Sujet Précédent Sujet Suivant

Virus Trojan rootkit.win32.tdss

Résolu/Fermé
steve9501 - 21 déc. 2010 à 20:48
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011 - 13 janv. 2011 à 13:03
Bonjour, cela fait un bon bout de temps que j'essaye de réparer ce problème. J'ai un virus nommé rootkit.win32.tdss.fa. J'utilise kaspersky 2011 et il n'arrive pas à le supprimé. Que faire ?


A voir également:

14 réponses

Réponse 1 / 14
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
22 déc. 2010 à 18:23
hello vous deux

steve, tu restes ici !!

et avec une version Windows modifiée, il faut être plutôt discret

pour avancer ton helper car tu es tres tres infecté

1)
Téléchargez USBFIX de El Desaparecido, C_xx

http://www.teamxscript.org/usbfixTelechargement.html

ou

http://teamxscript.changelog.fr/UsbFix.html

/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

Double clic sur le raccourci UsbFix présent sur le bureau .

Choisir l'option suppression
(d'autres options disponibles, voir le tutoriel).
Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.

Si un message te demande de redémarrer l'ordinateur fais le ...

Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse


* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.




UsbFix peut te demander d'uploader un dossier compressé à cette adresse : http://www.teamxscript.org/Sample/Upload.php

Il est enregistré sur ton bureau.

Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

.................

2)

Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

...............

3)

Fais un nouveau rapport ZHPdiag stp

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message


3
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
22 déc. 2010 à 18:43
Merci beaucoup moment de grace :)
Tu sais quoi faire steve.
0
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
22 déc. 2010 à 18:44
désolé il est venu chez moi...trop impatient

bon courage pour la suite et souhaitons que MBAM assure !!!!
0
Réponse 2 / 14
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
21 déc. 2010 à 22:31
on va passer directement au nettoyage tant pis pour le log zhp, on y reviendra.

* Télécharge TDSSKiller sur votre bureau

https://support.kaspersky.com/downloads/utils/tdsskiller.zip

désactive ta protection antivirus.

* Créer un nouveau dossier sur votre bureau puis décompressez l'archive dedans
* Lance le programme en cliquant sur TDSSKiller.exe, laisse les 2 cases cochées et clique sur "start scan", attend la fin du scan, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.

vérifier que l'option "Cure" est sélectionnée pour les infections (malicious), et sélectionner "Skip" pour les fichiers suspects (suspicious), note le nom des fichiers supects et leur hash MD5 s'il y en a puis transmet les moi dans ta prochaine réponse.

* Un message peut ensuite apparaitre demandant de redémarrer le pc (reboot)pour finir le nettoyage. taper "Y" pour redémarrer le PC ("close all programs and choose Y to restart").

Informations complémentaires sur cet outil :
https://support.kaspersky.com/5350

refait un zhpdiag (pense à activer la ligne O80, si ça marche toujours pas désactive la) ensuite et post le (http://cjoint.com)
1
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
21 déc. 2010 à 22:40
Malicious objects :

Rootkit.Win32.TDSS.tdl4 Cure

physical drive

Name: \HardDisk0
0
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
21 déc. 2010 à 22:40
J'ai fais continué et : \HardDisk0 - will be cured after reboot
0
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
21 déc. 2010 à 22:41
Bon je vais continué demain connecte toi Stp merci bcp
0
Réponse 3 / 14
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
21 déc. 2010 à 20:50
Salut,

Il faut être sur une session ADMINISTRATEUR pour désinfecter !!

Si tu utilise vista ou windows 7 et SEULEMENT pour vista et 7, désactive l'UAC :

VISTA :https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

7 : https://www.commentcamarche.net/informatique/windows/261-desactiver-le-controle-de-compte-d-utilisateur-uac-de-windows/

Laisse désactivé durant toute la désinfection, je te dirai quand réactiver

LIS BIEN LES INSTRUCTIONS :) et tant que je ne t'ai PAS confirmé la fin de la désinfection il FAUT revenir consulter REGULIEREMENT le forum même si les symptômes ont disparu :)


===============ZHPDIAG====================

On va faire un diagnostic du PC :

[*]Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

[*]Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

[*]Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
[*]Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
[*]Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :

https://www.cjoint.com/

tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
0
Réponse 4 / 14
steve9501
21 déc. 2010 à 20:52
J'utilise Windows XP et je suis la session Admin. C bon ?
0
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
21 déc. 2010 à 20:54
oui :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
steve9501
21 déc. 2010 à 21:10
C un peu long et il s'arrete a 44%. Je laisse comme ça ou j'arrete et je recommence.
0
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
21 déc. 2010 à 21:12
je te conseille juste (tu fais comme tu veux) de t'inscrire sur le site pour pouvoir suivre la désinfection plus simplement grâce au menu qui apparaitra à droite lorsque tu sera inscrit.

Si ça reste bloqué, essaye en mode sans échec :

redémarre ton pc et tapote la touche f8 avant l'apparition du logo de windows, ensuite sélectionne le mode sans échec avec prise en charge réseau.
0
steve9501
21 déc. 2010 à 21:14
Att ca commence a accéléré ( 80% ) ;)
0
steve9501
21 déc. 2010 à 21:19
Quand tu dis " inscrire sur le site " tu parle de quel site ? :)
0
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
21 déc. 2010 à 21:20
celui là
0
steve9501
21 déc. 2010 à 21:21
Euh lequel ? Zebulon ???
0
Réponse 6 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
22 déc. 2010 à 17:52
Je suis revenu est ce que t la Excessimo ??
0
Réponse 7 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
22 déc. 2010 à 17:54
Voici le cjoint : https://www.cjoint.com/?0mwr5GAE6aJ
0
Réponse 8 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
10 janv. 2011 à 09:57
Désolé pour le retard, en période de fete je n'étais pas chez moi. Mais bon je suis revenu donc Voila koi. Merci bcp et je vai vous poster le rapport MalwareByte's
0
Réponse 9 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
10 janv. 2011 à 09:58
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5489

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

10/01/2011 09:53:11
mbam-log-2011-01-10 (09-53-11).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 193858
Temps écoulé: 1 heure(s), 5 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 364

Processus mémoire infecté(s):
c:\WINDOWS\gwdrive32.exe (Trojan.Agent) -> 3512 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\B60JHDGR6V (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\H3O8CABBPI (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\SVCWINSPOOL (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\SVCWINSPOOL (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup (Trojan.Agent) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft Driver Setup (Trojan.Agent) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Taskman (Trojan.Agent) -> Value: Taskman -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Worm.Palevo) -> Value: Shell -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Remote Registry Service (Backdoor.Agent) -> Value: Remote Registry Service -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\WINDOWS\gwdrive32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-3123866764-9703841361-187780841-5565\csisf.exe (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\Admin\application data\ltzqai.exe (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\Admin\local settings\Temp\0068066.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0161.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\052074.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\06015.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0606.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0662293.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0737702.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\075998.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0823007.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\0908.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\Temp\1982.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\81AFKDEJ\a2[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Admin\mes documents\myfile.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\Temp\03399.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\Temp\117.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\temporary internet files\Content.IE5\0TER0XIV\9955[1].exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\temporary internet files\Content.IE5\0TER0XIV\a1[1].exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\temporary internet files\Content.IE5\4LIFCXAZ\9[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\temporary internet files\Content.IE5\KD6JWD2B\7[1].exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\temporary internet files\Content.IE5\SH6JC56N\8[1].exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\local settings\temporary internet files\Content.IE5\40VNY9EI\logo[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\local settings\temporary internet files\Content.IE5\YTCS3NWK\logo[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\rcfp[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\afkf[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\O[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\fxdc[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\bvpw[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\282[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\282[2].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\7[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\8704.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\m000[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\mabb[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\mobii[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\mobi[1].exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\nini[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\x[1] (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\0I42WJ9L\y[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\282[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\282[3].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\6306.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\anineh[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\sxco[1].jpg (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\fifa[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\mo[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\m[1].exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\wshh[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\x[1] (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\B4NAKV96\Y[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\1863[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\282[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\7[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\fofo[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\four[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\fxdc[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\cdf[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\iusee[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\afkf[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\bayyyy[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\vcco[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PAYNKS9W\mobile[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\mo3ak[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\mo[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\naaaa[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\naar[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\naar[2].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\nido[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\nouno[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\r[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\brx[1].php (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\282[2].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\282[3].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\4444[1].exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\abonoun[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\v[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\Xxtsz[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WMB379AQ\x[1] (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0041219.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048559.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048604.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048622.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048603.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048636.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048637.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048643.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0048653.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0049681.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0050681.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0050682.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0050714.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0050744.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0050745.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0051741.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0051744.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0053753.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0054749.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0054751.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP13\A0053754.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055341.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055343.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055370.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055389.bat (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055395.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055396.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055450.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055451.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055452.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055453.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055454.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055455.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055456.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055457.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055461.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055462.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055463.dll (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055471.exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055472.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055473.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0055560.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0058560.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0060562.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0061561.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062561.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062566.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062567.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062568.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062569.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062571.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062572.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062573.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062574.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062575.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062576.scr (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062577.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062578.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062579.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062580.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062581.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062582.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062583.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062584.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062585.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062586.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062587.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062589.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062590.exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062591.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062592.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062594.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062595.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0063557.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0063558.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0063559.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0063564.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064568.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064569.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064570.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064571.exe (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064576.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0064577.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0070573.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0072589.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0074587.exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0074591.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0074595.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0075593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0075596.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0075599.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0076595.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0076596.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0077591.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0077595.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062570.scr (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0062588.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0077596.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078592.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078593.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078597.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078598.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078603.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078604.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078611.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078612.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078616.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078617.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078618.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078622.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078623.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078624.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078631.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0078632.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079625.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079626.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079634.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079640.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079645.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079646.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0079647.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080644.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080645.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080651.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080706.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080707.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080657.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080658.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080736.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080738.exe (Worm.Email) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080742.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080743.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080744.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080751.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080752.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080753.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080754.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080755.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080756.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080757.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080758.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080759.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080774.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080815.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080750.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080834.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080924.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP19\A0080932.exe (Worm.Joleee) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084096.scr (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084098.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084099.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084100.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084115.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084118.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084120.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084143.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084148.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084152.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084156.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084161.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084165.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084168.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084172.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084179.exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084188.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084190.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084193.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084195.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084149.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084185.exe (Worm.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084204.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084207.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084215.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP20\A0084230.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{84a84a8e-137c-4f59-816a-5dd71067ef0c}\RP9\A0038634.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\1.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\061.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\090.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\10819.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\122.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\139.exe.vir (Worm.Email) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\156765.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\1890293.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\22167.exe.vir (Worm.Email) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\2239.exe.vir (Worm.Autorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\229.exe.vir (Worm.Autorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\2335.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\345.exe.vir (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3497587.exe.vir (Trojan.Tofsee) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3569552.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\35823.exe.vir (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3599.exe.vir (Trojan.Tofsee) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\534.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\535.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\547.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\5480010.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\562240.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\661.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\665.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\681.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\6822.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\683.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\688.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\112.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\637.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\891.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\8705281.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\159.exe.vir (Trojan.Tofsee) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\160.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\1719690.exe.vir (Worm.Email) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\1730995.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\175718.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\2721.exe.vir (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\28311.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\289919.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\303.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\308.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\31047.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3105.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3311.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\364.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\3902.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\413.exe.vir (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\4172929.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\4213.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\4256.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\43139.exe.vir (Worm.Email) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\4787492.exe.vir (Worm.Email) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\486015.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\51143.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\5211197.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\52948.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\58503.exe.vir (Trojan.LVBP) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\5916.exe.vir (Worm.Aurorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\630816.exe.vir (Trojan.Virtool) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\6339131.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\6351.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\70114.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\703303.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\7255.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\727411.exe.vir (Trojan.Tofsee) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\760.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\76543.exe.vir (Worm.Aurorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\7718.exe.vir (Worm.Joleee) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\892.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\9163774.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\DOCUME~1\Admin\LOCALS~1\Temp\92725.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-0601784316-9671380592-932614783-6421\csisd.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-0820244452-1456368182-457220358-5662\csisd.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-2478195761-2443979687-059666229-0575\winmap.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-3276529003-6514578038-293940097-3334\svmgr.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-3422414503-1099150157-504630525-8594\csisd.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-3577043979-9240232101-274485842-5518\svmgr.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-3944043484-4153925402-858954068-5461\svmgr.exe.vir (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-5081016591-9305169245-676805447-6276\csisf.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-5650233100-7064446839-183135880-0635\syscr.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-5662897338-3833027711-474357477-2959\svmgr.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-6158204731-2348655147-243558474-6525\winmap.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-7023234880-9690124206-985870644-4897\csidrv.exe.vir (Worm.Autorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-7795504617-2232542235-501552459-7637\csidrv.exe.vir (Worm.Autorun) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-7983928395-5722423191-357823345-9828\csisf.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-8160694175-7954967447-454490569-0218\csisf.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-8426751372-2303339953-743428555-8740\csisf.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-8659170353-6103957810-054672377-3550\csidrv.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-9577873104-6208647885-820835177-1201\csisd.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-9791673535-8379480045-951586002-1931\svmgr.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\00.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\06.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\17.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\18.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\20.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\22.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\25.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\34.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\46.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\48.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\60.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\nouveau dossier\téléchargements\mywebfacesetup2.3.67.1.nosa.nohp.grfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hosts (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\hosts (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\nigzss.txt (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\repsvc.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
0
Réponse 10 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
10 janv. 2011 à 10:05
Voici le fichier Cjoint : http://www.cijoint.fr/cjlink.php?file=cj201101/cijin9o4qZ.txt
0
Réponse 11 / 14
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
10 janv. 2011 à 19:25
mode sans échec :

redémarre ton pc et tapote la touche f8 avant l'apparition du logo de windows, ensuite sélectionne le mode sans échec avec prise en charge réseau.



* Lance ZHPFix il se trouve sur le bureau (si tu es sous Windows Vista ou Windows 7, lance le par un clic-droit dessus --> exécuter en temps qu'administrateur).

* Copie les lignes suivantes :

---------------------------------------------------

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[MD5.477D55E2D61E5004AB03F43CB646A5D7] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe [65536]
O4 - HKLM\..\Run: [Microsoft Driver Setup] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe
O4 - HKLM\..\policies\Explorer\Run: [Microsoft Driver Setup] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe
O44 - LFC:[MD5.477D55E2D61E5004AB03F43CB646A5D7] - 10/01/2011 - 09:59:02 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe [65536]
O47 - AAKE:Key Export SP - "C:\WINDOWS\system\lsass.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "G:\Key-Installer.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\WINDOWS\system\svhost.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O64 - Services: CurCS - C:\WINDOWS\system32\serivces.exe (.not file.) - Plug and Play Manager (PlugPlayCM) .(.Pas de propriétaire - Pas de description.) - LEGACY_PLUGPLAYCM
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
SS - | Auto 03/03/2004 0 | (PlugPlayCM) . (.Pas de propriétaire.) - C:\WINDOWS\system32\serivces.exe

---------------------------------------------------

* Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
* Les lignes se collent automatiquement dans ZHPFix.
* Clique sur « Ok » puis sur « Tous », puis sur « Nettoyer »
* Il est possible que des désinstallation de logiciel s'exécute, il faut accepter et finaliser la désinstallation.

postes le rapport
0
Réponse 12 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
10 janv. 2011 à 22:05
Voici le rapport (g copié/coller)


Rapport de ZHPFix 1.12.3236 par Nicolas Coolman, Update du 05/01/2011
Fichier d'export Registre : C:\ZHPExportRegistry-10-01-2011-22-09-10.txt
Run by Admin at 10/01/2011 22:09:10
Windows XP Professional Service Pack 2 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Processus mémoire ==========
C:\WINDOWS\gwdrive32.exe [65536] => Supprimé et mis en quarantaine

========== Clé(s) du Registre ==========
O64 - Services: CurCS - C:\WINDOWS\system32\serivces.exe (.not file.) - Plug and Play Manager (PlugPlayCM) .(.Pas de propriétaire - Pas de description.) - LEGACY_PLUGPLAYCM => Clé supprimée avec succès
SS - | Auto 03/03/2004 0 | (PlugPlayCM) . (.Pas de propriétaire.) - C:\WINDOWS\system32\serivces.exe => Clé supprimée avec succès

========== Valeur(s) du Registre ==========
O4 - HKLM\..\Run: [Microsoft Driver Setup] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe => Valeur supprimée avec succès
O4 - HKLM\..\policies\Explorer\Run: [Microsoft Driver Setup] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\gwdrive32.exe => Valeur supprimée avec succès
O47 - AAKE:Key Export SP - "C:\WINDOWS\system\lsass.exe" [Enabled] .(.) (.not file.) -- => Valeur supprimée avec succès
O47 - AAKE:Key Export SP - "G:\Key-Installer.exe" [Enabled] .(.) (.not file.) -- => Valeur supprimée avec succès
O47 - AAKE:Key Export SP - "C:\WINDOWS\system\svhost.exe" [Enabled] .(.) (.not file.) -- => Valeur supprimée avec succès
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente

========== Elément(s) de donnée du Registre ==========
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified => Donnée supprimée avec succès

========== Fichier(s) ==========
c:\windows\system32\serivces.exe => Fichier absent


========== Récapitulatif ==========
1 : Processus mémoire
2 : Clé(s) du Registre
7 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
1 : Fichier(s)


End of the scan
0
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
Modifié par Excessimo le 11/01/2011 à 14:38
refais moi un zhpdiag stp
0
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
11 janv. 2011 à 20:37
http://www.cijoint.fr/cjlink.php?file=cj201101/cijIxXeS1m.txt
0
Réponse 13 / 14
Excessimo Messages postés 2111 Date d'inscription jeudi 15 juillet 2010 Statut Membre Dernière intervention 30 novembre 2012 157
11 janv. 2011 à 21:31
En mode normal

* relance ZHPFix il se trouve sur le bureau (si tu es sous Windows Vista ou Windows 7, lance le par un clic-droit dessus --> exécuter en temps qu'administrateur).

* Copie les lignes suivantes :

---------------------------------------------------

O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\ggdrive32.exe (.not file.)
O4 - HKLM\..\policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\ggdrive32.exe (.not file.)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe

---------------------------------------------------

* Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
* Les lignes se collent automatiquement dans ZHPFix.
* Clique sur « Ok » puis sur « Tous », puis sur « Nettoyer »
* Il est possible que des désinstallation de logiciel s'exécute, il faut accepter et finaliser la désinstallation.

postes le rapport


puis en mode sans échec, cette ligne :

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified

poste le rapport aussi.
0
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
13 janv. 2011 à 12:59
Rapport de ZHPFix 1.12.3236 par Nicolas Coolman, Update du 05/01/2011
Fichier d'export Registre :
Run by Admin at 13/01/2011 13:04:38
Windows XP Professional Service Pack 2 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Valeur(s) du Registre ==========
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\ggdrive32.exe (.not file.) => Valeur absente
O4 - HKLM\..\policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\ggdrive32.exe (.not file.) => Valeur absente
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente

========== Fichier(s) ==========
c:\windows\ggdrive32.exe => Fichier absent


========== Récapitulatif ==========
4 : Valeur(s) du Registre
1 : Fichier(s)


End of the scan
0
Réponse 14 / 14
steve9501 Messages postés 21 Date d'inscription mardi 21 décembre 2010 Statut Membre Dernière intervention 19 janvier 2011
13 janv. 2011 à 13:03
Rapport de ZHPFix 1.12.3236 par Nicolas Coolman, Update du 05/01/2011
Fichier d'export Registre :
Run by Admin at 13/01/2011 13:08:38
Windows XP Professional Service Pack 2 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Elément(s) de donnée du Registre ==========
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified => Donnée supprimée avec succès


========== Récapitulatif ==========
1 : Elément(s) de donnée du Registre


End of the scan
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses