan, choisis l'option " Apply All Actions " en bas.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
5 Redémarre normalement et poste le rapport d'Ewido avec un log HijackThis v1.99.1
http://pchelpbordeaux.free.fr/frames/logiciels/HIJACKTH...
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Effectivement, Smitfraudfix nettoye ce type d'infection.
Mais d'abord, as tu Windows XP ou 2000 ?
Fais aussi ceci.
Tu télécharge s'il le faut sur un autre PC (et tant pis pour les mises à jours).
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
4 Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils)
Puis sur l'onglets Settings, pour How to Act. Clique sur Recommanded Actions. Sélectionne Quarantine.
Reviens a l'onglet Scan. Clique Complete system Scan
A la fin du scan, choisis l'option " Apply All Actions " en bas.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
5 Redémarre normalement et poste le rapport d'Ewido avec un log HijackThis v1.99.1
http://pchelpbordeaux.free.fr/frames/logiciels/HIJACKTH...
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bonjour,
Pour savoir comment utiliser HijackThis va consulter ces 2 sites :
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Pour Ewido va voir ici :
http://www.malekal.com/tutorial_ewidoV4.html
En gros une fois que tu auras passé ces 2 utilitaires à la fin de l'analyse tu auras un rapport qui serra généré il faudra que tu copie/colles les rapport ici
Citation :
poste le rapport d'Ewido avec un log HijackThis v1.99.1Pour savoir comment utiliser HijackThis va consulter ces 2 sites :
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Pour Ewido va voir ici :
http://www.malekal.com/tutorial_ewidoV4.html
En gros une fois que tu auras passé ces 2 utilitaires à la fin de l'analyse tu auras un rapport qui serra généré il faudra que tu copie/colles les rapport ici
BONSOIR A TOUS,
Voilà le résultat :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:11:51 25/07/2006
+ Scan result:
C:\Documents and Settings\lmyujkkk5^m\Local Settings\Temporary Internet Files\Content.IE5\JRY666VN\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063863.exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup (quarantined).
D:\Program Files\TBONBin\tbon.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
C:\Program Files\Μіcrosoft.NET\userinit.exe -> Adware.ClickSpring : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059003.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059084.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059109.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059129.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060134.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060205.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060206.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060217.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060319.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060328.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060329.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060334.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060336.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060343.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060413.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060414.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060516.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060517.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060525.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060550.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061607.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061634.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061640.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061657.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061671.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061689.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061695.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061701.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062700.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063706.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063797.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063801.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063858.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063867.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063871.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063875.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063878.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063883.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063888.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063895.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063897.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063901.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063907.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063911.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063914.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\e6jmlg1116.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ennsl1571.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\fpn8035ue.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\g4jo0e13eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\gpn2l35o1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\h4n00e5meh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hrro0593e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\i4lo0e33eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ijetres.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ir60l5jm1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ir6ql5j51.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\j42q0ef5eh2.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\j6j60g1se6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\k6lq0g35e6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\k6pmlg7116.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ktdycc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lv4u09h9e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\noOpenGL.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\nvshrui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\p4p60e7seh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\p6r4lg9q16.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\phrfos.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\pktorsvc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\qydit.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\surmdll.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
[588] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning.
[664] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Error during cleaning.
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059075.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff -> Adware.SpySheriff : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : Cleaned with backup (quarantined).
C:\Downloads\CommandosStrikeForceSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060341.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061608.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061676.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063802.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063803.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063876.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063886.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\mssvcc.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061677.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062702.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_08682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_14022.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_63841.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\fswinsys.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\winscntrl.exe -> Backdoor.SdBot.aoy : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_56663.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\netbtd.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061650.exe -> Backdoor.VB.ary : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\drsmartload46a[1].exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052841.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061644.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061645.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061646.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061647.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060199.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060514.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\kybrded_7.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060190.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060505.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060182.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060497.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061643.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\Documents and Settings\lmyujkkk5^m\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050747.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050762.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050792.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051786.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051822.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052831.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0053843.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055857.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055871.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056905.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057886.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058903.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058983.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058998.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059009.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059089.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059133.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060132.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060202.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060224.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060323.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060327.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060408.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060412.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060556.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061561.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061613.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061633.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061661.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061683.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061693.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063701.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063868.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063882.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063892.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\fxxiumul.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\Program Files\Common Files\svchostsys\svchostupdate.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050775.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051838.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\taskmgn.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\cpncwul.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\78.exe -> Downloader.Small.dhg : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\loadadv780[1].exe -> Downloader.Small.dhg : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\gksrtdrb[1].txt -> Downloader.Tiny.ap : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059070.exe -> Downloader.Tiny.ap : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qcxzw[1].txt -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057899.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058897.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058923.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058943.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058963.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059114.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\bwrhm.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\nrpmarj.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061605.exe -> Downloader.VB.afv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061642.exe -> Downloader.VB.afv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061649.exe -> Downloader.VB.agi : Cleaned with backup (quarantined).
C:\ywvgnuc.exe -> Hijacker.Costrat.c : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\yqceoxh[1].txt -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lzx32.sys -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\ixkrqy.exe -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061648.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061651.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\ksntdem[1].htm -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060181.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060183.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060186.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060496.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060498.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060501.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\btsx.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060197.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060512.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\dfndred_7.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059016.DLL -> Logger.Goldun.le : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\ytoagdn[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061652.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\lvjcj.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qbmlifbl[1].txt -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored.
C:\Program Files\wsybcq.exe -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kfegzakgw[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\jkshrol[1].htm -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\rswojxfoj[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055904.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056899.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058900.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058965.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059116.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061568.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04SV]VBNZ^DM]_AHSO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\bnccm.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\kvpubdd.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\pimlbc.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\reed.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ceiyov.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hlpkkj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lqliat.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\uykmmi.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\wgwpoq.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ygaxcj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\w32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\win32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060135.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060338.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060561.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\oqsdrdi.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050753.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050777.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052833.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052853.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054856.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055854.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056900.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058901.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058926.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061627.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061655.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\vjeojhvro.dll -> Proxy.Small.ct : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\epqnjkac.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hkndfdcl.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\mqlxlkgqd[1].htm -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hmoplckd.exe -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\meqkeldj.dll -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061653.dll -> Proxy.Xmiler.c : Cleaned with backup (quarantined).
D:\Documents and Settings\nan\Cookies\nan@robeez.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@cliks[1].txt -> TrackingCookie.Cliks : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@need2find[2].txt -> TrackingCookie.Need2find : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\SYSTEM32\dcom_24.dll -> Trojan.Agent.pk : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\osambyv[1].htm -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\esrottis.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\zhtibclsda[1].txt -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059115.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059117.sys -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061624.sys -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\gkpfrx.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ojeunnxh[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\hgbqatgqte[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059072.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\eiic.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\wnjotxtw.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ezixhe[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\ytbqnxha[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050745.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050746.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050766.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050769.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050770.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050787.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050790.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051829.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051830.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051833.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052826.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052849.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054842.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054843.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055843.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055844.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055869.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055894.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055897.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056887.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056888.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056891.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057891.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058886.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058887.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058914.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058915.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058935.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058936.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058953.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058954.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058976.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059112.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061616.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061617.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061619.dll -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061620.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\dpcyac.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\fuklu.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\gxewsguf.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\lbsnhrxl.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\ooelt.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061618.dll -> Trojan.Sinowal.ac : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\hytbur[1].txt -> Trojan.Sinowal.ae : Cleaned with backup (quarantined).
C:\sdupelq.exe -> Trojan.Sinowal.ae : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00057.exe -> Trojan.Sinowal.v : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\gxskj[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kojmvf[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\dcxmw[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050744.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050755.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050761.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050779.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050786.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051828.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051841.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052825.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054841.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054857.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055842.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055855.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055867.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055877.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055889.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055906.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056886.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056902.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057889.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057901.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058885.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058905.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058912.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058927.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058933.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058946.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058952.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058966.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058974.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059118.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\bcksiqql.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\nulhght.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\ovdxwofx.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\slhowhi.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\whtvahaf.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\yuhmybk.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
Et ça c'est Highjack (en deux jours j'en ai fait plus en informatique que durant toute ma vie) :
Logfile of HijackThis v1.99.1
Scan saved at 20:22:25, on 25/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\WINDOWS\System32\tvmjvm.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\WINDOWS\System32\rpcc.exe
C:\kybrdef_7.exe
C:\WINDOWS\System32\dxvwinpy.exe
C:\dfndref_7.exe
C:\Program Files\wsybcq.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\WallADay.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Documents and Settings\lmyujkkk5^m\Mes documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WINDOWS] C:\WINDOWS\System32\tvmjvm.exe
O4 - HKLM\..\Run: [ÿ_zskN] C:\WINDOWS\System32\_zskwrkni04CKGFT\]CD\`COI\N.exe
O4 - HKLM\..\Run: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdef_7.exe
O4 - HKLM\..\Run: [ÿ_zskXAMD] C:\WINDOWS\System32\_zskwrkni04LRQZYCQ^LZN\DMAX.exe
O4 - HKLM\..\Run: [ÿ_zskN_^PDP] C:\WINDOWS\System32\_zskwrkni04]YDRMTGL`\PDP^_N.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwinpy.exe
O4 - HKLM\..\Run: [defender] C:\\dfndref_7.exe
O4 - HKLM\..\Run: [SysTray] C:\Program Files\wsybcq.exe
O4 - HKLM\..\RunServices: [ÿ_zskN] C:\WINDOWS\System32\_zskwrkni04CKGFT\]CD\`COI\N.exe
O4 - HKLM\..\RunServices: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKLM\..\RunServices: [ÿ_zskXAMD] C:\WINDOWS\System32\_zskwrkni04LRQZYCQ^LZN\DMAX.exe
O4 - HKLM\..\RunServices: [ÿ_zskN_^PDP] C:\WINDOWS\System32\_zskwrkni04]YDRMTGL`\PDP^_N.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKCU\..\Run: [532f98a.exe] C:\Documents and Settings\lmyujkkk5^m\Application Data\532f98a.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00013.exe"
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\E_SRCV02.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: WallADay.lnk = C:\WINDOWS\WallADay.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://secure.bellerockgaming.com
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.ca...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclub.com/download_helper/Nyoko.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelp...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O20 - Winlogon Notify: Nls - C:\WINDOWS\system32\kcdne.dll (file missing)
O20 - Winlogon Notify: StateMgr - C:\WINDOWS\system32\lv8609lse.dll
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - (no file)
O21 - SSODL: GjtCdJE - {374310ED-9DE9-BA47-5B03-BC6A65378B48} - C:\WINDOWS\System32\ldowi.dll (file missing)
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwinpy.exe
O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\meqkeldj.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: fsecure 2006 (fsecure) - Unknown owner - C:\WINDOWS\fswinsys.exe (file missing)
O23 - Service: NetBTD(ntbtd) (NetBTD) - Unknown owner - C:\WINDOWS\system32\netbtd.exe (file missing)
O23 - Service: Network DRV (NTDRV) - Unknown owner - C:\WINDOWS\system32\netdrvr.exe (file missing)
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
O23 - Service: WindowsNod (WinNod) - Unknown owner - C:\WINDOWS\winnod.exe (file missing)
Et maintenant ??? :-( :-?
Voilà le résultat :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:11:51 25/07/2006
+ Scan result:
C:\Documents and Settings\lmyujkkk5^m\Local Settings\Temporary Internet Files\Content.IE5\JRY666VN\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063863.exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup (quarantined).
D:\Program Files\TBONBin\tbon.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
C:\Program Files\Μіcrosoft.NET\userinit.exe -> Adware.ClickSpring : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059003.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059084.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059109.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059129.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060134.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060205.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060206.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060217.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060319.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060328.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060329.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060334.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060336.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060343.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060413.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060414.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060516.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060517.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060525.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060550.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061607.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061634.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061640.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061657.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061671.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061689.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061695.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061701.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062700.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063706.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063797.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063801.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063858.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063867.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063871.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063875.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063878.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063883.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063888.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063895.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063897.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063901.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063907.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063911.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063914.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\e6jmlg1116.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ennsl1571.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\fpn8035ue.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\g4jo0e13eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\gpn2l35o1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\h4n00e5meh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hrro0593e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\i4lo0e33eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ijetres.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ir60l5jm1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ir6ql5j51.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\j42q0ef5eh2.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\j6j60g1se6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\k6lq0g35e6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\k6pmlg7116.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ktdycc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lv4u09h9e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\noOpenGL.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\nvshrui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\p4p60e7seh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\p6r4lg9q16.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\phrfos.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\pktorsvc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\qydit.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\surmdll.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
[588] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning.
[664] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Error during cleaning.
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059075.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff -> Adware.SpySheriff : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : Cleaned with backup (quarantined).
C:\Downloads\CommandosStrikeForceSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060341.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061608.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061676.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063802.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063803.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063876.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063886.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\mssvcc.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061677.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062702.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_08682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_14022.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_63841.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\fswinsys.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\winscntrl.exe -> Backdoor.SdBot.aoy : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\eraseme_56663.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\netbtd.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061650.exe -> Backdoor.VB.ary : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\drsmartload46a[1].exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052841.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061644.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061645.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061646.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061647.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060199.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060514.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\kybrded_7.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060190.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060505.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060182.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060497.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061643.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\Documents and Settings\lmyujkkk5^m\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050747.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050762.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050792.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051786.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051822.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052831.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0053843.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055857.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055871.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056905.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057886.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058903.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058983.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058998.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059009.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059089.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059133.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060132.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060202.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060224.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060323.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060327.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060408.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060412.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060556.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061561.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061613.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061633.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061661.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061683.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061693.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063701.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063868.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063882.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063892.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\fxxiumul.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined).
C:\Program Files\Common Files\svchostsys\svchostupdate.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050775.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051838.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\taskmgn.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\cpncwul.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\78.exe -> Downloader.Small.dhg : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\loadadv780[1].exe -> Downloader.Small.dhg : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\gksrtdrb[1].txt -> Downloader.Tiny.ap : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059070.exe -> Downloader.Tiny.ap : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qcxzw[1].txt -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057899.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058897.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058923.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058943.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058963.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059114.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\bwrhm.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\nrpmarj.exe -> Downloader.VB.afo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061605.exe -> Downloader.VB.afv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061642.exe -> Downloader.VB.afv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061649.exe -> Downloader.VB.agi : Cleaned with backup (quarantined).
C:\ywvgnuc.exe -> Hijacker.Costrat.c : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\yqceoxh[1].txt -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lzx32.sys -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\ixkrqy.exe -> Hijacker.Costrat.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061648.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061651.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\ksntdem[1].htm -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060181.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060183.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060186.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060496.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060498.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060501.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\btsx.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060197.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060512.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\dfndred_7.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059016.DLL -> Logger.Goldun.le : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\ytoagdn[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061652.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\lvjcj.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qbmlifbl[1].txt -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored.
C:\Program Files\wsybcq.exe -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kfegzakgw[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\jkshrol[1].htm -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\rswojxfoj[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055904.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056899.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058900.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058965.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059116.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061568.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04SV]VBNZ^DM]_AHSO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\bnccm.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\kvpubdd.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\pimlbc.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\reed.exe -> Proxy.Agent.km : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ceiyov.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hlpkkj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\lqliat.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\uykmmi.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\wgwpoq.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ygaxcj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\w32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\win32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060135.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060338.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060561.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\oqsdrdi.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050753.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050777.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052833.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052853.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054856.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055854.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056900.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058901.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058926.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061627.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061655.exe -> Proxy.Small.bo : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\vjeojhvro.dll -> Proxy.Small.ct : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\epqnjkac.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hkndfdcl.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\mqlxlkgqd[1].htm -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hmoplckd.exe -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\meqkeldj.dll -> Proxy.Wopla.s : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061653.dll -> Proxy.Xmiler.c : Cleaned with backup (quarantined).
D:\Documents and Settings\nan\Cookies\nan@robeez.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@cliks[1].txt -> TrackingCookie.Cliks : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@need2find[2].txt -> TrackingCookie.Need2find : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
D:\Documents and Settings\nan\Cookies\nan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\SYSTEM32\dcom_24.dll -> Trojan.Agent.pk : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\osambyv[1].htm -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\esrottis.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\zhtibclsda[1].txt -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059115.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059117.sys -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061624.sys -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\gkpfrx.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ojeunnxh[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\hgbqatgqte[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059072.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\eiic.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\wnjotxtw.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ezixhe[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\ytbqnxha[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050745.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050746.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050766.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050769.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050770.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050787.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050790.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051829.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051830.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051833.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052826.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052849.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054842.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054843.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055843.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055844.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055869.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055894.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055897.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056887.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056888.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056891.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057891.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058886.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058887.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058914.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058915.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058935.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058936.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058953.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058954.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058976.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059112.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061616.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061617.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061619.dll -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061620.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\dpcyac.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\fuklu.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\gxewsguf.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\lbsnhrxl.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\ooelt.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061618.dll -> Trojan.Sinowal.ac : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\hytbur[1].txt -> Trojan.Sinowal.ae : Cleaned with backup (quarantined).
C:\sdupelq.exe -> Trojan.Sinowal.ae : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00057.exe -> Trojan.Sinowal.v : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\gxskj[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kojmvf[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\dcxmw[1].txt -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050744.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050755.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050761.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050779.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050786.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051828.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051841.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052825.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054841.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054857.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055842.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055855.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055867.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055877.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055889.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055906.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056886.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056902.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057889.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057901.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058885.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058905.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058912.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058927.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058933.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058946.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058952.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058966.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058974.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059118.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\bcksiqql.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\nulhght.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\ovdxwofx.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\slhowhi.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\whtvahaf.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\yuhmybk.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
Et ça c'est Highjack (en deux jours j'en ai fait plus en informatique que durant toute ma vie) :
Logfile of HijackThis v1.99.1
Scan saved at 20:22:25, on 25/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\WINDOWS\System32\tvmjvm.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\WINDOWS\System32\rpcc.exe
C:\kybrdef_7.exe
C:\WINDOWS\System32\dxvwinpy.exe
C:\dfndref_7.exe
C:\Program Files\wsybcq.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\WallADay.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Documents and Settings\lmyujkkk5^m\Mes documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WINDOWS] C:\WINDOWS\System32\tvmjvm.exe
O4 - HKLM\..\Run: [ÿ_zskN] C:\WINDOWS\System32\_zskwrkni04CKGFT\]CD\`COI\N.exe
O4 - HKLM\..\Run: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdef_7.exe
O4 - HKLM\..\Run: [ÿ_zskXAMD] C:\WINDOWS\System32\_zskwrkni04LRQZYCQ^LZN\DMAX.exe
O4 - HKLM\..\Run: [ÿ_zskN_^PDP] C:\WINDOWS\System32\_zskwrkni04]YDRMTGL`\PDP^_N.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwinpy.exe
O4 - HKLM\..\Run: [defender] C:\\dfndref_7.exe
O4 - HKLM\..\Run: [SysTray] C:\Program Files\wsybcq.exe
O4 - HKLM\..\RunServices: [ÿ_zskN] C:\WINDOWS\System32\_zskwrkni04CKGFT\]CD\`COI\N.exe
O4 - HKLM\..\RunServices: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKLM\..\RunServices: [ÿ_zskXAMD] C:\WINDOWS\System32\_zskwrkni04LRQZYCQ^LZN\DMAX.exe
O4 - HKLM\..\RunServices: [ÿ_zskN_^PDP] C:\WINDOWS\System32\_zskwrkni04]YDRMTGL`\PDP^_N.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [ÿ_zskosha_]md^znbv]vs40inkrwksz_] c:\windows\system32\_zskwrkni04sv]vbnz^dm]_ahso.exe
O4 - HKCU\..\Run: [532f98a.exe] C:\Documents and Settings\lmyujkkk5^m\Application Data\532f98a.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00013.exe"
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\E_SRCV02.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: WallADay.lnk = C:\WINDOWS\WallADay.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://secure.bellerockgaming.com
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.ca...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclub.com/download_helper/Nyoko.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelp...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O20 - Winlogon Notify: Nls - C:\WINDOWS\system32\kcdne.dll (file missing)
O20 - Winlogon Notify: StateMgr - C:\WINDOWS\system32\lv8609lse.dll
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - (no file)
O21 - SSODL: GjtCdJE - {374310ED-9DE9-BA47-5B03-BC6A65378B48} - C:\WINDOWS\System32\ldowi.dll (file missing)
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwinpy.exe
O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\meqkeldj.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: fsecure 2006 (fsecure) - Unknown owner - C:\WINDOWS\fswinsys.exe (file missing)
O23 - Service: NetBTD(ntbtd) (NetBTD) - Unknown owner - C:\WINDOWS\system32\netbtd.exe (file missing)
O23 - Service: Network DRV (NTDRV) - Unknown owner - C:\WINDOWS\system32\netdrvr.exe (file missing)
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
O23 - Service: WindowsNod (WinNod) - Unknown owner - C:\WINDOWS\winnod.exe (file missing)
Et maintenant ??? :-( :-?
Lassé par la pub ? Créez un compte
- Contenus similaires :
