Home > General > Rimafafu.dll

Rimafafu.dll

rimafafu.dll Started by rantheman27 , Apr 30 2009 04:03 AM This topic is locked 3 replies to this topic #1 rantheman27 rantheman27 Members 3 posts OFFLINE Local time:01:35 AM Posted NOTE : Le rapport se trouve également ici : C:\Combofix.txt Donnez votre avis Utile +0 Signaler kisscool071 57Messages postés lundi 10 décembre 2007Date d'inscription 2 mai 2009 Dernière intervention 16 avril Please re-enable javascript to access full functionality. iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast!

Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792] S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2006-12-10 24576] S3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\L260x86.sys [2006-12-13 25600] This applies only to the original poster. Voici le rapport : ComboFix 09-04-21.A1 - user 21/04/2009 9:01.5 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1919.1223 [GMT -4:00] Lancé depuis: c:\users\user\Downloads\ComboFix.exe AV: avast! c:\windows\system32\acovcnt.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-21 au 2009-04-21 )))))))))))))))))))))))))))))))))))) . 2009-04-20 18:23 . 2009-04-21 02:39 -------- d-----w c:\programdata\wegagolu 2009-04-20 18:23 . 2009-04-21 02:39 -------- d-----w c:\programdata\hupetetu 2009-04-20 18:23 . 2009-04-20

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. c:\windows\System32\Ati2evxx.exe c:\windows\System32\audiodg.exe c:\windows\System32\Ati2evxx.exe c:\program files\ATK Hotkey\ASLDRSrv.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\ATK Hotkey\HControl.exe c:\program files\ATKOSD2\ATKOSD2.exe c:\program files\Wireless Console 2\wcourier.exe c:\program files\P4G\BatteryLife.exe c:\program files\ASUS\Splendid\ACMON.exe c:\windows\System32\ACEngSvr.exe c:\program files\ATK Hotkey\ATKOSD.exe c:\program files\Common Je l'ai désinstallé 2 fois puis réinstallé. EXE ERRORS: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z OTHER DLL ERRORS:

antivirus 4.8.1169 [VPS 090321-0] *On-access scanning enabled* (Updated) AV: Norton Internet Security *On-access scanning enabled* (Outdated) FW: Norton Internet Security *disabled* * Un nouveau point de restauration a été créé . Please advise next steps richbuff 24.01.2009 12:45 Run this script, PC will reboot: CODEbeginSetAVZGuardStatus(True);SearchRootkit(true, true);QuarantineFile('c:\windows\system32\kuyedowo.dll','');QuarantineFile('c:\windows\system32\vihobuwu.dll','');QuarantineFile('c:\windows\system32\wifukolu.dll','');QuarantineFile('c:\windows\system32\yuteloki.dll','');QuarantineFile('c:\windows\system32\yutepuwa.dll','');QuarantineFile('c:\windows\system32\hutudoki.dll','');QuarantineFile('c:\windows\system32\rojayefi.dll','');QuarantineFile('c:\windows\system32\sewovego.dll','');QuarantineFile('c:\windows\system32\yibulura.dll','');QuarantineFile('c:\windows\system32\kogonubo.dll','');QuarantineFile('c:\windows\system32\tuyuvela.dll','');QuarantineFile('c:\windows\system32\deploytk.dll','');QuarantineFile('c:\windows\system32\merunime.dll','');QuarantineFile('c:\windows\system32\vajarusu.dll','');QuarantineFile('c:\windows\system32\zosamulo.dll','');QuarantineFile('c:\windows\system32\bewiseru.dll','');QuarantineFile('c:\windows\system32\bososiga.dll','');QuarantineFile('c:\windows\system32\nohutabo.dll','');QuarantineFile('c:\windows\system32\fataleti.dll','');QuarantineFile('c:\windows\system32\jahomayo.dll','');QuarantineFile('c:\windows\system32\fepayaju.dll','');QuarantineFile('c:\windows\system32\damopore.dll','');QuarantineFile('c:\windows\system32\rejufopa.dll','');QuarantineFile('c:\windows\system32\fobamito.dll','');QuarantineFile('c:\windows\system32\pugohawu.dll','');QuarantineFile('c:\windows\system32\hosezora.dll','');QuarantineFile('c:\windows\system32\wujiwibe.dll','');QuarantineFile('c:\windows\system32\fevudufe.dll','');QuarantineFile('c:\windows\system32\jefugiwo.dll','');QuarantineFile('c:\windows\system32\lajogilo.dll','');QuarantineFile('c:\windows\system32\tineraka.dll','');QuarantineFile('c:\windows\system32\mihamake.dll','');QuarantineFile('c:\windows\system32\pirotima.dll','');QuarantineFile('c:\windows\system32\hutijezu.dll','');QuarantineFile('c:\windows\system32\yebokafe.dll','');QuarantineFile('c:\windows\system32\vizisida.dll','');QuarantineFile('c:\windows\system32\jamuyate.dll','');QuarantineFile('c:\windows\system32\wafadewi.dll','');QuarantineFile('c:\windows\system32\tuveruwu.dll','');QuarantineFile('c:\windows\system32\hikenile.dll','');QuarantineFile('c:\windows\system32\yireniye.dll','');QuarantineFile('c:\windows\system32\fuhiheje.dll','');QuarantineFile('c:\windows\system32\ravodifu.dll','');QuarantineFile('c:\windows\system32\kovuzuwa.dll','');QuarantineFile('c:\windows\system32\dihahofi.dll','');QuarantineFile('c:\windows\system32\mekiroba.dll','');QuarantineFile('c:\windows\system32\yozofuko.dll','');QuarantineFile('c:\windows\system32\gubebusi.dll','');QuarantineFile('c:\windows\system32\ledamine.dll','');QuarantineFile('c:\windows\system32\rihevuro.dll','');QuarantineFile('c:\windows\system32\rimafafu.dll','');QuarantineFile('c:\windows\system32\lupujuye.dll','');QuarantineFile('c:\windows\system32\wemifidu.dll','');QuarantineFile('c:\windows\system32\bolivovi.dll','');QuarantineFile('c:\windows\system32\havibola.dll','');QuarantineFile('c:\windows\system32\garokeha.dll','');QuarantineFile('c:\windows\system32\tazogike.dll','');QuarantineFile('c:\windows\system32\telariva.dll','');QuarantineFile('c:\windows\system32\modopodu.dll','');QuarantineFile('c:\windows\system32\goqxol.bak','');DeleteFile('c:\windows\system32\goqxol.bak');DeleteFile('c:\windows\system32\modopodu.dll');DeleteFile('c:\windows\system32\telariva.dll');DeleteFile('c:\windows\system32\tazogike.dll');DeleteFile('c:\windows\system32\garokeha.dll');DeleteFile('c:\windows\system32\havibola.dll');DeleteFile('c:\windows\system32\bolivovi.dll');DeleteFile('c:\windows\system32\wemifidu.dll');DeleteFile('c:\windows\system32\lupujuye.dll');DeleteFile('c:\windows\system32\rimafafu.dll');DeleteFile('c:\windows\system32\rihevuro.dll');DeleteFile('c:\windows\system32\ledamine.dll');DeleteFile('c:\windows\system32\gubebusi.dll');DeleteFile('c:\windows\system32\yozofuko.dll');DeleteFile('c:\windows\system32\mekiroba.dll');DeleteFile('c:\windows\system32\dihahofi.dll');DeleteFile('c:\windows\system32\kovuzuwa.dll');DeleteFile('c:\windows\system32\ravodifu.dll');DeleteFile('c:\windows\system32\fuhiheje.dll');DeleteFile('c:\windows\system32\yireniye.dll');DeleteFile('c:\windows\system32\hikenile.dll');DeleteFile('c:\windows\system32\tuveruwu.dll');DeleteFile('c:\windows\system32\wafadewi.dll');DeleteFile('c:\windows\system32\jamuyate.dll');DeleteFile('c:\windows\system32\vizisida.dll');DeleteFile('c:\windows\system32\yebokafe.dll');DeleteFile('c:\windows\system32\hutijezu.dll');DeleteFile('c:\windows\system32\pirotima.dll');DeleteFile('c:\windows\system32\mihamake.dll');DeleteFile('c:\windows\system32\tineraka.dll');DeleteFile('c:\windows\system32\lajogilo.dll');DeleteFile('c:\windows\system32\jefugiwo.dll');DeleteFile('c:\windows\system32\fevudufe.dll');DeleteFile('c:\windows\system32\wujiwibe.dll');DeleteFile('c:\windows\system32\hosezora.dll');DeleteFile('c:\windows\system32\pugohawu.dll');DeleteFile('c:\windows\system32\fobamito.dll');DeleteFile('c:\windows\system32\rejufopa.dll');DeleteFile('c:\windows\system32\damopore.dll');DeleteFile('c:\windows\system32\jahomayo.dll');DeleteFile('c:\windows\system32\fepayaju.dll');DeleteFile('c:\windows\system32\fataleti.dll');DeleteFile('c:\windows\system32\nohutabo.dll');DeleteFile('c:\windows\system32\bososiga.dll');DeleteFile('c:\windows\system32\bewiseru.dll');DeleteFile('c:\windows\system32\zosamulo.dll');DeleteFile('c:\windows\system32\vajarusu.dll');DeleteFile('c:\windows\system32\merunime.dll');DeleteFile('c:\windows\system32\deploytk.dll');DeleteFile('c:\windows\system32\tuyuvela.dll');DeleteFile('c:\windows\system32\kogonubo.dll');DeleteFile('c:\windows\system32\yibulura.dll');DeleteFile('c:\windows\system32\sewovego.dll');DeleteFile('c:\windows\system32\rojayefi.dll');DeleteFile('c:\windows\system32\hutudoki.dll');DeleteFile('c:\windows\system32\yutepuwa.dll');DeleteFile('c:\windows\system32\yuteloki.dll');DeleteFile('c:\windows\system32\wifukolu.dll');DeleteFile('c:\windows\system32\vihobuwu.dll');DeleteFile('c:\windows\system32\kuyedowo.dll');RegKeyDel('HKCU','Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2');BC_ImportDeletedList;ExecuteSysClean;BC_Activate;RebootWindows(true);end.Then, run this one:CODEbeginCreateQurantineArchive('c:\quarantine.zip');end.A file called quarantine.zip should be created in C:\. This Topic is closed. Share this post Link to post Share on other sites This topic is now closed to further replies.

Ne touche à rien tant que le scan n'est pas terminé. [*]Une fois le scan achevé, un rapport va s'afficher : poste son contenu. [*]Si le fichier ne s'ouvre pas, il Je l'ai mis en quarantaine. I've tried everything in the book to get this thing removed.Please help!Below are the Hijackthis logs:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:29:28 AM, on 10/8/2009Platform: Windows XP SP2 (WinNT Le bureau va disparaître à plusieurs reprises : c'est normal.

Restart Kaspersky. We are fellow Kaspersky users. Pour le moment internet a l'air de fonctionner correctement, pas de lenteur ni de pubs. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know.

Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Information on A/V control HERER,K The only easy day was yesterday. ...some do, some don't; some will, some won't (WR) Back to top #3 rantheman27 rantheman27 Topic Starter Members 3 posts If not please perform the following steps below so we can have a look at the current condition of your machine. BLEEPINGCOMPUTER NEEDS YOUR HELP!

Good luck. Please install the application again. " "Dll Registration: Failed for file "C:\WINDOWS\System32\ramamibe.dll" "c:\windows\System32\ramamibe.dll missing or corrupt: Please re-install a copy of the above file." "This program has performed an illegal operation Common ramamibe.dll messages ramamibe.dll Not Found" "C:\WINDOWS\system32\ramamibe.dll access is denied." "A required component is missing: ramamibe.dll. Ad-Remover nous donnerais deja un resultat Donnez votre avis Utile +0 Signaler eZula 3368Messages postés samedi 26 avril 2008Date d'inscription ContributeurStatut 31 mars 2014 Dernière intervention 16 avril 2009 à 09:12

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Thinking a quick uninstall/reinstall would help I did so, but, again, I got the same message. We received the files of ramamibe.dll on 23.2.200 and detected it is a virus. Combofix s'est remis à fonctionner, je n'ai pas compris le problème.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Heure de fin: 2009-04-16 10:43 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-16 14:43 Avant-CF: 20 365 041 664 octets libres Après-CF: 21 653 807 104 octets libres 230 --- E O F --- 2009-04-16 06:45 Au redémarage uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab DPF: {2108E348-A0C0-1563-D327-730450CF5E34} - hxxp://www.shockwave.com/content/dinerdash/sis/DDComcast.1.0.0.39.cab DPF: {210B1348-30C0-1F63-2B27-7A0450545277} - hxxp://www.shockwave.com/content/dinerdash/sis/DDKnorr.1.0.0.44.cab DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-1.1.cab

Voici le rapport de GenProc : Rapport GenProc 2.525 [1] - 16/04/2009 à 2:36:49 - Windows Vista GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

It can scan through the system and find the possible destroyed files. Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Usually located in c:\combofix.txt , please attach it to your next post.

Do not apply the instructions from this thread to your own machine. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Recherche de fichiers cachés ...

No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your Should you need it reopened, please contact a Forum Moderator. The errors within the registry are the most serious problems.