melka29

Merci, Effectivement la complexité de la réponse et sa longueur m'on incité à voir s'il n'y avait pas plus court (le rêve est permis). Al'avenir je suivrais ton conseil. Et merci encore pour l'aide que vous apportez aux novices comme moi. Bonne journée

bonjour à tous, depuis quelques jours mon ordi est infesté, je n'ai quasiment plus de connexion, windows se ferme de manière intempestive, les pop up arrivent en rafale, je m'aperçois que des recherches sont en cours sur mon ordi sur des sites qui me sont inconnus, et plein d'autres joyeuseries. Les lenteurs sont horribles bien sur, et je profite d'être au bureau pour solliciter votre aide . Il semble que ce soit SECURE 32 et Spysheriff les responsables. Sur conseils recueillis sur ce forum j'ai procédé à différentes manipulations et obtenu les rapports suivants. Que dois-je faire maintenant ? Voici les rapports : --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 20:11:51 25/07/2006 + Scan result: C:\Documents and Settings\lmyujkkk5^m\Local Settings\Temporary Internet Files\Content.IE5\JRY666VN\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063863.exe -> Adware.AdURL : Cleaned with backup (quarantined). C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup (quarantined). D:\Program Files\TBONBin\tbon.exe -> Adware.Bestofer : Cleaned with backup (quarantined). C:\Program Files\Μіcrosoft.NET\userinit.exe -> Adware.ClickSpring : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059003.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059084.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059109.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059129.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060134.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060205.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060206.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060217.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060319.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060328.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060329.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060334.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060336.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060343.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060413.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060414.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060516.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060517.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060525.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060550.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061607.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061634.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061640.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061657.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061671.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061689.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061695.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061701.DLL -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062700.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063706.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063797.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063801.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063858.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063867.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063871.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063875.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063878.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063883.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063888.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063895.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063897.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063901.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063907.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063911.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063914.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\e6jmlg1116.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ennsl1571.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\fpn8035ue.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\g4jo0e13eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\gpn2l35o1.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\h4n00e5meh.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\hrro0593e.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\i4lo0e33eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ijetres.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ir60l5jm1.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ir6ql5j51.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\j42q0ef5eh2.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\j6j60g1se6.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\k6lq0g35e6.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\k6pmlg7116.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ktdycc.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\lv4u09h9e.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\noOpenGL.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\nvshrui.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\p4p60e7seh.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\p6r4lg9q16.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\phrfos.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\pktorsvc.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\qydit.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\surmdll.dll -> Adware.Look2Me : Cleaned with backup (quarantined). [588] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning. [664] C:\WINDOWS\system32\wdcdlg.dll -> Adware.Look2Me : Error during cleaning. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined). HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Error during cleaning. C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059075.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff -> Adware.SpySheriff : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : Cleaned with backup (quarantined). C:\Downloads\CommandosStrikeForceSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060341.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061608.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061676.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063802.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063803.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063876.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063886.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\mssvcc.exe -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061677.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0062702.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\eraseme_08682.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\eraseme_14022.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\eraseme_63841.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\WINDOWS\fswinsys.exe -> Backdoor.SdBot.aad : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\winscntrl.exe -> Backdoor.SdBot.aoy : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\eraseme_56663.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\netbtd.exe -> Backdoor.SdBot.aoz : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061650.exe -> Backdoor.VB.ary : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\drsmartload46a[1].exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052841.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061644.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061645.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061646.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061647.exe -> Downloader.Adload.ck : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060199.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060514.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined). C:\kybrded_7.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060190.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060505.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060182.exe -> Downloader.Adload.de : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060497.exe -> Downloader.Adload.de : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061643.exe -> Downloader.Adload.de : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\Documents and Settings\lmyujkkk5^m\Application Data\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050747.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050762.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050792.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051786.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051822.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052831.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0053843.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054855.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055857.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055871.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056905.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057886.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058903.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058983.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058998.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059009.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059089.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0059133.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060132.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060202.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060224.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060323.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060327.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060408.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060412.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060556.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061561.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061613.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061633.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061661.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061683.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061693.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063701.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063868.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063882.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063892.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0063902.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\532f98a.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\fxxiumul.exe -> Downloader.Obfuscated.n : Cleaned with backup (quarantined). C:\Program Files\Common Files\svchostsys\svchostupdate.exe -> Downloader.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050775.exe -> Downloader.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051838.exe -> Downloader.Small : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\taskmgn.exe -> Downloader.Small : Cleaned with backup (quarantined). C:\cpncwul.exe -> Downloader.Small : Cleaned with backup (quarantined). C:\78.exe -> Downloader.Small.dhg : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\loadadv780[1].exe -> Downloader.Small.dhg : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\gksrtdrb[1].txt -> Downloader.Tiny.ap : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059070.exe -> Downloader.Tiny.ap : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qcxzw[1].txt -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057899.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058897.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058923.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058943.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058963.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059114.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\bwrhm.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\nrpmarj.exe -> Downloader.VB.afo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061605.exe -> Downloader.VB.afv : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061642.exe -> Downloader.VB.afv : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061649.exe -> Downloader.VB.agi : Cleaned with backup (quarantined). C:\ywvgnuc.exe -> Hijacker.Costrat.c : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\yqceoxh[1].txt -> Hijacker.Costrat.d : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\lzx32.sys -> Hijacker.Costrat.d : Cleaned with backup (quarantined). C:\ixkrqy.exe -> Hijacker.Costrat.d : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061648.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061651.exe -> Hijacker.VB.fc : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\ksntdem[1].htm -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060181.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060183.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060186.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060496.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060498.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060501.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\btsx.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP127\A0060197.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060512.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined). C:\dfndred_7.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059016.DLL -> Logger.Goldun.le : Cleaned with backup (quarantined). C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Ignored. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\ytoagdn[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored. C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061652.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored. C:\lvjcj.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Ignored. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\qbmlifbl[1].txt -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored. C:\Program Files\wsybcq.exe -> Not-A-Virus.Hoax.Win32.Renos.dc : Ignored. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kfegzakgw[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\jkshrol[1].htm -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\rswojxfoj[1].txt -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055904.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056899.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058900.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058965.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059116.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061568.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskdmwinNBHLO`WPVSKFA[`L.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04CJHY[NHOG[L^HXVO.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04FOJA^BXYFMBVE]_A.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04HQEOAKIHRWXGCAQM.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04HZFU_XTKWKUMJUDU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04MWFS]RVROPZHUNEV.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04NI`KOZI_JQJZWN^E.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04ODNTPHRUDC[JD_NU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04RTORLYL]MDZBPTZL.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04SV]VBNZ^DM]_AHSO.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04UWFHCZWLRI`UCNW_.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04WSH^NSGIAPDCOQFW.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.dll -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\_zskwrkni04YA`_PHMTIXJDA^GU.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\bnccm.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\kvpubdd.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\pimlbc.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\reed.exe -> Proxy.Agent.km : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ceiyov.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\hlpkkj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\lqliat.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\uykmmi.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\wgwpoq.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\ygaxcj.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\w32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\win32.exe -> Proxy.Caprobad.b : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP126\A0060135.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP128\A0060338.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0060561.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined). C:\oqsdrdi.exe -> Proxy.Dlena.d : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050753.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050777.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052833.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052853.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054856.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055854.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056900.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058901.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058926.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061627.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061655.exe -> Proxy.Small.bo : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\vjeojhvro.dll -> Proxy.Small.ct : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\epqnjkac.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\hkndfdcl.exe -> Proxy.Wopla.r : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\mqlxlkgqd[1].htm -> Proxy.Wopla.s : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\hmoplckd.exe -> Proxy.Wopla.s : Cleaned with backup (quarantined). C:\WINDOWS\SYSTEM32\meqkeldj.dll -> Proxy.Wopla.s : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061653.dll -> Proxy.Xmiler.c : Cleaned with backup (quarantined). D:\Documents and Settings\nan\Cookies\nan@robeez.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. D:\Documents and Settings\nan\Cookies\nan@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned. D:\Documents and Settings\nan\Cookies\nan@cliks[1].txt -> TrackingCookie.Cliks : Cleaned. D:\Documents and Settings\nan\Cookies\nan@need2find[2].txt -> TrackingCookie.Need2find : Cleaned. D:\Documents and Settings\nan\Cookies\nan@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned. D:\Documents and Settings\nan\Cookies\nan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\WINDOWS\SYSTEM32\dcom_24.dll -> Trojan.Agent.pk : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\osambyv[1].htm -> Trojan.Dialer.u : Cleaned with backup (quarantined). C:\esrottis.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\zhtibclsda[1].txt -> Trojan.Pakes : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059115.exe -> Trojan.Pakes : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059117.sys -> Trojan.Pakes : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061624.sys -> Trojan.Pakes : Cleaned with backup (quarantined). C:\gkpfrx.exe -> Trojan.Pakes : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ojeunnxh[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NRJBX1H9\hgbqatgqte[1].htm -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059072.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined). C:\eiic.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined). C:\wnjotxtw.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\ezixhe[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\ytbqnxha[1].txt -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050745.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050746.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050766.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050769.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050770.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050787.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050790.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051829.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051830.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051833.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052826.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052849.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054842.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054843.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055843.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055844.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055869.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055894.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055897.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056887.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056888.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056891.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057891.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057892.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058886.EXE -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058887.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058890.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058914.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058915.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058935.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058936.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058953.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058954.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058976.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059112.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061616.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061617.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061619.dll -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061620.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\dpcyac.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\fuklu.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\gxewsguf.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\lbsnhrxl.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\ooelt.exe -> Trojan.Sinowal.aa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP129\A0061618.dll -> Trojan.Sinowal.ac : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\hytbur[1].txt -> Trojan.Sinowal.ae : Cleaned with backup (quarantined). C:\sdupelq.exe -> Trojan.Sinowal.ae : Cleaned with backup (quarantined). C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00057.exe -> Trojan.Sinowal.v : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3PB3AWR4\gxskj[1].txt -> Trojan.Small : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M23EX2UZ\kojmvf[1].txt -> Trojan.Small : Cleaned with backup (quarantined). C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MHC7Q3JT\dcxmw[1].txt -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050744.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050755.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050761.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050779.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0050786.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051828.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0051841.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0052825.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054841.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0054857.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055842.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055855.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055867.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055877.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055889.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0055906.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056886.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0056902.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057889.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0057901.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058885.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058905.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058912.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058927.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058933.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058946.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058952.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058966.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0058974.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\System Volume Information\_restore{241CCF1D-3365-45B0-9C6C-851890349BE7}\RP125\A0059118.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\bcksiqql.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\nulhght.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\ovdxwofx.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\slhowhi.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\whtvahaf.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\yuhmybk.exe -> Trojan.Small : Cleaned with backup (quarantined). ::Report end ET le second : Logfile of HijackThis v1.99.1 Scan saved at 20:22:25, on 25/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe C:\WINDOWS\System32\tvmjvm.exe C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE C:\WINDOWS\System32\rpcc.exe C:\kybrdef_7.exe C:\WINDOWS\System32\dxvwinpy.exe C:\dfndref_7.exe C:\Program Files\wsybcq.exe C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe C:\WINDOWS\WallADay.exe C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe C:\Documents and Settings\lmyujkkk5^m\Mes documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =