213 utilisateurs connectés
help affectée par btontok a 16
saidachahid
le 29 juillet 2008 à 21h16
bonjour
j'ai besoin d'aide je suis une informaticienne novice et je suis affectée par le virus brontok a 16 j'ai consulter les differents messages laissé sur internet sur ce virus mais dés que j'essaye de telecharger un antivirus avart par exemple ou norton l'ordinateur redemarre et refuse de telecharger lanti virus en plus quand j'eteint et ralume mon ordi tout les icone de mon bureau la bare demarrer mes demarage auto tel que hotmail on disparu et en fesant ctrl alt supr et executer internet tout les sites securisé ou a mot de passe sont innnaccesible il faut restaure le systeme avant le virus a chaque ouverture de mon ordi
help aidez moi s'il vous plait je n'ai plus de solution
merci encore 10000 fois
j'ai besoin d'aide je suis une informaticienne novice et je suis affectée par le virus brontok a 16 j'ai consulter les differents messages laissé sur internet sur ce virus mais dés que j'essaye de telecharger un antivirus avart par exemple ou norton l'ordinateur redemarre et refuse de telecharger lanti virus en plus quand j'eteint et ralume mon ordi tout les icone de mon bureau la bare demarrer mes demarage auto tel que hotmail on disparu et en fesant ctrl alt supr et executer internet tout les sites securisé ou a mot de passe sont innnaccesible il faut restaure le systeme avant le virus a chaque ouverture de mon ordi
help aidez moi s'il vous plait je n'ai plus de solution
merci encore 10000 fois
répondre
dédétraqué
le 29 juillet 2008 à 21h41
Salut saidachahid
Télécharge Hijackthis V 2.02 sur le bureau :
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
- Double clique sur HJTInstall.exe sur le bureau
- Clique sur Install ensuite sur I Accept
- ferme toutes les fenêtres, HJT doit être exécuté seul (tout autre programme fermé).
- lancer HJT et clic sur Do a system scan and save a logfile
Quand le rapport apparaît dans le bloc note, allez dans Edition, puis Sélectionner Tout, le texte est alors sélectionné, retourne dans Edition toujours en laissant le texte sélectionné, et cliquez sur copier.
Dans ta prochaine réponse, faire un clic droit et coller.
Aide : http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)
@++
Télécharge Hijackthis V 2.02 sur le bureau :
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
- Double clique sur HJTInstall.exe sur le bureau
- Clique sur Install ensuite sur I Accept
- ferme toutes les fenêtres, HJT doit être exécuté seul (tout autre programme fermé).
- lancer HJT et clic sur Do a system scan and save a logfile
Quand le rapport apparaît dans le bloc note, allez dans Edition, puis Sélectionner Tout, le texte est alors sélectionné, retourne dans Edition toujours en laissant le texte sélectionné, et cliquez sur copier.
Dans ta prochaine réponse, faire un clic droit et coller.
Aide : http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)
@++
saidachahid
le 31 juillet 2008 à 11h29
quans j'essay de telecharger hijackthis mon ordi se rallume
je voualis savoir si c'etait possible d'utiliser le detectuer de virus de symantec security chek qui donne un rapporrt en ligne sans rien telecharger ou pas
merci encore
je voualis savoir si c'etait possible d'utiliser le detectuer de virus de symantec security chek qui donne un rapporrt en ligne sans rien telecharger ou pas
merci encore
saidachahid
le 31 juillet 2008 à 11h56
D:\Documents and Settings\Shahid\Modèles\7932-NendangBro.com est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\SAIDA(3)\Local Settings(3)\Temp\Installer-Crack-Keygen.exe est infecté par Backdoor.Trojan.
D:\Documents and Settings\JAWAD\Modèles\10308-NendangBro.com est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes documents.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\TomTom\HOME\Télécharger\ephemeris\QuickGPSfix\QuickGPSfix.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\My Skype Pictures\My Skype Pictures.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes vidéos\Mes vidéos.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes images\Mes images.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Ma musique.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Sauvegarde de la licence\Sauvegarde de la licence.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\iTunes.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\Previous iTunes Libraries\Previous iTunes Libraries.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\doc important\doc important.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Menu Démarrer\Programmes\Démarrage\Empty.pif est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\br6063on.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Modèles\40932-NendangBro.com est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\All Users\Documents\mes docs.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\KesenjanganSosial.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\CHAHID-HOSSEYN.115143250318's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\cmd-brontok.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\JAWAD's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\SAIDA's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\Shahid's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\WinSecure.exe est infecté par Backdoor.Trojan.
C:\WINDOWS\SHELLNEW\RakyatKelaparan.exe est infecté par W32.Rontokbro@mm.
C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe est infecté par AVSystemCare.
voila le rapport symantec
D:\Documents and Settings\Shahid\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\Shahid\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\SAIDA(3)\Local Settings(3)\Temp\Installer-Crack-Keygen.exe est infecté par Backdoor.Trojan.
D:\Documents and Settings\JAWAD\Modèles\10308-NendangBro.com est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes documents.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\TomTom\HOME\Télécharger\ephemeris\QuickGPSfix\QuickGPSfix.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\My Skype Pictures\My Skype Pictures.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes vidéos\Mes vidéos.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Mes images\Mes images.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Ma musique.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Sauvegarde de la licence\Sauvegarde de la licence.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\iTunes.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\Previous iTunes Libraries\Previous iTunes Libraries.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Mes documents\doc important\doc important.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Menu Démarrer\Programmes\Démarrage\Empty.pif est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\br6063on.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Modèles\40932-NendangBro.com est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\csrss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\inetinfo.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\lsass.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\services.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\smss.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\svchost.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\winlogon.exe est infecté par W32.Rontokbro@mm.
D:\Documents and Settings\All Users\Documents\mes docs.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\KesenjanganSosial.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\CHAHID-HOSSEYN.115143250318's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\cmd-brontok.exe est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\JAWAD's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\SAIDA's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\Shahid's Setting.scr est infecté par W32.Rontokbro@mm.
C:\WINDOWS\system32\WinSecure.exe est infecté par Backdoor.Trojan.
C:\WINDOWS\SHELLNEW\RakyatKelaparan.exe est infecté par W32.Rontokbro@mm.
C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe est infecté par AVSystemCare.
voila le rapport symantec
dédétraqué
le 31 juillet 2008 à 23h11
Salut saidachahid
Télécharge OTMoveIt (de Old_Timer) sur le bureau :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Télécharge et installe :
- MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
- Clean.zip (de Malekal) http://www.malekal.com/download/clean.zip
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier Clean
-----
Redémarre ton PC en mode sans échec
Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
-----
Double-clique sur OTMoveIt2.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
- Clique sur MoveIt! pour lancer la suppression.
- Lorsqu'un résultat apparaît dans le cadre Results clique sur Exit
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
-----
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 1 valide par Entrée.
- Laisse le scan se dérouler
- Poste le rapport ici dans ta prochaine réponse.
Un tuto : http://mickael.barroux.free.fr/securite/clean.php
-----
Redémarre ton PC en mode normal poste :
- Un rapport Hijackthis (essaie de nouveau)
- Le rapport MalwareByte's Anti-Malware
- Le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
Télécharge OTMoveIt (de Old_Timer) sur le bureau :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Télécharge et installe :
- MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
- Clean.zip (de Malekal) http://www.malekal.com/download/clean.zip
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier Clean
-----
Redémarre ton PC en mode sans échec
Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
-----
Double-clique sur OTMoveIt2.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
- Clique sur MoveIt! pour lancer la suppression.
- Lorsqu'un résultat apparaît dans le cadre Results clique sur Exit
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
-----
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 1 valide par Entrée.
- Laisse le scan se dérouler
- Poste le rapport ici dans ta prochaine réponse.
Un tuto : http://mickael.barroux.free.fr/securite/clean.php
-----
Redémarre ton PC en mode normal poste :
- Un rapport Hijackthis (essaie de nouveau)
- Le rapport MalwareByte's Anti-Malware
- Le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
saidachahid
le 04 aout 2008 à 14h50
bonjour
dés que j'essaye de telecharger mon ordi redemarre et donc ne telecharge pas
help
dés que j'essaye de telecharger mon ordi redemarre et donc ne telecharge pas
help
dédétraqué
le 05 aout 2008 à 04h08
Salut saidachahid
Télécharge les outils à partir d'un autre ordinateur et mettre sur une clé usb ou autre support.
Sinon voir en mode sans sans échec avec prise en charge réseau
@++
Télécharge les outils à partir d'un autre ordinateur et mettre sur une clé usb ou autre support.
Sinon voir en mode sans sans échec avec prise en charge réseau
@++
saidachahid
le 17 aout 2008 à 18h11
bonjour dédétraqué
en fait k'arrive a tou telecharger j'exexute toute els etapes sauf quand j'arrive pour executer clean.cmd mon ordi redemar sur place meme en mode sans echec et dés que l'ordi redemar et ouvre automatiquemen la fenetre internet brontok
merci je te poste le rapport
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1025
Windows 5.1.2600 Service Pack 2
17:30:16 17/08/2008
mbam-log-8-17-2008 (17-30-16).txt
Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|)
Eléments examinés: 207229
Temps écoulé: 28 minute(s), 29 second(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\Shahid\Modèles\7932-NendangBro.com moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\csrss.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\inetinfo.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\lsass.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\services.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\smss.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\svchost.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\winlogon.exe moved successfully.
File/Folder D:\Documents and Settings\SAIDA(3)\Local Settings(3)\Temp\Installer-Crack-Keygen.exe not found.
D:\Documents and Settings\JAWAD\Modèles\10308-NendangBro.com moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes documents.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\TomTom\HOME\Télécharger\ephemeris\QuickGPSfix\QuickGPSfix.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\My Skype Pictures\My Skype Pictures.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes vidéos\Mes vidéos.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes images\Mes images.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Ma musique.exe moved successfully.
File/Folder D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Sauvegarde de la licence\Sauvegarde de la licence.ex not found.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\iTunes.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\Previous iTunes Libraries\Previous iTunes Libraries.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\doc important\doc important.exe moved successfully.
D:\Documents and Settings\JAWAD\Menu Démarrer\Programmes\Démarrage\Empty.pif moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\br6063on.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\csrss.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\smss.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\svchost.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe moved successfully.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Modèles\40932-NendangBro.com not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\csrss.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\inetinfo.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\lsass.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\services.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\smss.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\svchost.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\winlogon.exe not found.
File/Folder D:\Documents and Settings\All Users\Documents\mes docs.exe not found.
C:\WINDOWS\KesenjanganSosial.exe moved successfully.
File/Folder C:\WINDOWS\system32\CHAHID-HOSSEYN.115143250318's Setting.scr not found.
C:\WINDOWS\system32\cmd-brontok.exe moved successfully.
C:\WINDOWS\system32\JAWAD's Setting.scr moved successfully.
C:\WINDOWS\system32\SAIDA's Setting.scr moved successfully.
C:\WINDOWS\system32\Shahid's Setting.scr moved successfully.
File/Folder C:\WINDOWS\system32\WinSecure.exe not found.
C:\WINDOWS\SHELLNEW\RakyatKelaparan.exe moved successfully.
File/Folder C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08172008_165511
en fait k'arrive a tou telecharger j'exexute toute els etapes sauf quand j'arrive pour executer clean.cmd mon ordi redemar sur place meme en mode sans echec et dés que l'ordi redemar et ouvre automatiquemen la fenetre internet brontok
merci je te poste le rapport
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1025
Windows 5.1.2600 Service Pack 2
17:30:16 17/08/2008
mbam-log-8-17-2008 (17-30-16).txt
Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|)
Eléments examinés: 207229
Temps écoulé: 28 minute(s), 29 second(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
D:\Documents and Settings\Shahid\Modèles\7932-NendangBro.com moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\csrss.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\inetinfo.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\lsass.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\services.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\smss.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\svchost.exe moved successfully.
D:\Documents and Settings\Shahid\Local Settings\Application Data\winlogon.exe moved successfully.
File/Folder D:\Documents and Settings\SAIDA(3)\Local Settings(3)\Temp\Installer-Crack-Keygen.exe not found.
D:\Documents and Settings\JAWAD\Modèles\10308-NendangBro.com moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes documents.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\TomTom\HOME\Télécharger\ephemeris\QuickGPSfix\QuickGPSfix.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\My Skype Pictures\My Skype Pictures.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes vidéos\Mes vidéos.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Mes images\Mes images.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Ma musique.exe moved successfully.
File/Folder D:\Documents and Settings\JAWAD\Mes documents\Ma musique\Sauvegarde de la licence\Sauvegarde de la licence.ex not found.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\iTunes.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\Ma musique\iTunes\Previous iTunes Libraries\Previous iTunes Libraries.exe moved successfully.
D:\Documents and Settings\JAWAD\Mes documents\doc important\doc important.exe moved successfully.
D:\Documents and Settings\JAWAD\Menu Démarrer\Programmes\Démarrage\Empty.pif moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\br6063on.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\csrss.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\smss.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\svchost.exe moved successfully.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe moved successfully.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Modèles\40932-NendangBro.com not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\csrss.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\inetinfo.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\lsass.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\services.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\smss.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\svchost.exe not found.
File/Folder D:\Documents and Settings\CHAHID-HOSSEYN.115143250318\Local Settings\Application Data\winlogon.exe not found.
File/Folder D:\Documents and Settings\All Users\Documents\mes docs.exe not found.
C:\WINDOWS\KesenjanganSosial.exe moved successfully.
File/Folder C:\WINDOWS\system32\CHAHID-HOSSEYN.115143250318's Setting.scr not found.
C:\WINDOWS\system32\cmd-brontok.exe moved successfully.
C:\WINDOWS\system32\JAWAD's Setting.scr moved successfully.
C:\WINDOWS\system32\SAIDA's Setting.scr moved successfully.
C:\WINDOWS\system32\Shahid's Setting.scr moved successfully.
File/Folder C:\WINDOWS\system32\WinSecure.exe not found.
C:\WINDOWS\SHELLNEW\RakyatKelaparan.exe moved successfully.
File/Folder C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08172008_165511
dédétraqué
le 17 aout 2008 à 18h23
Salut saidachahid
Es-tu capable de me faire parvenir un rapport HijackThis?
@++
Es-tu capable de me faire parvenir un rapport HijackThis?
@++
saidachahid
le 17 aout 2008 à 22h29
slt
voici le rapport clean aprés une petite bataile gagné
17/08/2008 a 22:05:12,45
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe" FOUND
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe" FOUND
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
voici le rapport clean aprés une petite bataile gagné
17/08/2008 a 22:05:12,45
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe" FOUND
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe" FOUND
"D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
dédétraqué
le 17 aout 2008 à 22h34
Salut saidachahid
1- Redémarre ton PC en mode sans échec
Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session et non la session Administrateur
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 2 valide par Entrée.
- Laisse le scan se dérouler.
- Un rapport sera généré sauvegarde le.
2- Redémarre en mode normal
-Poste le rapport de Clean avec un rapport HijackThis
@++
1- Redémarre ton PC en mode sans échec
Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session et non la session Administrateur
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 2 valide par Entrée.
- Laisse le scan se dérouler.
- Un rapport sera généré sauvegarde le.
2- Redémarre en mode normal
-Poste le rapport de Clean avec un rapport HijackThis
@++
saidachahid
le 19 aout 2008 à 12h31
bonjour
rapport clean
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 19/08/2008 a 12:11:40,51
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe"
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe"
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe"
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
rapport clean
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 19/08/2008 a 12:11:40,51
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\csrss.exe"
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe"
tentative de suppression de "D:\Documents and Settings\SAIDA\Local Settings\Application Data\smss.exe"
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
saidachahid
le 19 aout 2008 à 12h34
rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:52, on 19/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Athan\Athan.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11074 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:52, on 19/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Athan\Athan.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11074 bytes
dédétraqué
le 19 aout 2008 à 12h45
Salut saidachahid
Rien de bien précis, on va creuser un peu plus
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
==> Sauvegarde et ferme toutes les fenêtres actives, il va y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==
Double clique combofix.exe clique sur OUI valide par Entrée pour lancer le scan
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++
Rien de bien précis, on va creuser un peu plus
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
==> Sauvegarde et ferme toutes les fenêtres actives, il va y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==
Double clique combofix.exe clique sur OUI valide par Entrée pour lancer le scan
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++
saidachahid
le 19 aout 2008 à 22h29
en fait j'avais sur mon ordi norman ke j'a iutikisé a plusieurs reprise pour nettoyer l'ordi de brontok afin de pouvoir telecharger se que je n'arrivais pa a faire mais kan j'utilise norman il le detecte le tue ensuite j'arive a telecharger puis quelque heure plus tard le brontok revient
la j'ai bcp persistée et je crois qu'il a completemen disparu
stp comment je peut en etre sur merci 1000x
la j'ai bcp persistée et je crois qu'il a completemen disparu
stp comment je peut en etre sur merci 1000x
dédétraqué
le 20 aout 2008 à 00h12
Salut saidachahid
Fais un scan en ligne ici http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)
- Désactive ton Antivirus durant le scan
- En bas à droite clique sur Démarrer Online-scanner dans la nouvelle fenêtre qui s'affiche clique sur J'accepte
- Accepte les Contrôle ActivX
- Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)
- Poste le rapport
- Pour t'aider à utiliser le scan en ligne http://www.malekal.com/scan_Av_en_ligne.html#mozTocId291566
- Si tu as un probléme pour l'installation du Contrôle ActivX lis ceci http://www.inoculer.com/activex.php3
NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.
@++
Fais un scan en ligne ici http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)
- Désactive ton Antivirus durant le scan
- En bas à droite clique sur Démarrer Online-scanner dans la nouvelle fenêtre qui s'affiche clique sur J'accepte
- Accepte les Contrôle ActivX
- Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)
- Poste le rapport
- Pour t'aider à utiliser le scan en ligne http://www.malekal.com/scan_Av_en_ligne.html#mozTocId291566
- Si tu as un probléme pour l'installation du Contrôle ActivX lis ceci http://www.inoculer.com/activex.php3
NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.
@++
saidachahid
le 05 septembre 2008 à 19h28
ComboFix 08-09-01.05 - SAIDA 2008-09-05 19:04:11.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.449 [GMT 2:00]
Endroit: D:\Documents and Settings\SAIDA\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-05 to 2008-09-05 ))))))))))))))))))))))))))))))))))))
.
2008-08-19 12:32 . 2008-08-19 12:32 <REP> d-------- C:\Program Files\Trend Micro
2008-08-19 11:48 . 2008-08-19 11:48 <REP> d-------- C:\upload_moi_115143250318
2008-08-19 09:02 . 2008-08-19 09:02 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-08-17 22:06 . 2008-08-17 22:06 10,850,756 --a------ C:\upload_moi_115143250318.tar.gz
2008-08-17 12:31 . 2008-08-17 12:31 <REP> d--hs---- D:\Documents and Settings\NetworkService.AUTORITE NT.008
2008-08-17 12:31 . 2008-08-17 12:31 <REP> d--hs---- D:\Documents and Settings\LocalService.AUTORITE NT.008
2008-08-13 11:28 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-09 21:44 . 2008-08-09 21:44 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\TomTom
2008-08-08 22:48 . 2008-08-08 22:48 <REP> d-------- D:\Documents and Settings\JAWAD\Application Data\Malwarebytes
2008-08-06 14:54 . 2006-10-04 16:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-08-06 14:54 . 2006-10-04 16:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-08-06 14:54 . 2006-10-04 16:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-08-06 14:53 . 2008-08-19 09:00 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-08-06 14:52 . 2008-08-19 09:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-08-05 00:18 . 2008-08-05 00:18 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\Malwarebytes
2008-08-05 00:18 . 2008-08-05 00:18 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-05 00:18 . 2008-08-19 09:01 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-05 00:18 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-05 00:18 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-05 00:09 . 2008-08-05 00:09 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\Norman
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-05 17:06 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-08-20 20:02 --------- d-----w C:\Program Files\eMule
2008-08-11 07:11 45,417 ---h--w C:\WINDOWS\KesenjanganSosial.exe
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\SAIDA's Setting.scr
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\JAWAD's Setting.scr
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\cmd-brontok.exe
2008-08-04 21:52 --------- d-----w D:\Documents and Settings\JAWAD\Application Data\Norman
2008-07-31 10:03 45,417 ----a-w C:\WINDOWS\system32\Administrateur.115143250318's Setting.scr
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\You've Got Pictures Screensaver
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Viewpoint
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\VadeRetro
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Symantec
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Apple Computer
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\AdobeUM
2008-07-28 10:01 --------- d-----w C:\Program Files\Apple Software Update
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-15 14:52 --------- d---a-w D:\Documents and Settings\All Users\Application Data\TEMP
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2).dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2)(2).dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2)(2)(2)(3).dll
2008-06-20 17:41 247,808 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2)(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2)(2)(2)(3).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2004-08-05 13:00 1,392,671 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-06-18 171448]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"Tok-Cirrhatus-2355"="D:\Documents and Settings\SAIDA\Local Settings\Application Data\br5733on.exe" [2008-08-11 45417]
"AWMON"="C:\Program Files\Norman\Norman Ad-aware SE Plus\Ad-Watch.exe" [2005-06-27 516608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-03-03 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 385024]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 7110656]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 267048]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-11-22 842584]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
"Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 1003520]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 C:\WINDOWS\soundman.exe]
"nwiz"="nwiz.exe" [2005-08-02 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
D:\Documents and Settings\Administrateur.115143250318\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-13 45417]
D:\Documents and Settings\JAWAD\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-11 45417]
D:\Documents and Settings\SAIDA\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-11 45417]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-06-14 257536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fr/
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-05 19:06:07
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-09-05 19:06:58
ComboFix-quarantined-files.txt 2008-09-05 17:06:55
Pre-Run: 8,652,636,160 octets libres
Post-Run: 8,678,752,256 octets libres
188 --- E O F --- 2008-08-18 09:01:06
desole pour mon retar j'etas pas chez moi merci encore j'en peu plu avec brontok on dirai qu'il se cache dés qu'il se sent menacé
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.449 [GMT 2:00]
Endroit: D:\Documents and Settings\SAIDA\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe
D:\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe
D:\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-05 to 2008-09-05 ))))))))))))))))))))))))))))))))))))
.
2008-08-19 12:32 . 2008-08-19 12:32 <REP> d-------- C:\Program Files\Trend Micro
2008-08-19 11:48 . 2008-08-19 11:48 <REP> d-------- C:\upload_moi_115143250318
2008-08-19 09:02 . 2008-08-19 09:02 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-08-17 22:06 . 2008-08-17 22:06 10,850,756 --a------ C:\upload_moi_115143250318.tar.gz
2008-08-17 12:31 . 2008-08-17 12:31 <REP> d--hs---- D:\Documents and Settings\NetworkService.AUTORITE NT.008
2008-08-17 12:31 . 2008-08-17 12:31 <REP> d--hs---- D:\Documents and Settings\LocalService.AUTORITE NT.008
2008-08-13 11:28 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-09 21:44 . 2008-08-09 21:44 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\TomTom
2008-08-08 22:48 . 2008-08-08 22:48 <REP> d-------- D:\Documents and Settings\JAWAD\Application Data\Malwarebytes
2008-08-06 14:54 . 2006-10-04 16:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-08-06 14:54 . 2006-10-04 16:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-08-06 14:54 . 2006-10-04 16:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-08-06 14:53 . 2008-08-19 09:00 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-08-06 14:52 . 2008-08-19 09:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-08-05 00:18 . 2008-08-05 00:18 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\Malwarebytes
2008-08-05 00:18 . 2008-08-05 00:18 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-05 00:18 . 2008-08-19 09:01 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-05 00:18 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-05 00:18 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-05 00:09 . 2008-08-05 00:09 <REP> d-------- D:\Documents and Settings\SAIDA\Application Data\Norman
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-05 17:06 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-08-20 20:02 --------- d-----w C:\Program Files\eMule
2008-08-11 07:11 45,417 ---h--w C:\WINDOWS\KesenjanganSosial.exe
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\SAIDA's Setting.scr
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\JAWAD's Setting.scr
2008-08-11 07:11 45,417 ----a-w C:\WINDOWS\system32\cmd-brontok.exe
2008-08-04 21:52 --------- d-----w D:\Documents and Settings\JAWAD\Application Data\Norman
2008-07-31 10:03 45,417 ----a-w C:\WINDOWS\system32\Administrateur.115143250318's Setting.scr
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\You've Got Pictures Screensaver
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Viewpoint
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\VadeRetro
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Symantec
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\Apple Computer
2008-07-28 10:03 --------- d-----w D:\Documents and Settings\SAIDA\Application Data\AdobeUM
2008-07-28 10:01 --------- d-----w C:\Program Files\Apple Software Update
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-15 14:52 --------- d---a-w D:\Documents and Settings\All Users\Application Data\TEMP
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2).dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2)(2).dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2)(2)(2)(2)(3).dll
2008-06-20 17:41 247,808 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2)(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2)(2)(2)(2)(3).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2004-08-05 13:00 1,392,671 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-06-18 171448]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"Tok-Cirrhatus-2355"="D:\Documents and Settings\SAIDA\Local Settings\Application Data\br5733on.exe" [2008-08-11 45417]
"AWMON"="C:\Program Files\Norman\Norman Ad-aware SE Plus\Ad-Watch.exe" [2005-06-27 516608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-03-03 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 385024]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 7110656]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 267048]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-11-22 842584]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
"Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 1003520]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 C:\WINDOWS\soundman.exe]
"nwiz"="nwiz.exe" [2005-08-02 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
D:\Documents and Settings\Administrateur.115143250318\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-13 45417]
D:\Documents and Settings\JAWAD\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-11 45417]
D:\Documents and Settings\SAIDA\Menu D‚marrer\Programmes\D‚marrage\
Empty.pif [2008-08-11 45417]
D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-06-14 257536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fr/
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-05 19:06:07
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-09-05 19:06:58
ComboFix-quarantined-files.txt 2008-09-05 17:06:55
Pre-Run: 8,652,636,160 octets libres
Post-Run: 8,678,752,256 octets libres
188 --- E O F --- 2008-08-18 09:01:06
desole pour mon retar j'etas pas chez moi merci encore j'en peu plu avec brontok on dirai qu'il se cache dés qu'il se sent menacé
dédétraqué
le 05 septembre 2008 à 20h29
Salut saidachahid
- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.
- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :
- Enregistre ce fichier sur le bureau (Impératif)
-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers
- Clique sur Enregistrer et quitte le Bloc Notes
- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
@++
- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.
- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :
- Enregistre ce fichier sur le bureau (Impératif)
-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers
- Clique sur Enregistrer et quitte le Bloc Notes
- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
@++
saidachahid
le 09 septembre 2008 à 17h25
bonjour quand je fais la manip
tous s'enclench mon bureau disparait mé la fnetr rest allumer indique suppression de fichier mais elle naffiche pas de rapport et n'indique pas terminer j'ai laisser mon ordi allumer sur cette fentr 6h et rein j'ai du eteindr l'ordi de bas
et la seul chose que je retrouv c un diossier combofix et dedan il y a sa
ComboFix 08-09-01.05 - SAIDA 2008-09-09 11:09:02.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.251 [GMT 2:00]
Endroit: D:\Documents and Settings\SAIDA\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\SAIDA\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
tous s'enclench mon bureau disparait mé la fnetr rest allumer indique suppression de fichier mais elle naffiche pas de rapport et n'indique pas terminer j'ai laisser mon ordi allumer sur cette fentr 6h et rein j'ai du eteindr l'ordi de bas
et la seul chose que je retrouv c un diossier combofix et dedan il y a sa
ComboFix 08-09-01.05 - SAIDA 2008-09-09 11:09:02.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.251 [GMT 2:00]
Endroit: D:\Documents and Settings\SAIDA\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\SAIDA\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
dédétraqué
le 09 septembre 2008 à 17h40
Salut saidachahid
Poste un nouveau rapport HijackThis
@++
Poste un nouveau rapport HijackThis
@++
saidachahid
le 12 septembre 2008 à 12h38
slt dédétraqué voilaa le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35, on 2008-09-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Athan\Athan.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tok-Cirrhatus-2355] "D:\Documents and Settings\SAIDA\Local Settings\Application Data\br5733on.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Empty.pif = ?
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10960 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35, on 2008-09-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Athan\Athan.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tok-Cirrhatus-2355] "D:\Documents and Settings\SAIDA\Local Settings\Application Data\br5733on.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Empty.pif = ?
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10960 bytes
dédétraqué
le 12 septembre 2008 à 16h09
Salut saidachahid
Faire un scan avec ce fix :
http://www.bitdefender.com/site/Downloads/downloadFile/773/FreeRemovalTool
Après faire un scan en ligne et poste le rapport :
http://www.bitdefender.fr/scan8/ie.html
Tutoriel : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId406812
@++
Faire un scan avec ce fix :
http://www.bitdefender.com/site/Downloads/downloadFile/773/FreeRemovalTool
Après faire un scan en ligne et poste le rapport :
http://www.bitdefender.fr/scan8/ie.html
Tutoriel : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId406812
@++
saidachahid
le 12 septembre 2008 à 21h34
slt
BitDefender Online Scanner - Real Time Virus Report
Generated at: Fri, Sep 12, 2008 - 21:33:39
--------------------------------------------------------------------------------
Scan Info
Scanned Files
341354
Infected Files
3001
Virus Detected
Worm.Brontok.HTML.A
3
EICAR-Test-File (not a virus)
1
Worm.Generic.21501
1
Win32.Brontok.BV@mm
2996
--------------------------------------------------------------------------------
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
BitDefender Online Scanner - Real Time Virus Report
Generated at: Fri, Sep 12, 2008 - 21:33:39
--------------------------------------------------------------------------------
Scan Info
Scanned Files
341354
Infected Files
3001
Virus Detected
Worm.Brontok.HTML.A
3
EICAR-Test-File (not a virus)
1
Worm.Generic.21501
1
Win32.Brontok.BV@mm
2996
--------------------------------------------------------------------------------
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
dédétraqué
le 12 septembre 2008 à 21h38
Salut saidachahid
Tu as seulement ça comme rapport?
@++
Tu as seulement ça comme rapport?
@++
dédétraqué
le 12 septembre 2008 à 21h49
Salut saidachahid
As-tu remarqué si des choses ont été supprimés?
@++
As-tu remarqué si des choses ont été supprimés?
@++
saidachahid
le 12 septembre 2008 à 21h49
il y a sa mais e ne croi pa que cesoit un rapport
BitDefender Online Scanner
Scan report generated at: Fri, Sep 12, 2008 - 21:28:12
Scan path: C:\;D:\;E:\;G:\;H:\;I:\;J:\;K:\;L:\;M:\;N:\;
Statistics
Time
01:05:26
Files
311615
Folders
9805
Boot Sectors
0
Archives
8407
Packed Files
14133
Results
Identified Viruses
5
Infected Files
3001
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3001
Engines Info
Virus Definitions
1754178
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 10 2008 19:37:42)
Scan plugins
16
Archive plugins
43
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\QooBox\Quarantine\C\upload_moi_115143250318\WINDOWS\System32\cmd-brontok.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\upload_moi_115143250318\WINDOWS\System32\cmd-brontok.exe.vir
Deleted
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar=>WINDOWS/System32/cmd-brontok.exe
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar=>WINDOWS/System32/cmd-brontok.exe
Deleted
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar
Updated
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir
Updated
C:\QooBox\Quarantine\C\WINDOWS\KesenjanganSosial.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\KesenjanganSosial.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\Administrateur.115143250318's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\Administrateur.115143250318's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\cmd-brontok.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\cmd-brontok.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\JAWAD's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\JAWAD's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\SAIDA's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\SAIDA's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\Administrateur.115143250318\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\Administrateur.115143250318\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe.vir
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026563.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026563.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026565.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026565.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026566.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026566.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026567.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026567.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028150.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028150.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028403.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028403.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028945.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028945.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0033488.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0033488.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0034282.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0034282.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0035244.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0035244.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0036861.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0036861.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041517.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041517.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041518.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041518.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041529.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041529.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041530.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041530.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041537.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041537.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041538.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041538.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041549.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041549.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041550.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041550.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041557.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041557.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041558.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041558.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041569.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041569.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041570.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041570.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041578.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041578.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041579.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041579.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041589.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041589.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041590.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041590.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041599.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041599.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041600.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041600.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041611.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041611.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041612.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041612.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041618.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041618.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041619.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041619.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041629.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041629.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041630.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041630.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042113.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042113.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042114.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042114.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042124.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042124.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042125.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042125.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042249.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042249.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042702.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042702.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042703.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042703.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042714.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042714.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042715.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042715.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0043892.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0043892.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044292.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044292.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044293.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044293.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044304.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044304.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044305.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044305.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0045482.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0045482.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046525.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046525.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046526.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046526.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046535.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046535.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046538.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046538.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046550.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046550.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046551.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046551.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046561.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046561.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046562.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046562.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046567.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046567.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046568.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046568.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046579.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046579.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046580.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046580.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046783.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046783.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046784.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046784.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046795.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046795.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046796.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046796.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP113\A0047596.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP113\A0047596.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP114\A0049469.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP114\A0049469.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049470.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049470.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049471.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049471.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049472.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049472.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049484.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049484.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049485.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049485.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049496.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049496.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049497.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049497.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049505.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049505.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049506.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049506.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049517.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049517.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049518.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049518.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049532.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049532.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049537.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049537.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049538.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049538.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049539.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049539.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049551.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049551.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049556.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049556.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049557.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049557.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049568.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049568.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049569.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049569.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049660.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049660.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049691.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049691.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049692.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049692.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049693.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049693.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049700.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049700.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049982.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049982.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049983.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049983.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049994.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049994.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049995.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049995.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050003.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050003.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050013.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050013.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050014.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050014.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050025.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050025.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050027.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050027.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050028.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050028.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050029.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050029.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050030.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050030.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050041.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050041.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050042.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050042.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050047.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050047.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050052.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050052.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050053.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050053.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050064.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050064.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050065.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050065.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050070.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050070.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050071.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050071.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050081.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050081.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050082.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050082.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050086.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050086.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050087.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050087.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050098.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050098.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050099.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050099.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050103.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050103.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050104.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050104.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050115.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050115.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050121.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050121.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050122.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050122.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050133.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050133.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050138.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050138.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050139.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050139.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050149.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050149.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050150.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050150.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050186.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050186.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050187.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050187.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050188.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050188.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050323.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050323.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050324.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050324.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050335.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050335.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050336.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050336.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050341.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050341.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050342.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050342.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050353.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050353.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050354.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050354.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050361.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050361.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050362.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050362.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050372.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050372.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050373.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050373.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050379.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050379.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050380.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050380.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050390.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050390.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050391.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050391.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050392.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050392.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050393.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050393.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050394.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050394.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050401.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050401.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050402.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050402.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050403.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050403.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050542.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050542.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050543.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050543.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050553.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050553.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050554.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050554.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050660.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050660.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050661.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050661.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050669.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050669.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050672.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050672.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050682.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050682.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050683.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050683.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050684.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050684.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050700.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050700.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050701.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050701.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050712.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050712.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050713.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050713.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050725.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050725.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050731.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050731.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050732.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050732.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050743.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050743.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050748.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050748.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050749.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050749.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050760.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050760.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050761.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050761.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050874.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050874.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050875.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050875.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050886.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050886.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050887.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050887.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050890.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050890.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050891.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050891.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050892.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050892.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050909.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050909.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050910.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050910.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050918.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050918.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050920.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050920.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050933.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050933.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050934.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050934.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050944.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050944.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050945.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050945.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050950.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050950.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050951.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050951.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050961.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050961.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050962.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050962.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050967.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050967.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050968.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050968.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050979.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050979.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050980.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050980.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050985.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050985.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050986.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050986.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050997.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050997.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050998.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050998.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0050999.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0050999.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051000.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051000.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051001.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051001.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051018.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051018.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051019.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051019.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051030.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051030.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051031.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051031.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051036.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051036.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051037.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051037.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051047.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051047.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051048.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051048.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051053.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051053.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051054.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051054.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051065.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051065.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051066.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051066.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052712.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052712.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052738.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052738.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052739.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052739.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052750.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052750.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052751.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052751.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052957.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052957.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052966.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052966.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052967.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052967.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052978.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052978.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052981.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052981.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052982.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052982.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052983.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052983.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052990.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052990.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052991.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052991.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052996.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052996.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053001.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053001.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053002.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053002.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053013.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053013.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053018.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053018.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053019.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053019.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053030.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053030.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053031.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053031.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053210.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053210.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053211.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053211.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053222.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053222.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053223.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053223.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053248.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0
BitDefender Online Scanner
Scan report generated at: Fri, Sep 12, 2008 - 21:28:12
Scan path: C:\;D:\;E:\;G:\;H:\;I:\;J:\;K:\;L:\;M:\;N:\;
Statistics
Time
01:05:26
Files
311615
Folders
9805
Boot Sectors
0
Archives
8407
Packed Files
14133
Results
Identified Viruses
5
Infected Files
3001
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3001
Engines Info
Virus Definitions
1754178
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 10 2008 19:37:42)
Scan plugins
16
Archive plugins
43
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\QooBox\Quarantine\C\upload_moi_115143250318\WINDOWS\System32\cmd-brontok.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\upload_moi_115143250318\WINDOWS\System32\cmd-brontok.exe.vir
Deleted
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar=>WINDOWS/System32/cmd-brontok.exe
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar=>WINDOWS/System32/cmd-brontok.exe
Deleted
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir=>upload_moi.tar
Updated
C:\QooBox\Quarantine\C\upload_moi_115143250318.tar.gz.vir
Updated
C:\QooBox\Quarantine\C\WINDOWS\KesenjanganSosial.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\KesenjanganSosial.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\Administrateur.115143250318's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\Administrateur.115143250318's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\cmd-brontok.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\cmd-brontok.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\JAWAD's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\JAWAD's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\SAIDA's Setting.scr.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\C\WINDOWS\system32\SAIDA's Setting.scr.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\Administrateur.115143250318\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\Administrateur.115143250318\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\lsass.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\services.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\JAWAD\Local Settings\Application Data\winlogon.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\inetinfo.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\lsass.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\services.exe.vir
Deleted
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe.vir
Infected with: Win32.Brontok.BV@mm
C:\QooBox\Quarantine\D\Documents and Settings\SAIDA\Local Settings\Application Data\winlogon.exe.vir
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026563.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026563.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026565.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026565.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026566.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026566.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026567.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0026567.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028150.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028150.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028403.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028403.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028945.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP100\A0028945.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0033488.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0033488.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0034282.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0034282.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0035244.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0035244.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0036861.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0036861.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041517.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041517.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041518.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041518.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041529.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041529.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041530.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041530.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041537.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041537.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041538.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041538.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041549.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041549.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041550.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041550.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041557.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041557.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041558.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041558.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041569.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041569.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041570.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041570.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041578.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041578.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041579.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041579.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041589.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041589.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041590.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041590.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041599.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041599.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041600.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041600.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041611.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041611.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041612.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041612.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041618.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041618.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041619.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041619.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041629.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041629.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041630.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP104\A0041630.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042113.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042113.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042114.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042114.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042124.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042124.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042125.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP105\A0042125.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042249.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042249.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042702.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042702.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042703.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042703.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042714.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042714.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042715.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP107\A0042715.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0043892.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0043892.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044292.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044292.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044293.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044293.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044304.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044304.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044305.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP109\A0044305.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0045482.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0045482.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046525.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046525.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046526.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046526.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046535.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046535.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046538.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046538.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046550.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046550.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046551.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046551.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046561.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046561.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046562.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046562.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046567.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046567.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046568.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046568.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046579.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046579.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046580.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046580.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046783.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046783.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046784.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046784.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046795.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046795.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046796.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP111\A0046796.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP113\A0047596.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP113\A0047596.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP114\A0049469.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP114\A0049469.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049470.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049470.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049471.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049471.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049472.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049472.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049484.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049484.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049485.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049485.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049496.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049496.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049497.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049497.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049505.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049505.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049506.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049506.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049517.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049517.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049518.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049518.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049532.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049532.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049537.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049537.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049538.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049538.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049539.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049539.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049551.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049551.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049556.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049556.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049557.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049557.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049568.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049568.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049569.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049569.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049660.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP115\A0049660.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049691.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049691.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049692.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049692.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049693.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049693.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049700.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049700.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049982.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049982.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049983.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049983.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049994.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049994.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049995.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0049995.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050003.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050003.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050013.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050013.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050014.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050014.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050025.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050025.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050027.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050027.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050028.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050028.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050029.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050029.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050030.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050030.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050041.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050041.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050042.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050042.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050047.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050047.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050052.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050052.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050053.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050053.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050064.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050064.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050065.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050065.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050070.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050070.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050071.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050071.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050081.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050081.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050082.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050082.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050086.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050086.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050087.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050087.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050098.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050098.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050099.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050099.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050103.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050103.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050104.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050104.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050115.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050115.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050121.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050121.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050122.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050122.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050133.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050133.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050138.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050138.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050139.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050139.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050149.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050149.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050150.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP116\A0050150.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050186.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050186.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050187.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050187.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050188.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050188.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050323.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050323.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050324.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050324.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050335.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050335.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050336.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050336.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050341.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050341.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050342.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050342.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050353.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050353.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050354.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050354.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050361.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050361.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050362.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050362.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050372.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050372.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050373.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050373.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050379.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050379.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050380.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050380.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050390.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050390.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050391.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP117\A0050391.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050392.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050392.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050393.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050393.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050394.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP118\A0050394.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050401.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050401.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050402.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050402.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050403.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050403.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050542.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050542.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050543.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050543.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050553.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050553.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050554.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP119\A0050554.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050660.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050660.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050661.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050661.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050669.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050669.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050672.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050672.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050682.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050682.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050683.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050683.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050684.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050684.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050700.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050700.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050701.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050701.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050712.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050712.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050713.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050713.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050725.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050725.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050731.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050731.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050732.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050732.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050743.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050743.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050748.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050748.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050749.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050749.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050760.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050760.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050761.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050761.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050874.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050874.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050875.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050875.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050886.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050886.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050887.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP120\A0050887.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050890.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050890.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050891.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050891.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050892.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050892.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050909.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050909.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050910.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050910.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050918.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050918.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050920.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050920.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050933.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050933.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050934.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050934.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050944.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050944.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050945.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050945.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050950.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050950.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050951.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050951.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050961.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050961.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050962.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050962.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050967.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050967.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050968.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050968.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050979.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050979.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050980.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050980.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050985.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050985.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050986.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050986.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050997.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050997.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050998.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP121\A0050998.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0050999.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0050999.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051000.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051000.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051001.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051001.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051018.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051018.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051019.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051019.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051030.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051030.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051031.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP122\A0051031.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051036.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051036.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051037.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051037.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051047.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051047.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051048.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051048.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051053.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051053.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051054.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051054.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051065.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051065.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051066.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP123\A0051066.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052712.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052712.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052738.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052738.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052739.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052739.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052750.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052750.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052751.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052751.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052957.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052957.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052966.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052966.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052967.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052967.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052978.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052978.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052981.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052981.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052982.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052982.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052983.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052983.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052990.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052990.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052991.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052991.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052996.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0052996.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053001.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053001.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053002.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053002.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053013.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053013.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053018.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053018.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053019.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053019.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053030.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053030.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053031.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053031.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053210.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053210.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053211.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053211.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053222.scr
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053222.scr
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053223.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053223.exe
Deleted
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0053248.exe
Infected with: Win32.Brontok.BV@mm
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP125\A0
saidachahid
le 12 septembre 2008 à 21h52
oui j'ai remarquée que mes fichier ne sont plus e ndouble et que la page brontok n'apparait plus dans mes fichiers
dédétraqué
le 12 septembre 2008 à 21h55
Salut saidachahid
Ça c'est le bon rapport, tout a été supprimé a première vue.
As-tu d'autre souci?
@++
Ça c'est le bon rapport, tout a été supprimé a première vue.
As-tu d'autre souci?
@++
saidachahid
le 12 septembre 2008 à 21h57
non a part le brontok tou va bien je voulais te remercié encore 1000 fois pur ton aide et ta patience.
sinon qu'elle antivirus me conseil tu
merci encore
sinon qu'elle antivirus me conseil tu
merci encore
dédétraqué
le 12 septembre 2008 à 22h08
Salut saidachahid
Bien de rien, je te conseil Antivir de Avira :
http://www.free-av.com/en/download/download_servers.php
Aide : http://www.malekal.com/tutorial_antivir.php
Voici l'utilitaire pour la désinstallation de Norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/2005041(...)
- Supprime ComboFix.exe du bureau
- Supprime C:\ Qoobox
-Supprime tous les rapports qui on été généré lors de la désinfection, ainsi que les outils restants.
- Vide la corbeille
-----
- Je te donne quelques consignes de sécurité :
- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php
Si tu considère ton problème comme résolu, édite![[:jlj:3]](/data/globaldata/usmilies/jlj-3.gif "[:jlj:3]")
ton premier poste et ajoute [résolu] dans le titre.
@++
Bien de rien, je te conseil Antivir de Avira :
http://www.free-av.com/en/download/download_servers.php
Aide : http://www.malekal.com/tutorial_antivir.php
Voici l'utilitaire pour la désinstallation de Norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/2005041(...)
- Supprime ComboFix.exe du bureau
- Supprime C:\ Qoobox
-Supprime tous les rapports qui on été généré lors de la désinfection, ainsi que les outils restants.
- Vide la corbeille
-----
- Je te donne quelques consignes de sécurité :
- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php
Si tu considère ton problème comme résolu, édite
ton premier poste et ajoute [résolu] dans le titre. @++
PRODUITS
- Portables |
- PC |
- Moniteurs |
- Photo / Vidéo |
- T.V. |
- Audio |
- GPS |
- Stockage |
- Téléphonie |
- autres catégories
TÉLÉCHARGER - LOGICIELS
- Windows & logiciels |
- Bureautique |
- Développement |
- Internet |
- Jeux |
- Loisirs |
- Multimédia |
- Personnaliser son pc |
- Sécurité |
- Utilitaires |
- Logiciels Linux |
- logiciels Mac
JEUX VIDÉOS
- jeux PC |
- Xbox |
- Playstation |
- Wii |
- PSP |
- DS |
- Action |
- Aventure |
- MMORPG |
- Sports |
- Simulation |
- Enfant |
- Soluces et astuces
LOISIRS
01NET PRO
- Réseaux et Internet |
- Programmation et développement |
- Logiciels d'entreprise |
- Systèmes d'exploitation en entreprise |
- Sécurité en entreprise |
- Entreprenariat |
- Emploi |
- Services PRO |
- Matériel PRO
AVIS ET COMMENTAIRES
- Les actualités de 01net. |
- Avis sur les jeux vidéos |
- Avis sur les produits |
- Avis sur les logiciels |
A PROPOS DE 01NET
publicité
Messages des modérateurs
Discussions les plus actives
- mon pc rame a mort j ai des pic de uc a 70 a 100 %
- virus ou anti-virus 360? comment s'en débarrasser, je galère
- PC extremement lent et msg d'erreur
- disque dur,amovible,interne ne s'ouvre plus en 2 clic(virus)
- Connection internet impossible causée par virus
- comment nettoyer mon ordinateur?
- [RESOLU] Avast, pare feu ... tous bloqués !!
- infecté par spyware-secure ? (résolu)
- macrovirus : W97/Thus.AD (résolu)
- virus et disfonctionnement
 |
 |
> Jeu : Mysterious City Vegas
Découvrez plus de 1000 objets cachés !
|
 |
||
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter
|
Charte de confiance
|
Voir notice légale
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.